Control: tags -1 + confirmed On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote: > Given the next jessie point release is approaching I would like to > propose a fix for CVE-2017-5029, #858546 via the upcoming point > release. > > Attached is the full debdiff. > > The debian/changelog reads as > > +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium > + > + * Non-maintainer upload. > + * Check for integer overflow in xsltAddTextString (CVE-2017-5029) > + (Closes: #858546)
Please go ahead, thanks. Regards, Adam
