========================================================================== Ubuntu Security Notice USN-1784-1 April 02, 2013 libxslt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Applications using libxslt could be made to crash if they processed a specially crafted file. Software Description: - libxslt: XSLT processing library Details: Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: libxslt1.1 1.1.26-14ubuntu0.1 Ubuntu 12.04 LTS: libxslt1.1 1.1.26-8ubuntu1.3 Ubuntu 11.10: libxslt1.1 1.1.26-7ubuntu0.2 Ubuntu 10.04 LTS: libxslt1.1 1.1.26-1ubuntu1.2 Ubuntu 8.04 LTS: libxslt1.1 1.1.22-1ubuntu1.4 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1784-1 CVE-2012-6139 Package Information: https://launchpad.net/ubuntu/+source/libxslt/1.1.26-14ubuntu0.1 https://launchpad.net/ubuntu/+source/libxslt/1.1.26-8ubuntu1.3 https://launchpad.net/ubuntu/+source/libxslt/1.1.26-7ubuntu0.2 https://launchpad.net/ubuntu/+source/libxslt/1.1.26-1ubuntu1.2 https://launchpad.net/ubuntu/+source/libxslt/1.1.22-1ubuntu1.4
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.