| Errata ID | 580 |
|---|---|
| Date | 2019-09-11 |
| Source package | libxslt |
| Fixed in version | 1.1.29-2.1+deb9u1 |
| Description | This update addresses the following issues: * xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL (CVE-2019-11068) * An xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers (CVE-2019-13117) * Read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character (CVE-2019-13118) |
| Additional notes | |
| CVE ID | CVE-2019-11068 CVE-2019-13117 CVE-2019-13118 |
| UCS Bug number | #50157 |
