FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libxslt -- DoS vulnability due to type confusing error

Affected packages
libsxlt < 1.1.28_8

Details

VuXML ID ecc268f2-8fc2-11e5-918c-bcaec565249c
Discovery 2015-10-29
Entry 2015-11-20

libxslt maintainer reports:

CVE-2015-7995: http://www.openwall.com/lists/oss-security/2015/10/27/10 We need to check that the parent node is an element before dereferencing its namespace.

References

CVE Name CVE-2015-7995
URL https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617