Alan Coopersmith reports:
On 6/16/25 15:12, Alan Coopersmith wrote:
BTW, users of libxml2 may also be using its sibling project, libxslt,
which currently has no active maintainer, but has three unfixed security issues
reported against it according to
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt
2 of the 3 have now been disclosed:
(CVE-2025-7424) libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes
https://gitlab.gnome.org/GNOME/libxslt/-/issues/139
https://project-zero.issues.chromium.org/issues/409761909
(CVE-2025-7425) libxslt: heap-use-after-free in xmlFreeID caused by `atype` corruption
https://gitlab.gnome.org/GNOME/libxslt/-/issues/140
https://project-zero.issues.chromium.org/issues/410569369
Engineers from Apple & Google have proposed patches in the GNOME gitlab issues,
but neither has had a fix applied to the git repo since there is currently no
maintainer for libxslt.
Note that a fourth vulnerability was reported on June 18, 2025, which remains undisclosed to date (GNOME libxslt issue 148, link below), see
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt
Iván Chavero reports vs. v1.1.44:
[CVE-2025-11731] Fix: End function node ancestor search at document