Debian Patches
Status for libxslt/1.1.35-1.2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-fix-autoconf-automake.patch | fix autoconf automake | Aron Xu <aron@debian.org> | no | 2012-10-03 | ||
| 0002-Make-generate-id-deterministic.patch | Make generate-id deterministic | Daniel Veillard <veillard@redhat.com> | yes | debian upstream | upstream, https://bugzilla.gnome.org/attachment.cgi?id=306475 | 2017-10-29 |
| 0003-remove-plugin-in-xslt-config.patch | remove-plugin-in-xslt-config Done in Debian upload 1.1.29-1 |
YunQiang Su <syq@debian.org> | no | 2017-10-29 | ||
| 0004-do-not-clean-manpage.patch | use the just-built xsltproc and the packaged stylesheet to rebuild the manpage if needed | Mattia Rizzolo <mattia@debian.org> | no | debian | 2020-03-04 | |
| 0005-Drop-libdir-and-static-linking-information-from-xslt.patch | Drop libdir and static linking information from xslt-config See https://bugs.debian.org/952115 for the static linking details. |
Mattia Rizzolo <mattia@debian.org> | no | debian | 2020-03-04 | |
| 0010_missing_include.diff | Add missing #include <stdlib.h> to fix FTFBS. | Andreas Metzler <ametzler@debian.org> | no | debian | 2024-07-09 | |
| 0011_libgcrypt_pkgconfig.diff | Use pkg-config to locate libgcrypt. | Andreas Metzler <ametzler@debian.org> | no | debian | 2024-07-09 | |
| 0012-CVE-2024-55549-Fix-UAF-related-to-excluded-namespace.patch | [CVE-2024-55549] Fix UAF related to excluded namespaces Definitions of excluded namespaces could be deleted in xsltParseTemplateContent. Store excluded namespace URIs in the stylesheet's dictionary instead of referencing the namespace definition. Thanks to Ivan Fratric for the report! Fixes #127. |
Nick Wellnhofer <wellnhofer@aevum.de> | yes | debian upstream | https://gitlab.gnome.org/GNOME/libxslt/-/commit/46041b65f2fbddf5c284ee1a1332fa2c515c0515 | 2024-12-05 |
| 0013-CVE-2025-24855-Fix-use-after-free-of-XPath-context-n.patch | [CVE-2025-24855] Fix use-after-free of XPath context node There are several places where the XPath context node isn't restored after modifying it, leading to use-after-free errors with nested XPath evaluations and dynamically allocated context nodes. Restore XPath context node in - xsltNumberFormatGetValue - xsltEvalXPathPredicate - xsltEvalXPathStringNs - xsltComputeSortResultInternal In some places, the transformation context node was saved and restored which shouldn't be necessary. Thanks to Ivan Fratric for the report! Fixes #128. |
Nick Wellnhofer <wellnhofer@aevum.de> | yes | debian upstream | https://gitlab.gnome.org/GNOME/libxslt/-/commit/c7c7f1f78dd202a053996fcefe57eb994aec8ef2 | 2024-12-17 |
All known versions for source package 'libxslt'
- 1.1.39-0exp1 (experimental)
- 1.1.35-1.2 (trixie, sid)
- 1.1.35-1 (bookworm)
- 1.1.34-4+deb11u1 (bullseye, bullseye-security)