Bugzilla – Bug 1035905
VUL-1: CVE-2017-5029: libxslt: integer overflow during a size calculation (xsltAddTextString function in transform.c)
Last modified: 2020-06-16 13:57:22 UTC
Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-5029 ==================================================== Description The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Source: MITRE Last Modified: 04/24/2017 ==================================================== Hyperlink [1] https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html [2] https://crbug.com/676623 [3] https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5 [4] https://security-tracker.debian.org/tracker/CVE-2017-5029 (open-)SUSE: https://software.opensuse.org/package/libxslt 1.2.9 (TW, official repo) 1.2.8 (42.{1,2}, official repo)
Created attachment 722618 [details] Updated patches for SLE-10, 11 and 12 and Factory. Fixed CVE-2017-5029 using the patch upstream. All codestreams are affected. See the following submissions: SUSE:SLE-12:Update 1.1.28 mr#131786 SUSE:SLE-11:Update 1.1.24 sr#131785 SUSE:SLE-10-SP3:Update 1.1.15 sr#131783 openSUSE:Factory 1.1.29 sr#491045 openSUSE:Leap:42.2:Update From SLE-12:GA openSUSE:Leap:42.1:Update From SLE-12:GA Added patches: libxslt-1.1.28-CVE-2017-5029.patch for SLE-12 and Factory libxslt-1.1.24-CVE-2017-5029.patch for SLE-10-SP3 and SLE-11 Assigning bug to security-team.
New submission for SLE-11 sr#131807.
SUSE-SU-2017:1282-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1005591,1035905,934119,952474 CVE References: CVE-2015-7995,CVE-2015-9019,CVE-2016-4738,CVE-2017-5029 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): libxslt-1.1.24-19.33.1, libxslt-python-1.1.24-19.33.3 SUSE Linux Enterprise Server 11-SP4 (src): libxslt-1.1.24-19.33.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): libxslt-1.1.24-19.33.1, libxslt-python-1.1.24-19.33.3
SUSE-SU-2017:1313-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1005591,1035905,934119,952474 CVE References: CVE-2015-7995,CVE-2015-9019,CVE-2016-4738,CVE-2017-5029 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Server 12-SP2 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Server 12-SP1 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Desktop 12-SP2 (src): libxslt-1.1.28-16.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libxslt-1.1.28-16.1
openSUSE-SU-2017:1390-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1005591,1035905,934119,952474 CVE References: CVE-2015-7995,CVE-2015-9019,CVE-2016-4738,CVE-2017-5029 Sources used: openSUSE Leap 42.2 (src): libxslt-1.1.28-10.3.1, libxslt-python-1.1.28-10.3.1
released