Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#53270 - [lib32-libxslt] Backport security fixes including the one for CVE-2017-5029

Attached to Project: Community Packages
Opened by Remi Gacogne (rgacogne) - Sunday, 12 March 2017, 13:01 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Tuesday, 11 April 2017, 09:28 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Sven-Hendrik Haase (Svenstaro)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No



Several security fixes [1][2][3][4][5] have been committed to the libxslt repository since the last release, but a new release doesn't seem to be planned soon. So of them are only DoS material but one [5] at least can lead to arbitrary code execution and has been assigned CVE-2017-5029. The libxslt package has been updated to backport most of those fixes, and it would be nice if the lib32-xslt package could follow the lead.


This task depends upon

Closed by  Sven-Hendrik Haase (Svenstaro)
Tuesday, 11 April 2017, 09:28 GMT
Reason for closing:  Fixed