[ALAS-2012-123] Amazon Linux - ALAS-2012-123: important priority package update for libxslt
Package updates are available for Amazon Linux that fix the following vulnerabilities:
CVE-2012-2871:
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
852935:
CVE-2012-2871 libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
CVE-2012-2870:
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
Several denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash.
852937:
CVE-2012-2870 libxslt: Use-after-free when processing an invalid XPath expression
CVE-2012-2825:
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
Several denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash.
835982:
CVE-2012-2825 libxslt: DoS when reading unexpected DTD nodes in XSLT
CVE-2011-3970:
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Several denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash.
788826:
CVE-2011-3970 libxslt: Out-of-bounds read when parsing certain patterns
CVE-2011-1202:
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
An information leak could occur if an application using libxslt processed an untrusted XPath expression, or used a malicious XSL file to perform an XSL transformation. If combined with other flaws, this leak could possibly help an attacker bypass intended memory corruption protections.
A flaw was found in the Firefox XSLT generate-id() function. This function returned the memory address of an object in memory, which could possibly be used by attackers to bypass address randomization protections.
Package | Affected Version |
---|---|
pkg:rpm/amazonlinux/libxslt?arch=x86_64&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt?arch=i686&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-python?arch=x86_64&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-python?arch=i686&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-devel?arch=x86_64&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-devel?arch=i686&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-debuginfo?arch=x86_64&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
pkg:rpm/amazonlinux/libxslt-debuginfo?arch=i686&distro=amazonlinux-1 | < 1.1.26-2.7.amzn1 |
- ID
- ALAS-2012-123
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2012-123.html
- Published
-
2012-09-22T21:33:00
(12 years ago) - Modified
-
2014-09-14T17:00:00
(10 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2011-1202 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202 | |
CVE | CVE-2011-3970 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970 | |
CVE | CVE-2012-2825 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825 | |
CVE | CVE-2012-2870 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2870 | |
CVE | CVE-2012-2871 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871 | |
redhat | RHSA-2012:1265 | https://rhn.redhat.com/errata/RHSA-2012:1265.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/libxslt?arch=x86_64&distro=amazonlinux-1 | amazonlinux | libxslt | < 1.1.26-2.7.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/libxslt?arch=i686&distro=amazonlinux-1 | amazonlinux | libxslt | < 1.1.26-2.7.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/libxslt-python?arch=x86_64&distro=amazonlinux-1 | amazonlinux | libxslt-python | < 1.1.26-2.7.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/libxslt-python?arch=i686&distro=amazonlinux-1 | amazonlinux | libxslt-python | < 1.1.26-2.7.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/libxslt-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | libxslt-devel | < 1.1.26-2.7.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/libxslt-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | libxslt-devel | < 1.1.26-2.7.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/libxslt-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | libxslt-debuginfo | < 1.1.26-2.7.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/libxslt-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | libxslt-debuginfo | < 1.1.26-2.7.amzn1 | amazonlinux-1 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |