Changes for page Engine_libxslt

Last modified by Nicolas Gregoire on 2012/07/23 16:53
From version Icon 41.1 Icon
edited by Nicolas Gregoire
on 2012/07/23 16:45
Change comment: There is no comment for this version
To version Icon 42.1 Icon
edited by Nicolas Gregoire
on 2012/07/23 16:45
Change comment: There is no comment for this version

Summary

Details

Icon Page properties
Content
... ... @@ -22,14 +22,26 @@
22 22  = Known parser bugs =
23 23  
24 24  |=CVE|=Title|=Ticket|=Credits
25 -|CVE-2012-2825|Wild read in XSL handling|[[127417>>https://code.google.com/p/chromium/issues/detail?id=127417||rel="__blank" title="127417" Sciences.
25 +|CVE-2012-2825|Wild read in XSL handling|[[127417>>https://code.google.com/p/chromium/issues/detail?id=127417||rel="__blank" title="127417"]]|Nicolas Gregoire
26 +|CVE-2011-3970|Out-of-bounds read in libxslt|[110277]|Aki Helin of OUSPG
26 26  
27 -|="Namespace|" element|="Parameter|"]]\\
28 -|http:~/~/www.jclark.com/xt|document|href|[[libxslt-xt-document.xsl>>attach:libxslt-xt-document.xsl]]\\
29 -|http:~/~/exslt.org/common|document|href|[[libxslt-exslt-document.xsl>>attach:libxslt-exslt-document.xsl]]\\
30 -|org.apache.xalan.xslt.extensions.Redirect|write|href|[[libxslt-xalan-write.xsl>>attach:libxslt-xalan-write.xsl]]\\
31 -|http:~/~/icl.com/saxon|output|href|[[libxslt-saxon-output.xsl>>attach:libxslt-saxon-output.xsl]]\\
28 +* Wild read CVE-2012-2825
29 +* Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.
30 +* [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
32 32  
32 +{{warning}}
33 +TODO: Add a page for libxml2
34 +{{/warning}}
35 +
36 +[129930] High CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla.
37 +[125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jüri Aedla.
38 +[107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
39 +[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno)
40 +[93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
41 +[89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
42 +
43 +
44 +
33 33  = Special features =
34 34  
35 35  * File creation