libxslt-1.1.28-6.0.2.el7.AXS7
エラータID: AXSA:2025-9856:03
This C library allows to transform XML files into other XML files
(or HTML, text, ...) using the standard XSLT stylesheet transformation
mechanism. To use it you need to have a version of libxml2 >= 2.6.27
installed. The xsltproc command is a command line interface to the XSLT engine
Security Fix(es):
* CVE-2025-24855: fix use-after-free issue in numbers.c by restoring XPath
context node in nested XPath evaluations
CVE(s):
CVE-2025-24855
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
Update packages.
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
N/A
Asianux Server 7 for x86_64
- libxslt-1.1.28-6.0.2.el7.AXS7.i686.rpm
MD5: dd689275ecbbe068dff466460a7483d8
SHA-256: da9551127e1fe095f7ce30ecf73b2f38a38d926177d7e0eb9ff944699600cee1
Size: 236.16 kB - libxslt-1.1.28-6.0.2.el7.AXS7.x86_64.rpm
MD5: 8cade433c002f93d41ffcc1879db25cd
SHA-256: 36e7dcec7d6626467800a9b46b41ae3c7e4b3d53bbd6e57f870d72224e5463ca
Size: 240.97 kB - libxslt-devel-1.1.28-6.0.2.el7.AXS7.i686.rpm
MD5: 894fbd760a46fa37a5b277f053f41c98
SHA-256: 66582371ff1c71d231005e606db9a2464bee38c53b8103450ccbdb6f9c3b08b9
Size: 307.81 kB - libxslt-devel-1.1.28-6.0.2.el7.AXS7.x86_64.rpm
MD5: 6a08b5dc76344be578f81a332c4fc188
SHA-256: eafb5c5c439d467172539b63ec9c6f05d8397879861f869db76390de40e26e99
Size: 307.79 kB
日本語