Source | Text Version

QSN-4164-1: libxslt vulnerabilities

October 22, 2019

Summary

Several security issues were fixed in Libxslt.

Details

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-18197)

References

https://usn.ubuntu.com/4164-1

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-13117

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-13118

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-18197

Update

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libxslt1.1

If the current version you have is before 1.1.28-2.1ubuntu0.3, run the following:

$ sudo apt-get update
$ sudo apt-get install libxslt1.1

Copyright © 2010-2015, OSNEXUS Corporation. All rights reserved.