Debian-LTS has issued an advisory on November 5: http://lwn.net/Alerts/705796/
Whiteboard: (none) => MGA5TOO
Assigning to the registered maintainer
CC: (none) => marja11Assignee: bugsquad => shlomif
Fixed on cauldron
CC: (none) => mageia
fixed on mga5 too.
Assignee: shlomif => qa-bugs
Advisory: ======================== Updated libxslt packages fix security vulnerability: A heap overread bug was found in libxslt, which can cause arbitrary code execution or denial of service (CVE-2016-4738). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738 https://www.debian.org/security/2016/dsa-3709 ======================== Updated packages in core/updates_testing: ======================== xsltproc-1.1.29-1.1.mga5 libxslt1-1.1.29-1.1.mga5 python-libxslt-1.1.29-1.1.mga5 libxslt-devel-1.1.29-1.1.mga5 from libxslt-1.1.29-1.1.mga5.src.rpm
Version: Cauldron => 5Whiteboard: MGA5TOO => (none)
CC: (none) => davidwhodginsWhiteboard: (none) => advisory
MGA5-32 on Acer D620 Xfce No installation issues Using at CLI # urpmq --whatrequires libxslt1 shows a.o. dia Used strace -o ~/Documenten/libxslt.txt dia, created two squares and a connecting line in dia. The resulting trace shows 4 calls to libxslt
CC: (none) => herman.viaeneWhiteboard: advisory => advisory MGA5-32-OK
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0394.html
Status: NEW => RESOLVEDResolution: (none) => FIXED