Ubuntu has issued an advisory today (October 4): http://www.ubuntu.com/usn/usn-1595-1/ Patched packages uploaded for Mageia 1 and Mageia 2. Advisory: ======================== Updated libxslt packages fix security vulnerability: Double free vulnerability in libxslt allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms (CVE-2012-2893). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2893 http://www.ubuntu.com/usn/usn-1595-1/ ======================== Updated packages in core/updates_testing: ======================== xsltproc-1.1.26-5.4.mga1 libxslt1-1.1.26-5.4.mga1 python-libxslt-1.1.26-5.4.mga1 libxslt-devel-1.1.26-5.4.mga1 xsltproc-1.1.26-6.20120127.4.mga2 libxslt1-1.1.26-6.20120127.4.mga2 python-libxslt-1.1.26-6.20120127.4.mga2 libxslt-devel-1.1.26-6.20120127.4.mga2 from SRPMS: libxslt-1.1.26-5.4.mga1.src.rpm libxslt-1.1.26-6.20120127.4.mga2.src.rpm
Whiteboard: (none) => MGA1TOO
Testing procedure can be found on our wiki: https://wiki.mageia.org/en/QA_procedure:Libxslt
CC: (none) => wassiWhiteboard: MGA1TOO => MGA1TOO has_procedure
Testing complete mga2 32
Whiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure mga2-32-OK
testing complete mga2 64
Whiteboard: MGA1TOO has_procedure mga2-32-OK => MGA1TOO has_procedure mga2-32-OK mga2-64-OK
mga1 32 ok
Whiteboard: MGA1TOO has_procedure mga2-32-OK mga2-64-OK => MGA1TOO has_procedure mga2-32-OK mga2-64-OK mga1-32-OK
mga2-64-OK Validating Advisory and srpms in comment 0 Could sysadmin please push from core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsHardware: i586 => AllWhiteboard: MGA1TOO has_procedure mga2-32-OK mga2-64-OK mga1-32-OK => MGA1TOO has_procedure mga2-32-OK mga2-64-OK mga1-32-OK mga1-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0283
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED