CVE-2016-1841

Priority
Medium
Description
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS
before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute
arbitrary code or cause a denial of service (memory corruption) via a
crafted web site.
References
Bugs
Notes
 mdeslaur> possibly https://bugzilla.gnome.org/show_bug.cgi?id=758291
 mdeslaur> and https://git.gnome.org/browse/libxslt/commit/?id=fc1ff481fd01e9a65a921c542fed68d8c965e8a3
Package
Upstream:released (1.1.29-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (1.1.29-1)
Ubuntu 12.04 LTS (Precise Pangolin):released (1.1.26-8ubuntu1.4)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.1.28-2ubuntu0.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.1.28-2.1ubuntu0.1)
Ubuntu 16.10 (Yakkety Yak):not-affected (1.1.29-1)
Ubuntu 17.04 (Zesty Zapus):not-affected (1.1.29-1)
Patches:
Upstream:https://git.gnome.org/browse/libxslt/commit/?id=fc1ff481fd01e9a65a921c542fed68d8c965e8a3
More Information

Updated: 2017-04-28 07:14:14 UTC (commit 12461)