CVE-2017-5029

Priority
Medium
Description
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux
and 57.0.2987.108 for Android, lacked a check for integer overflow during a
size calculation, which allowed a remote attacker to perform an out of
bounds memory write via a crafted HTML page.
References
Bugs
Package
Upstream:needed
Ubuntu 17.10 (Artful Aardvark):not-affected (1.1.29-2.1)
Ubuntu 12.04 ESM (Precise Pangolin):released (1.1.26-8ubuntu1.4)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.1.28-2ubuntu0.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.1.28-2.1ubuntu0.1)
Ubuntu 17.04 (Zesty Zapus):released (1.1.29-2ubuntu0.1)
Patches:
Upstream:https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
Package
Upstream:released (57.0.2987.98)
Ubuntu 17.10 (Artful Aardvark):released (57.0.2987.98-0ubuntu1.1348)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 LTS (Trusty Tahr):released (58.0.3029.81-0ubuntu0.14.04.1172)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (57.0.2987.98-0ubuntu0.16.04.1276)
Ubuntu 17.04 (Zesty Zapus):released (57.0.2987.98-0ubuntu1.1348)
Package
Upstream:released (1.21.5)
Ubuntu 17.10 (Artful Aardvark):released (1.21.5-0ubuntu1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1.21.5-0ubuntu0.14.04.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.21.5-0ubuntu0.16.04.1)
Ubuntu 17.04 (Zesty Zapus):released (1.21.5-0ubuntu1)
More Information

Updated: 2017-08-11 23:55:47 UTC (commit 13081)