==========================================================================
Ubuntu Security Notice USN-3947-1
April 15, 2019

libxslt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Libxslt could be made to expose sensitive information if it received
a specially crafted file.

Software Description:
– libxslt: XSLT processing library

Details:

It was discovered that Libxslt incorrectly handled certain documents.
An attacker could possibly use this issue to access sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
libxslt1.1                      1.1.32-2ubuntu0.1

Ubuntu 18.04 LTS:
libxslt1.1                      1.1.29-5ubuntu0.1

Ubuntu 16.04 LTS:
libxslt1.1                      1.1.28-2.1ubuntu0.2

Ubuntu 14.04 LTS:
libxslt1.1                      1.1.28-2ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3947-1
CVE-2019-11068

Package Information:
https://launchpad.net/ubuntu/+source/libxslt/1.1.32-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libxslt/1.1.29-5ubuntu0.1
https://launchpad.net/ubuntu/+source/libxslt/1.1.28-2.1ubuntu0.2
https://launchpad.net/ubuntu/+source/libxslt/1.1.28-2ubuntu0.2—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJctNQAAAoJEEW851uECx9p4K4P/jeusIUWc/VRxdhr0TpGdjQA
Ud5jeKW3V/wUHnlGp09TkpnVt2+FLCV0eaiaSoxQJrDc/TQYOsPoSYae4Y4U6qxy
VGss7ZuXMVci+dIyCsrBNzj2w6XLPgUU0RCpq+UWT0eeD5O9we6U9sRPoNkeEs9E
feInXsnIo/qAIt1v705XXOewUwhPcszottp1MJc1KnQ4W7Kmpg6UFd9GvlOJXbZN
RPlobblrvzgZucwh9YFHt7eZcK5NYzclzuG9XkgJv34LR1mdVvbPSsdvm792KWjH
eXp5bwsuxnvwjgspFzJsxLN5q6MVewslHoqTWiBO3voP+ZcyM8+I1+63sth5tAv5
Kzoc6hnoODg9xB8eHqz37TkuTOePkUbeRPXXO2A1Pjy+OtfDUOVdm23YJlxBnLf6
Cpz0cPjfFKByEgfpBXWRXnUHz6kn7s7fZOS/E2h1yaRkmwZfy71IejY4I1Mrj+WM
g+TsXbIdqOYBr9UVWhgY46xkc2kKOtk2e2cKSDjqkHPs7qCRLkKFCtw0pBV9TAPS
BjfVG+67Ddy0eOnYKDYKK2htLAnmD/iCBOX97BcBX8Zxe79su/7BBqQH1u6iTeXs
wSpLXYYOGmmqz/ByWN4uMrV4+y25stwl8K0mWvY6rNwxWJTLY7DobUm4nWlDpZaa
VTxb7eC//xKUGsLIxGc8
=nKov
—–END PGP SIGNATURE—–
—

 

==========================================================================
Ubuntu Security Notice USN-3947-2
April 15, 2019

libxslt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Libxslt could be made to expose sensitive information if it
received a specially crafted file.

Software Description:
- libxslt: XSLT processing library

Details:

USN-3947-1 fixed a vulnerability in Libxslt. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that Libxslt incorrectly handled certain documents.
 An attacker could possibly use this issue to access sensitive
 information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libxslt1.1                      1.1.26-8ubuntu1.5

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3947-2
  https://usn.ubuntu.com/usn/usn-3947-1
  CVE-2019-11068-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJctNuFAAoJEEW851uECx9pLZ8P/3tyRiZTOWn0zyNgWsW53H7n
y/HsiA664PM4A4NuAAfhcowvgQs3QgpWs4fWI0sBu5UnaiTglAAl5FuNMu5AXycx
5d6Rbit5lLYiXSKS/kZtR4oLsBE0X2TQ0XdmCbIDPqJ8exwxX8SKkA01zL6jKvdp
WjwI1E05wLoQp7LgNnKwhnkjWRAUNhvfFYC4zvXEXA0ibP2z1X35ofZebi97KQbT
2N9NlU92bw88qx1zrsdZ/VfvpjxYwEu8xtoWWoQaDou6TBLJdu4lFGLdzDjuZV2Y
j/qPPGEkzvSEbywAEuMOZh2oThfAARAGDnk6qyol2CsfC437tPXrkOWsfgJ25Im2
+Lv1LoQ8qxZUQeQfhDrkIO9oDfS1PSIOrkNv6+8/iqmyBa9tf2AABO2qbTmsg61U
KI472WQ89Bl3W8Lc9CF1tpXRnuR816hGZUuFclBzjIa9F3dwYhaX9FCEee7Rnb7h
wPmmEypYIxccZupONVw4WqwK0aImYEJBOo2FrlIOH63Xp9GUlbtlJ6iLFdO7VAtG
agz9VeSqyDUP6aStod1hnjie+5DE1KWUNtBYzbHCRvnVQn7K2auYXbJ1msPWX7hK
5SfyuNSPnlhMy8OxTsJrkENbLPVgoJGsOMTS+wBqhn+PLfWFTqISNILV+X9TAuNj
Kyeniff5XGPPk/xX7hUJ
=ooUI
-----END PGP SIGNATURE-----
-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce