libxslt (1.1.39-0exp1ubuntu0.24.04.2) noble-security; urgency=medium
* SECURITY UPDATE: use-after-free via nested XPath evaluations
- debian/patches/CVE-2025-24855.patch: properly handle XPath context
nodes and transformation context nodes in libxslt/numbers.c,
libxslt/templates.c, libxslt/xsltutils.c.
- CVE-2025-24855
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 19 Mar 2025 12:53:59 -0400
libxslt (1.1.39-0exp1ubuntu0.24.04.1) noble-security; urgency=medium
* SECURITY UPDATE: use-after-free via exclusion of result prefixes
- debian/patches/CVE-2024-55549.patch: store string in stylesheet's
dict to avoid use after free in libxslt/xslt.c.
- CVE-2024-55549
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 18 Mar 2025 10:37:57 -0400
libxslt (1.1.39-0exp1build1) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 08:02:49 +0000
libxslt (1.1.39-0exp1) experimental; urgency=medium
* New upstream version 1.1.39
* Drop patch merged upstream, update other ones
* Update std-ver to 3.6.2, no change required
* Override source-is-missing lintian warning
* d/rules: install README.md
* d/rules: remove override_dh_installchangelogs
* Update documentation files and doc-base registration
* d/control: replace pkg-config with pkgconf
-- Aron Xu <aron@debian.org> Wed, 28 Feb 2024 15:26:07 +0800
libxslt (1.1.35-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.1.35.
* Refresh patches.
* Update Homepage and d/watch to point to the new GNOME-based home
* d/*.doc-base: rename the document name, it shouldn't match the binary
package name.
* Install the new gtk-doc documentation.
* Do not install the .cmake file that come with the new version.
-- Mattia Rizzolo <mattia@debian.org> Fri, 15 Jul 2022 15:29:07 +0200
libxslt (1.1.34-4) unstable; urgency=medium
* Team upload.
* Add patch to make the xslt-config script compatible with multi-arch.
Closes: #952768
-- Mattia Rizzolo <mattia@debian.org> Wed, 04 Mar 2020 14:02:32 +0100
libxslt (1.1.34-3) unstable; urgency=medium
* Team upload.
* Add a patch to fix FTBFS when built twice in a row. Closes: #947914
(Add build-dependency on docbook-xsl for this.)
-- Mattia Rizzolo <mattia@debian.org> Sat, 22 Feb 2020 15:28:46 +0100
libxslt (1.1.34-2) unstable; urgency=medium
* Team upload.
* Re-add the xslt-config script for now.
* d/control: Bump Standards-Version to 4.5.0, no changes needed.
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Fri, 21 Feb 2020 14:24:17 +0100
libxslt (1.1.34-1) experimental; urgency=medium
* Team upload.
* New upstream version 1.1.34.
* Refresh patches
* d/libxslt1.1.symbols: Add new symbols.
* d/control:
+ Bump debhelper compat level to 12.
+ Bump Standards-Version to 4.4.1, no changes needed.
* Stop building and installing the static library.
* Stop installing xslt-config, please use pkg-config.
* Drop Python2 packages. Closes: #936942
* Make use of dh_missing --fail-missing:
+ Leave the docs files where the upstream build system put them, and just
move them into the right package. All the documentation was this way
moved into an extra html/ directory.
+ Installs files in a way that lets dh_missing detect them as installed.
+ d/not-installed: list xslt-config.
-- Mattia Rizzolo <mattia@debian.org> Mon, 25 Nov 2019 19:22:08 +0100
libxslt (1.1.32-2.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix dangling pointer in xsltCopyText (CVE-2019-18197) (Closes: #942646)
-- Salvatore Bonaccorso <carnil@debian.org> Sat, 19 Oct 2019 21:21:23 +0200
libxslt (1.1.32-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <carnil@debian.org> Sun, 04 Aug 2019 08:14:05 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libxslt1.1`.
Generated by dwww version 1.16 on Mon Dec 15 21:00:48 CET 2025.