The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "python-libxslt1": "1.1.28-2ubuntu0.1", "libxslt1-dev": "1.1.28-2ubuntu0.1", "python-libxslt1-dbg": "1.1.28-2ubuntu0.1", "libxslt1.1": "1.1.28-2ubuntu0.1", "python-libxslt1-dbgsym": "1.1.28-2ubuntu0.1", "xsltproc-dbgsym": "1.1.28-2ubuntu0.1", "libxslt1.1-dbgsym": "1.1.28-2ubuntu0.1", "libxslt1-dbg": "1.1.28-2ubuntu0.1", "xsltproc": "1.1.28-2ubuntu0.1", "libxslt1-dev-dbgsym": "1.1.28-2ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "python-libxslt1": "1.1.28-2.1", "libxslt1-dev": "1.1.28-2.1", "python-libxslt1-dbg": "1.1.28-2.1", "libxslt1.1": "1.1.28-2.1", "xsltproc-dbgsym": "1.1.28-2.1", "libxslt1.1-dbgsym": "1.1.28-2.1", "libxslt1-dbg": "1.1.28-2.1", "xsltproc": "1.1.28-2.1", "libxslt1-dev-dbgsym": "1.1.28-2.1" } ] }