Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-87781

RHSA-2025:3612 (libxslt-1.1.28-8.el7_9) is missing patches

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • rhel-7.9.z
    • rhel-7.9.z
    • libxslt
    • No
    • Important
    • ZStream
    • rhel-se-display
    • ssg_display
    • 3
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      The %patchN directives for Patch4 and Patch7 are not specified in SPEC file of libxslt-1.1.28-8.el7_9. These 2 CVEs are not actually fixed by applying RHSA-2025:3612.

      $ grep -i patch SPECS/libxslt.spec 
      # Fedora specific patches
      Patch0: multilib.patch
      Patch1: libxslt-1.1.26-utf8-docs.patch
      Patch2: libxslt-1.1.28-CVE-2019-18197.patch
      Patch3: libxslt-1.1.28-CVE-2019-11068.patch
      Patch4:         libxslt-1.1.34-CVE-2025-24855.patch
      Patch7:         libxslt-1.1.34-CVE-2024-55549.patch
      %patch0 -p1
      %patch1 -p1 -b .utf8
      %patch2 -p1
      %patch3 -p1
      # Now fix up the timestamps of patched docs files
      - Restore timestamps for patched documentation files
      - Patch from Paul Howarth for converting files to utf8 (#226088)
      - and the previous patch was incomplte breaking the python bindings
      - revert a key initialization patch from 1.1.23 which seems broken 

      What is the impact of this issue to you?

      CVE-2024-55549 and CVE-2025-24855 are both "Important Impact" vulnerability.

      Please re-release the errata as soon as possible.

      I also added a comment in following tickets.

      RHEL-83491: CVE-2025-24855 libxslt: Use-After-Free in libxslt numbers.c [rhel-7-els]

      RHEL-83505: CVE-2024-55549 libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) [rhel-7-els]

      Please provide the package NVR for which the bug is seen:

      How reproducible is this bug?:

      Steps to reproduce

      1.  
      2.  
      3.  

      Expected results

      Actual results

              rhn-support-gotiwari Goutam Tiwari
              rhn-support-lilhuang Lili Huang
              SE Desktop SE Desktop
              Abhishek Mishra Abhishek Mishra
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: