[3.5] libxslt: integer overflow in xsltAddTextString (CVE-2017-5029)
The issue can be exploited to trigger an out of bounds write on 64-bit systems.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858546
Patch:
https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
(from redmine: issue id 7057, created on 2017-03-24, closed on 2017-05-02)
- Relations:
- parent #7055 (closed)