SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3875

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3875

Security update for libxslt

Type: security

Severity: important

Issued: 2025-10-30

Description:

This update for libxslt fixes the following issues:

  - CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function leading to denial of service (bsc#1251979)
  - CVE-2025-10911: last fix caused a regression, patch was temporary disabled (bsc#1250553)

References

CVE: CVE-2025-11731
CVE: CVE-2025-10911
Bugzilla: 1251979 https://bugzilla.suse.com/show_bug.cgi?id=1251979
Bugzilla: 1250553 VUL-0: CVE-2025-10911: libxslt: use-after-free with key data stored cross-RVT

Packages

libxslt-1.1.34-150400.3.13.1