-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 24 Sep 2025 13:28:13 +0200 Source: libxslt Architecture: source Version: 1.1.34-4+deb11u3 Distribution: bullseye-security Urgency: high Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1108074 1109123 Changes: libxslt (1.1.34-4+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload by the LTS Team. . [ Jochen Sprickerhof ] * CVE-2023-40403: Fix information disclosure with improved memory handling of generated-id() (closes: #1108074). * CVE-2025-7424: Fix type confusion in xmlNode.psvi between stylesheet and source nodes (closes: #1109123). . [ Guilhem Moulin ] * Fix backport of upstream change for issue #123 "generate-id() is non-deterministic". * d/patches: Drop unrelated upstream change ed11eaa9. * d/patches: Add DEP-3 headers for the patches added since 1.1.34-4+deb11u2. * Cherry-pick upstream recursion tests in EXSLT dynamic functions in preparation for the upcoming CVE-2025-9714/libxml2 fix. * Add d/salsa-ci.yml for Salsa CI. Checksums-Sha1: ab10887354cf65eadc1c5713e451799ef6080c6f 2407 libxslt_1.1.34-4+deb11u3.dsc f1ecbe52f821fedabc43aa1120f98f0d6b737645 30680 libxslt_1.1.34-4+deb11u3.debian.tar.xz dd814fb357a4fd31f4872d219a29264fd741e4e1 7647 libxslt_1.1.34-4+deb11u3_amd64.buildinfo Checksums-Sha256: a5b74a19c08446b5d29a7ec7b5d33aac88e7749cb5a88a5b2203a90e71539fc6 2407 libxslt_1.1.34-4+deb11u3.dsc ac56e9014a76af3171e97a3514f1ce9dc3856978391e1e82c89356eb4f900098 30680 libxslt_1.1.34-4+deb11u3.debian.tar.xz 040c6e8da5c2fb16f24270b8bea415d9921c450154db36635f03103890dad9fe 7647 libxslt_1.1.34-4+deb11u3_amd64.buildinfo Files: 073a27c3e105bbbc61bc45a0fd4998e4 2407 text optional libxslt_1.1.34-4+deb11u3.dsc 048cfccd072439aaf46fead1f0965f5e 30680 text optional libxslt_1.1.34-4+deb11u3.debian.tar.xz 09095a5acbe97a24cd010d7a8a6ebc25 7647 text optional libxslt_1.1.34-4+deb11u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmjT1o4ACgkQ05pJnDwh pVJgIQ//UtuPKq/T2y8O9kN/rTO47MZuAkDTYBAVzMAaLRbwzkL1pGi/qRxZlH/3 ND+5Lr1RT+5jP/F9W7wxFUhsQydAMWmVg8qudqvdks4KzjSFVypWFrOuN5S58hOp fHxWLCuginRbDo/lTvzmBBOVrH9Weh2+MVqEG7gOKwpSJevu/FyWZDDFE0TB68BO v08RRrqRZGUoWZjC3kDyUkkxmDGKBZjlpp6Ae1xm7bvpEeAhVCN6r+3E/TT56v3u Ihf7BKkvGIJopP6glCK8W0TqOCu6FEFUarWedcWPOtoZZWugffyrd1E37MFr1GS+ 8vPLb16nWnGPKiiNbv0amAp3eDXlD/30nJAq/7zS/qHJl7pAk90Yfk3QRY7EWPsw ZL0m7nVn4yaS13xUPPPwKefOEwBRA3BDkMZ+OAXosTMbqxBFkDRqcsopL2RGWZmN AkfaIH8w8ShrcfuiREnZxfCz0JZ+YZtJv9Y6rpWhNH5jgiChFq7j8PLip4eRCps4 iBkmkoeLWmn/V281BbyTFW1WA00878cdcugdSLhFS2MYhZEQBoZ/oiUBai/McTeb 0ArlKZNrVMb0+F6ykzGU5SL2JJeNteHZXjLgKvlQ3iCzHxXVyg4OIQ6n8B99ADAL eSVE8n35WdZxf81zk4SCim/pVDiwehiP1prXDhI+/N8k/smMt4s= =mryx -----END PGP SIGNATURE-----