Skip to content

Commit ed6657d

Browse files
[AutoPR- Security] Patch libxslt for CVE-2025-11731 [LOW] (#15148)
1 parent b283948 commit ed6657d

File tree

6 files changed

+52
-9
lines changed

6 files changed

+52
-9
lines changed

SPECS/libxslt/CVE-2025-11731.patch

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
From c1ded529004f379e25f3b2825dab86ce50e36943 Mon Sep 17 00:00:00 2001
2+
From: =?UTF-8?q?Dominik=20R=C3=B6ttsches?= <drott@chromium.org>
3+
Date: Wed, 27 Aug 2025 14:28:40 +0300
4+
Subject: [PATCH] End function node ancestor search at document
5+
6+
Avoids dereferencing a non-existent ->ns property on an
7+
XML_DOCUMENT_NODE pointer.
8+
9+
Fixes #151.
10+
11+
Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
12+
Upstream-reference: https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/78.patch
13+
---
14+
libexslt/functions.c | 9 +++++++--
15+
1 file changed, 7 insertions(+), 2 deletions(-)
16+
17+
diff --git a/libexslt/functions.c b/libexslt/functions.c
18+
index 2f74431..65ea223 100644
19+
--- a/libexslt/functions.c
20+
+++ b/libexslt/functions.c
21+
@@ -619,8 +619,13 @@ exsltFuncResultComp (xsltStylesheetPtr style, xmlNodePtr inst,
22+
* instanciation of a func:result element.
23+
*/
24+
for (test = inst->parent; test != NULL; test = test->parent) {
25+
- if (IS_XSLT_ELEM(test) &&
26+
- IS_XSLT_NAME(test, "stylesheet")) {
27+
+ if (/* Traversal has reached the top-level document without
28+
+ * finding a func:function ancestor. */
29+
+ (test != NULL && test->type == XML_DOCUMENT_NODE) ||
30+
+ /* Traversal reached a stylesheet-namespace node,
31+
+ * and has left the function namespace. */
32+
+ (IS_XSLT_ELEM(test) &&
33+
+ IS_XSLT_NAME(test, "stylesheet"))) {
34+
xsltGenericError(xsltGenericErrorContext,
35+
"func:result element not a descendant "
36+
"of a func:function\n");
37+
--
38+
2.45.4
39+

SPECS/libxslt/libxslt.spec

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
Summary: Libxslt is the XSLT C library developed for the GNOME project. XSLT is a an XML language to define transformation for XML.
22
Name: libxslt
33
Version: 1.1.34
4-
Release: 8%{?dist}
4+
Release: 9%{?dist}
55
License: MIT
66
Vendor: Microsoft Corporation
77
Distribution: Mariner
@@ -13,6 +13,7 @@ Patch0: CVE-2021-30560.patch
1313
Patch1: CVE-2022-29824.nopatch
1414
Patch2: CVE-2024-55549.patch
1515
Patch3: CVE-2025-24855.patch
16+
Patch4: CVE-2025-11731.patch
1617
BuildRequires: libgcrypt-devel
1718
BuildRequires: libxml2-devel
1819
Requires: libgcrypt
@@ -76,6 +77,9 @@ make %{?_smp_mflags} check
7677
%{_mandir}/man3/*
7778

7879
%changelog
80+
* Fri Nov 21 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 1.1.34-9
81+
- Patch for CVE-2025-11731
82+
7983
* Mon Mar 17 2025 Sindhu Karri <lakarri@microsoft.com> - 1.1.34-8
8084
- Fix CVE-2025-24855 and CVE-2024-55549
8185

toolkit/resources/manifests/package/pkggen_core_aarch64.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -218,7 +218,7 @@ libgpg-error-1.46-1.cm2.aarch64.rpm
218218
libgcrypt-1.10.3-1.cm2.aarch64.rpm
219219
libksba-1.6.3-1.cm2.aarch64.rpm
220220
libksba-devel-1.6.3-1.cm2.aarch64.rpm
221-
libxslt-1.1.34-8.cm2.aarch64.rpm
221+
libxslt-1.1.34-9.cm2.aarch64.rpm
222222
npth-1.6-4.cm2.aarch64.rpm
223223
pinentry-1.2.0-1.cm2.aarch64.rpm
224224
gnupg2-2.4.0-2.cm2.aarch64.rpm

toolkit/resources/manifests/package/pkggen_core_x86_64.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -218,7 +218,7 @@ libgpg-error-1.46-1.cm2.x86_64.rpm
218218
libgcrypt-1.10.3-1.cm2.x86_64.rpm
219219
libksba-1.6.3-1.cm2.x86_64.rpm
220220
libksba-devel-1.6.3-1.cm2.x86_64.rpm
221-
libxslt-1.1.34-8.cm2.x86_64.rpm
221+
libxslt-1.1.34-9.cm2.x86_64.rpm
222222
npth-1.6-4.cm2.x86_64.rpm
223223
pinentry-1.2.0-1.cm2.x86_64.rpm
224224
gnupg2-2.4.0-2.cm2.x86_64.rpm

toolkit/resources/manifests/package/toolchain_aarch64.txt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -212,9 +212,9 @@ libtool-debuginfo-2.4.6-8.cm2.aarch64.rpm
212212
libxml2-2.10.4-9.cm2.aarch64.rpm
213213
libxml2-debuginfo-2.10.4-9.cm2.aarch64.rpm
214214
libxml2-devel-2.10.4-9.cm2.aarch64.rpm
215-
libxslt-1.1.34-8.cm2.aarch64.rpm
216-
libxslt-debuginfo-1.1.34-8.cm2.aarch64.rpm
217-
libxslt-devel-1.1.34-8.cm2.aarch64.rpm
215+
libxslt-1.1.34-9.cm2.aarch64.rpm
216+
libxslt-debuginfo-1.1.34-9.cm2.aarch64.rpm
217+
libxslt-devel-1.1.34-9.cm2.aarch64.rpm
218218
lua-5.4.4-1.cm2.aarch64.rpm
219219
lua-debuginfo-5.4.4-1.cm2.aarch64.rpm
220220
lua-devel-5.4.4-1.cm2.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -218,9 +218,9 @@ libtool-debuginfo-2.4.6-8.cm2.x86_64.rpm
218218
libxml2-2.10.4-9.cm2.x86_64.rpm
219219
libxml2-debuginfo-2.10.4-9.cm2.x86_64.rpm
220220
libxml2-devel-2.10.4-9.cm2.x86_64.rpm
221-
libxslt-1.1.34-8.cm2.x86_64.rpm
222-
libxslt-debuginfo-1.1.34-8.cm2.x86_64.rpm
223-
libxslt-devel-1.1.34-8.cm2.x86_64.rpm
221+
libxslt-1.1.34-9.cm2.x86_64.rpm
222+
libxslt-debuginfo-1.1.34-9.cm2.x86_64.rpm
223+
libxslt-devel-1.1.34-9.cm2.x86_64.rpm
224224
lua-5.4.4-1.cm2.x86_64.rpm
225225
lua-debuginfo-5.4.4-1.cm2.x86_64.rpm
226226
lua-devel-5.4.4-1.cm2.x86_64.rpm

0 commit comments

Comments
 (0)