Please Install the Updated Packages.

libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism. A heap buffer overflow flaw was discovered in the RC4 libxslt library extension. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute arbitrary code with the privileges of the application using the libxslt library to perform XSL transformations on untrusted XSL style sheets. (CVE-2008-2935) Red Hat would like to thank Chris Evans for reporting this vulnerability. All libxslt users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

libxslt on Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4, Red Hat Enterprise Linux (v. 5 server)

• https://www.redhat.com/archives/rhsa-announce/2008-July/msg00037.html

---

Updated on 2015-03-25