Debian LTS: DLA-4089-1: libxslt Security Advisory Updates

debian lts

March 24, 2025

Two use-after-free vulnerabilities have been fixed in the XSLT processing library libxslt

Topics Covered

security advisory debian libxslt use-after-free CVE-2024-55549 XSLT

Summary

CVE-2024-55549

Use-after-free related to excluded namespaces

CVE-2025-24855

Use-after-free of XPath context node

For Debian 11 bullseye, these problems have been fixed in version
1.1.34-4+deb11u2.

We recommend that you upgrade your libxslt packages.

For the detailed security status of libxslt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/libxslt

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Severity

critical

Lowest

Low

Medium

High

Critical

Package: libxslt

Version: 1.1.34-4+deb11u2

CVE ID: CVE-2024-55549 CVE-2025-24855

Debian Bug: 1100565 1100566

Topics Covered

security advisory debian libxslt use-after-free CVE-2024-55549 XSLT

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian LTS: DLA-4089-1: libxslt Security Advisory Updates

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian LTS: DLA-4089-1: libxslt Security Advisory Updates

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!