Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora 43: mingw-libxslt Update for CVE-2025-11731 and CVE-2025-10911

fedora
Calendar Grey January 22, 2026
Dist Fedora Esm H88
Fixes for CVE-2025-11731 in mingw-libxslt address critical bugs in Fedora 43. Immediate update recommended.
Backport fix for CVE-2025-11731 and proposed fix for CVE-2025-10911

Summary

This C library allows to transform XML files into other XML files

(or HTML, text, ...) using the standard XSLT stylesheet transformation

mechanism. To use it you need to have a version of libxml2 >= 2.6.27

installed. The xsltproc command is a command line interface to the XSLT engine

Update Information:

Backport fix for CVE-2025-11731 and proposed fix for CVE-2025-10911

Change Log

* Tue Jan 13 2026 Sandro Mani - 1.1.43-4 - Backport fix for CVE-2025-11731 and proposed fix for CVE-2025-10911

References


[ 1 ] Bug #2398129 - CVE-2025-10911 mingw-libxslt: use-after-free with key data stored cross-RVT [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398129 [ 2 ] Bug #2403696 - CVE-2025-11731 mingw-libxslt: Type Confusion in exsltFuncResultCompfunction of libxslt [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2403696

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-84be018d47' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: mingw-libxslt
Product: Fedora 43
Version: 1.1.43
Release: 4.fc43
URL:
Summary: MinGW Windows Library providing the Gnome XSLT engine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here