Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 509
Alerts This Week
Warning Icon 1 509

openSUSE Leap 16.0: libxslt Important Denial of Service Fix 2025-20050-1

opensuse
Calendar Grey November 21, 2025
Scroller Opensuse Esm H88
Update for openSUSE Leap 16.0 addressing important libxslt vulnerabilities with fixes for denial of service and more.
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.

Description

This update for libxslt fixes the following issues:

Changes in libxslt:

- CVE-2025-11731: Fixed type confusion in exsltFuncResultCompfunction leading to denial of service (bsc#1251979)

- CVE-2025-10911: Fixed use-after-free with key data stored cross-RVT (bsc#1250553)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-24=1

Patch

Package List

- openSUSE Leap 16.0:

libexslt0-1.1.43-160000.3.1

libxslt-devel-1.1.43-160000.3.1

libxslt-tools-1.1.43-160000.3.1

libxslt1-1.1.43-160000.3.1

References

* bsc#1250553

* bsc#1251979

References:

* https://www.suse.com/security/cve/CVE-2025-10911.html

* https://www.suse.com/security/cve/CVE-2025-11731.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2025-20050-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.