Search for packages
| purl | pkg:alpm/archlinux/libxslt@1.1.29%2B23%2Bgeb1030d-1 |
| Next non-vulnerable version | 1.1.29+41+gdf5330d1-1 |
| Latest non-vulnerable version | 1.1.29+41+gdf5330d1-1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-426k-ced5-jbhk
Aliases: CVE-2017-5029 GHSA-pf6m-fxpq-fg8v |
Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29 nokogiri version 1.7.2 has been released. This is a security update based on 1.7.1, addressing two upstream libxslt 1.1.29 vulnerabilities classified as "Medium" by Canonical and given a CVSS3 score of "6.5 Medium" and "8.8 High" by RedHat. These patches only apply when using Nokogiri's vendored libxslt package. If you're using your distro's system libraries, there's no need to upgrade from 1.7.0.1 or 1.7.1 at this time. Full details are available at the github issue linked to in the changelog below. ----- # 1.7.2 / 2017-05-09 ## Security Notes [MRI] Upstream libxslt patches are applied to the vendored libxslt 1.1.29 which address CVE-2017-5029 and CVE-2016-4738. For more information: * https://github.com/sparklemotion/nokogiri/issues/1634 * http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5029.html * http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4738.html |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-31T11:35:41.037517+00:00 | Arch Linux Importer | Affected by | VCID-426k-ced5-jbhk | https://security.archlinux.org/AVG-195 | 37.0.0 |