[php-maint] Bug PHP xsl CVE-2012-0057.patch
grok at no-log.org
grok at no-log.org
Tue Jan 31 09:33:38 UTC 2012
Hi,
I don't know who I'm sending this message to the right address:
A recent update in debian 6.0.4 broke php5-xsl.
I found the bug in patch: CVE-2012-0057.patch
On line 478 of the patched file ext/xsl/xsltprocessor.c:
Should be : int secPrefsError=0;
Instead of: int secPrefsError;
Otherwise you will always get the error:
warning: XSLTProcessor::transformToXml() [xsltprocessor.transformtoxml]: Can't set libxslt security properties, not doing transformation for security reasons
Cheers,
Grok.
More information about the pkg-php-maint
mailing list