FreeBSD : libxslt -- security framework bypass (93167bef-9752-11e9-b61c-b885849ded8e)
High Nessus Plugin ID 126756
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMitre report :
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
SolutionUpdate the affected package.