Issued:: 2025-03-24
Updated:: 2025-03-24

RHSA-2025:3107 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libxslt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libxslt is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism.

Security Fix(es):

libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

BZ - 2352483 - CVE-2025-24855 libxslt: Use-After-Free in libxslt numbers.c

CVEs

CVE-2025-24855

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
libxslt-1.1.34-9.el9_5.1.src.rpm	SHA-256: 444e8d0641afa9bb53f4b989b4e909dd6cfbd222b4eab71ae9b163bde399cb5c
x86_64
libxslt-1.1.34-9.el9_5.1.i686.rpm	SHA-256: bb60a3135778b0c4a3d3316e53aaa492f0d381cdcb2bfc8ad05553d2ebd5691f
libxslt-1.1.34-9.el9_5.1.x86_64.rpm	SHA-256: a7b2a811f328134fea141a00b2e661792fe5d0770a5d59fe621a1da4a570845f
libxslt-debuginfo-1.1.34-9.el9_5.1.i686.rpm	SHA-256: 368185f5b5d9ad1e5be35ac955c4417a6dafc3f380e526047e641f4852003a32
libxslt-debuginfo-1.1.34-9.el9_5.1.x86_64.rpm	SHA-256: bdb6676221b34644e6329e339acf4a5df234b846df2b9994b54d103ca9491606
libxslt-debugsource-1.1.34-9.el9_5.1.i686.rpm	SHA-256: fcc2ebfb1d4aafbbaab629f843cf12b70537708254de3f16051892a804d6f5d3
libxslt-debugsource-1.1.34-9.el9_5.1.x86_64.rpm	SHA-256: 72df50c8c1940d8ddd045ad4dca228c6587dd52c7579e2c78e0ff9383748824e
libxslt-devel-1.1.34-9.el9_5.1.i686.rpm	SHA-256: 7ab36052383991ea54701d4d86c28bd7f4af66ebb19c6f50115ac6541cde224a
libxslt-devel-1.1.34-9.el9_5.1.x86_64.rpm	SHA-256: 564523d8b02df17d6f9df9b027ec1c73ce7ee7ad0fd1532c41f7b71e426aadb7

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
libxslt-1.1.34-9.el9_5.1.src.rpm	SHA-256: 444e8d0641afa9bb53f4b989b4e909dd6cfbd222b4eab71ae9b163bde399cb5c
s390x
libxslt-1.1.34-9.el9_5.1.s390x.rpm	SHA-256: b562edc016da3397cecc0279e201895b3eaa106ec2374aaf8f7b4e9949c92a1d
libxslt-debuginfo-1.1.34-9.el9_5.1.s390x.rpm	SHA-256: 75b6c4d3db7d41e47e36cc5b0ca2c7c15012ffec126b8a53f310564a23769348
libxslt-debugsource-1.1.34-9.el9_5.1.s390x.rpm	SHA-256: cea883e1b7f4bd565981b1532c55f4f448f789ee687d7e9d6a807168976b620b
libxslt-devel-1.1.34-9.el9_5.1.s390x.rpm	SHA-256: 592fb9699c0e71c4f030d8f265e5920136bad5ec56a87cdde01090ad6a9da46f

Red Hat Enterprise Linux for Power, little endian 9

SRPM
libxslt-1.1.34-9.el9_5.1.src.rpm	SHA-256: 444e8d0641afa9bb53f4b989b4e909dd6cfbd222b4eab71ae9b163bde399cb5c
ppc64le
libxslt-1.1.34-9.el9_5.1.ppc64le.rpm	SHA-256: 76938c8095cef2980d75ee90e839d6670a0ac5b1dc62f0821211e679461be2d9
libxslt-debuginfo-1.1.34-9.el9_5.1.ppc64le.rpm	SHA-256: 49a4f5e8460e3b8db8f63cd744f01254009a8096c9af67f0b51e3f31abed2c10
libxslt-debugsource-1.1.34-9.el9_5.1.ppc64le.rpm	SHA-256: 6767e5acb541f5f414286e0e389f25923ad940954b42e1fc87fcab4b35c65484
libxslt-devel-1.1.34-9.el9_5.1.ppc64le.rpm	SHA-256: 6228784f7a43fb958a7d612ff14c937afe47bcd46de2fea6d02add1a71e1eccc

Red Hat Enterprise Linux for ARM 64 9

SRPM
libxslt-1.1.34-9.el9_5.1.src.rpm	SHA-256: 444e8d0641afa9bb53f4b989b4e909dd6cfbd222b4eab71ae9b163bde399cb5c
aarch64
libxslt-1.1.34-9.el9_5.1.aarch64.rpm	SHA-256: 25605566260e4ed575364b9a6405cce1213a44b49dd02ee96f7f864ae38e802e
libxslt-debuginfo-1.1.34-9.el9_5.1.aarch64.rpm	SHA-256: f9a1aa6b5a73417f780f39fe67d0e22a3f25c2700047a7d7576f6498add35a62
libxslt-debugsource-1.1.34-9.el9_5.1.aarch64.rpm	SHA-256: 31edbaf64035b6dc5fc822a434af59124da79af9587cfb5388ee6eabe748c462
libxslt-devel-1.1.34-9.el9_5.1.aarch64.rpm	SHA-256: 033882244ec5ae55fe4ccea6994f3a17f223e3739447ed1d1a956627912eb332

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Ansible.com

Red Hat Ecosystem Catalog

Red Hat Hybrid Cloud Console

Red Hat Store

Red Hat Marketplace

Red Hat Summit and AnsibleFest