security/vuxml: Fix 2025.xml

Please, remember to always run "make validate" before committing. fernape@ with ports-secteam@ hat on. Fixes: 7e75a5ba66e3a
author: Fernando Apesteguía <fernape@FreeBSD.org> 2025-05-14 17:22:13 +0200
committer: Fernando Apesteguía <fernape@FreeBSD.org> 2025-05-14 17:22:13 +0200
commit: ae17653a857c179c27b23f021acdd5476bfeb428 (patch)
tree: 357740c3c921d97da5f023f0efeb81fc222e97e4
parent: sysutils/fastfetch: update to 2.43.0 (diff)
1 files changed, 16 insertions, 12 deletions
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index 81b5b6be2522..69a2385c1534 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -29,21 +29,25 @@
     <topic>libxslt -- multiple vulnerabilities</topic>
     <affects>
       <package>
-        <name>libxslt</name>
-        <range><lt>1.1.43</lt></range>
+	<name>libxslt</name>
+	<range><lt>1.1.43</lt></range>
       </package>
     </affects>
     <description>
-        <body xmlns="http://www.w3.org/1999/xhtml">
-        <h1>[CVE-2024-55549] Fix UAF related to excluded namespaces</h1>
-        <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/127">
-        <p>xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.</p>
-        </blockquote>
-        <h1>[CVE-2025-24855] Fix use-after-free of XPath context node</h1>
-        <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/128">
-        <p>numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.</p>
-        </blockquote>
-        </body>
+    <body xmlns="http://www.w3.org/1999/xhtml">
+    <h1>[CVE-2024-55549] Fix UAF related to excluded namespaces</h1>
+    <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/127">
+    <p>xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.</p>
+    </blockquote>
+    <h1>[CVE-2025-24855] Fix use-after-free of XPath context node</h1>
+    <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/128">
+      <p>numbers.c in libxslt before 1.1.43 has a use-after-free because
+	, in nested XPath evaluations, an XPath context node can be
+	modified but never restored. This is related to
+	xsltNumberFormatGetValue, xsltEvalXPathPredicate,
+	xsltEvalXPathStringNs, and xsltComputeSortResultInternal.</p>
+    </blockquote>
+    </body>
     </description>
     <references>
       <cvename>CVE-2024-55549</cvename>
author	Fernando Apesteguía <fernape@FreeBSD.org>	2025-05-14 17:22:13 +0200
committer	Fernando Apesteguía <fernape@FreeBSD.org>	2025-05-14 17:22:13 +0200
commit	ae17653a857c179c27b23f021acdd5476bfeb428 (patch)
tree	357740c3c921d97da5f023f0efeb81fc222e97e4
parent	sysutils/fastfetch: update to 2.43.0 (diff)