A heap overread vulnerability was found in xsltFormatNumberConversion function in libxslt. An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string. Upstream patch: https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880
Created libxslt tracking bugs for this issue: Affects: fedora-all [bug 1388779]
Created mingw-libxslt tracking bugs for this issue: Affects: fedora-all [bug 1388780] Affects: epel-7 [bug 1388781]
References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4738 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4738.html
This issue was initially filed as chromium bug at: https://bugs.chromium.org/p/chromium/issues/detail?id=619006