In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9019