Re: Expat regression fix for master branch

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Expat regression fix for master branch

From:	Leo Famulari
Subject:	Re: Expat regression fix for master branch
Date:	Sun, 25 Sep 2016 19:18:11 -0400
User-agent:	Mutt/1.7.0 (2016-08-17)

On Mon, Sep 12, 2016 at 05:35:15PM -0400, Leo Famulari wrote:
> This patch applies an upstream patch for a regression caused by the fix 
> for CVE-2016-0718.
> 
> Apparently, the bug only manifests when building with -DXML_UNICODE,
> which I don't think our package does.

Sebastian Pipping (the Expat maintainer) contacted me to recommend that
we apply the patch on the master branch.

He says that the faulty code path can be reached even when XML_UNICODE
is not defined. Apparently, building with -DXML_UNICODE merely makes it
easier to reach the faulty code.

I think we should take Sebastian's advice. What does everyone think?

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Expat regression fix for master branch, Leo Famulari, 2016/09/12
- Re: Expat regression fix for master branch, Ludovic Courtès, 2016/09/13
  - Re: Expat regression fix for master branch, Leo Famulari, 2016/09/14
- Re: Expat regression fix for master branch, Leo Famulari <=
  - Re: Expat regression fix for master branch, Efraim Flashner, 2016/09/26
    - Re: Expat regression fix for master branch, Leo Famulari, 2016/09/27

Prev by Date: Re: [Patch 4/10] argon2: Install pkg-config file.
Next by Date: Re: [Patch 10/10] Add ring-client-gnome.
Previous by thread: Re: Expat regression fix for master branch
Next by thread: Re: Expat regression fix for master branch
Index(es):
- Date
- Thread