[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#28294: [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9
|
From: |
Marius Bakke |
|
Subject: |
bug#28294: [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9048, 9049, 9050}. |
|
Date: |
Thu, 31 Aug 2017 21:52:49 +0200 |
|
User-agent: |
Notmuch/0.25 (https://notmuchmail.org) Emacs/25.2.1 (x86_64-unknown-linux-gnu) |
Alex Vong <address@hidden> writes:
> Marius Bakke <address@hidden> writes:
>
>> Alex Vong <address@hidden> writes:
>>
>>> Severity: important
>>> Tags: patch security
>>>
>>> Hi,
>>>
>>> This patch fixes CVEs of libxml2. The changes to 'runtest.c' in
>>> 'libxml2-CVE-2017-9049+CVE-2017-9050.patch are removed since they
>>> introduce test failure. The changes only enable new tests so it should
>>> be fine to remove them.
>>
>> Thanks for this! I think we have to graft this fix since changing
>> 'libxml2' would rebuild 2/3 of the tree. Can you try that?
>>
>> PS: Do you have a Savannah account? I'm sure Ludo or someone can add
>> you given the steady rate of quality commits.
>
> Sure, here is the new patch:
Pushed, thanks! I added tabs before the line breaks in gnu/local.mk,
but otherwise untouched.
Side note: I think we should start adding patches as origins instead of
copying them wholesale, to try and keep the git repository slim.
signature.asc
Description: PGP signature
- [bug#28294] [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9048, 9049, 9050}., Alex Vong, 2017/08/30
- [bug#28294] [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9048, 9049, 9050}., Marius Bakke, 2017/08/30
- [bug#28294] [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9048, 9049, 9050}., Alex Vong, 2017/08/31
- bug#28294: [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047, 9048, 9049, 9050}.,
Marius Bakke <=