GNU bug report logs - #29797
[PATCH] gnu: libxslt: Fix CVE-2017-5029 and re-apply the fix for CVE-2016-4738.

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Thu, 21 Dec 2017 07:20:02 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

Message #13 received at 29797-done <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 29797-done <at> debbugs.gnu.org
Subject: Re: [bug#29797] [PATCH] gnu: libxslt: Fix CVE-2017-5029 and re-apply
 the fix for CVE-2016-4738.
Date: Thu, 21 Dec 2017 12:30:28 -0500

[Message part 1 (text/plain, inline)]

On Thu, Dec 21, 2017 at 11:15:46AM +0100, Ludovic Courtès wrote:
> Leo Famulari <leo <at> famulari.name> skribis:
> > +             ;; XXX Oops, a redefinition of the patches field, which means the
> > +             ;; patch for CVE-2016-4738 is not used. Fixed in the definition of
> > +             ;; libxslt-fixed below.
> >               (patches (search-patches "libxslt-generated-ids.patch"))))
> 
> Oops, indeed!  You can remove the unused ‘patches’ line while you’re at it.

I commented it out and pushed as
0c9c9526bb3fb665997b3b054f8b57ffdb559043.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 7 years and 231 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #29797 [PATCH] gnu: libxslt: Fix CVE-2017-5029 and re-apply the fix for CVE-2016-4738.

GNU bug report logs - #29797
[PATCH] gnu: libxslt: Fix CVE-2017-5029 and re-apply the fix for CVE-2016-4738.