GNU bug report logs - #36424
expat-2.2.7 for CVE-2018-20843

Previous Next

Package: guix-patches;

Reported by: Jack Hill <jackhill <at> jackhill.us>

Date: Fri, 28 Jun 2019 19:57:02 UTC

Severity: normal

Tags: security

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jack Hill <jackhill <at> jackhill.us>
To: guix-patches <at> gnu.org
Subject: expat-2.2.7 for CVE-2018-20843
Date: Fri, 28 Jun 2019 15:56:42 -0400 (EDT)

Hi Guix,

Sebastian Pipping recently wrote to guix-devel@ about expat-2.2.7 which 
fixes CVE-2018-20843 [0]. I've prepared the forthcoming patch to add a 
replacement for expat with expat-2.2.7. I also changed the origin to use 
the GitHub hosted tarball as upstream is moving in that direction.

[0] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843

Best,
Jack

This bug report was last modified 5 years and 317 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #36424 expat-2.2.7 for CVE-2018-20843

GNU bug report logs - #36424
expat-2.2.7 for CVE-2018-20843