GNU bug report logs - #73676
[PATCH] gnu: xerces-c: Update to 3.2.5. [security fixes]

Previous Next

Package: guix-patches;

Reported by: Nicolas Graves <ngraves <at> ngraves.fr>

Date: Mon, 7 Oct 2024 10:00:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#73676: closed ([PATCH] gnu: xerces-c: Update to 3.2.5.
 [security fixes])
Date: Thu, 24 Oct 2024 10:14:01 +0000

[Message part 1 (text/plain, inline)]
Your message dated Thu, 24 Oct 2024 12:12:43 +0200
with message-id <87frol24is.fsf <at> gnu.org>
and subject line Re: [bug#73676] [PATCH] gnu: xerces-c: Update to 3.2.5. [security fixes]
has caused the debbugs.gnu.org bug report #73676,
regarding [PATCH] gnu: xerces-c: Update to 3.2.5. [security fixes]
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
73676: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=73676
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Nicolas Graves <ngraves <at> ngraves.fr>
To: guix-patches <at> gnu.org
Cc: Nicolas Graves <ngraves <at> ngraves.fr>
Subject: [PATCH] gnu: xerces-c: Update to 3.2.5. [security fixes]
Date: Mon,  7 Oct 2024 11:57:02 +0200

This fixes CVE-2023-37536.

* gnu/packages/xml.scm (xerces-c): Update to 3.2.5.
---
 gnu/packages/xml.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 6fa2183592..cfd53a291a 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -1516,14 +1516,14 @@ (define-public freexl
 (define-public xerces-c
   (package
     (name "xerces-c")
-    (version "3.2.3")
+    (version "3.2.5")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://apache/xerces/c/3/sources/"
                                   "xerces-c-" version ".tar.xz"))
               (sha256
                (base32
-                "0jf1khvlssg31vkxbc25dxjxcxm56xb8nywj1sypj6hxzjlrkz0j"))))
+                "0c42jhnhq63yzvj8whl5dpzf7p1lnd6h00kzpz4ipcj5aq1ycfb2"))))
     (build-system gnu-build-system)
     (arguments
      (let ((system (or (%current-target-system)
-- 
2.46.0




[Message part 3 (message/rfc822, inline)]
From: Ludovic Courtès <ludo <at> gnu.org>
To: Nicolas Graves <ngraves <at> ngraves.fr>
Cc: 73676-done <at> debbugs.gnu.org
Subject: Re: [bug#73676] [PATCH] gnu: xerces-c: Update to 3.2.5. [security
 fixes]
Date: Thu, 24 Oct 2024 12:12:43 +0200

Nicolas Graves <ngraves <at> ngraves.fr> skribis:

> This fixes CVE-2023-37536.
>
> * gnu/packages/xml.scm (xerces-c): Update to 3.2.5.

Applied, thanks!
This bug report was last modified 263 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.