Discussion:
maintainer-feedback requested: [Bug 256436] textproc/libxml2: Update to 2.9.12
b***@freebsd.org
2021-06-06 09:42:46 UTC
Permalink
Bugzilla Automation <***@FreeBSD.org> has asked freebsd-desktop (Team)
<***@FreeBSD.org> for maintainer-feedback:
Bug 256436: textproc/libxml2: Update to 2.9.12
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256436



--- Description ---
Update libxml2 to 2.9.12
Backport following commits:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/85b1792e37b131e7a51af98a37f9247
2e8de5f3f
https://gitlab.gnome.org/GNOME/libxml2/-/commit/13ad8736d294536da4cbcd70a96b0a2
fbf47070c
https://gitlab.gnome.org/GNOME/libxml2/-/commit/3e1aad4fe584747fd7d17cc7b2863a7
8e2d21a77

Compile and runtime tested on 13.0-STABLE #0 stable/13-n245227-5ec4eb443e8
(amd64) (make, make check-plist, make test)
Poudriere testport OK 12.2-RELEASE (amd64)
Poudriere testport OK 11.4-RELEASE (amd64)

textproc/py-libxml2:
Poudriere testport OK 12.2-RELEASE (amd64)
Poudriere testport OK 11.4-RELEASE (amd64)
b***@freebsd.org
2021-06-06 09:43:36 UTC
Permalink
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256436

Daniel Engberg <***@pyret.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@pyret.
| |net

--- Comment #1 from Daniel Engberg <***@pyret.net> ---
When compiling tests -pthread needs to passed, not sure how to handle that in a
nice way (see patch).
--
You are receiving this mail because:
You are the assignee for the bug.
b***@freebsd.org
2021-06-06 12:27:18 UTC
Permalink
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256436

Kubilay Kocak <***@FreeBSD.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Summary|textproc/libxml2: Update to |textproc/libxml2: Update to
|2.9.12 |2.9.12 (fixes several
| |vulnerabilities)
Severity|Affects Only Me |Affects Many People
Keywords| |needs-qa, security
Priority|--- |Normal
CC| |ports-***@FreeBSD.org
Flags| |merge-quarterly?
Status|New |Open

--- Comment #2 from Kubilay Kocak <***@FreeBSD.org> ---
^Triage: Security and bugfix releases, MFH.

@Daniel Is there a canonical source for the 2.9.10-12 release notes? I see only
a single CVE reference for .11 (CVE-2021-3541) but see other CVE's being
referenced elsewhere online that affect .10 too.

CVE-2019-20388
CVE-2020-24977
CVE-2021-3517
CVE-2021-3518
CVE-2021-3537
CVE-2021-3516
CVE-2020-7595
--
You are receiving this mail because:
You are the assignee for the bug.
b***@freebsd.org
2021-06-06 13:08:43 UTC
Permalink
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256436

--- Comment #3 from Daniel Engberg <***@pyret.net> ---
@Koobs

https://gitlab.gnome.org/GNOME/libxml2/-/commit/b48e77cf4f6fa0792c5f4b639707a2b0675e461b

That's the only commit between .11 and .12

There's no (to my knowledge) other source by upstream except for the commit
log.
--
You are receiving this mail because:
You are the assignee for the bug.
Loading...