Date: Tue, 18 Apr 2023 02:43:50 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 270906] textproc/libxml2: SecurityUpdate to 2.10.4 Message-ID: <bug-270906-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270906 Bug ID: 270906 Summary: textproc/libxml2: SecurityUpdate to 2.10.4 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: desktop@FreeBSD.org Reporter: takefu@airport.fm Flags: maintainer-feedback?(desktop@FreeBSD.org) Assignee: desktop@FreeBSD.org Created attachment 241552 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D241552&action= =3Dedit libxml2-2.10.4.patch fix: PORTCLIPPY(1) Compliant LIBXML2_SLAVE STRIP shared object files v2.10.4: Apr 11 2023 ### Security - [CVE-2023-29469] Hashing of empty dict strings isn't deterministic - [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType - schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK ### Regressions - SAX2: Ignore namespaces in HTML documents - io: Fix "buffer full" error with certain buffer sizes --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-270906-7788>