From mboxrd@z Thu Jan  1 00:00:00 1970
From: Kei Kebreau <kei@openmailbox.org>
Subject: Re: Libxslt CVE-2016-4738
Date: Tue, 08 Nov 2016 20:49:42 -0500
Message-ID: <87inrx777t.fsf@openmailbox.org>
References: <20161108221616.GA2468@jasmine>
	<87lgwt79m9.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46940)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kei@openmailbox.org>) id 1c4I1a-0002OE-Qe
	for guix-devel@gnu.org; Tue, 08 Nov 2016 20:50:03 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kei@openmailbox.org>) id 1c4I1W-0005v1-Pw
	for guix-devel@gnu.org; Tue, 08 Nov 2016 20:50:02 -0500
Received: from smtp18.openmailbox.org ([62.4.1.52]:51349
	helo=smtp3.openmailbox.org)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <kei@openmailbox.org>) id 1c4I1W-0005u3-HL
	for guix-devel@gnu.org; Tue, 08 Nov 2016 20:49:58 -0500
In-Reply-To: <87lgwt79m9.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	(Marius Bakke's message of "Wed, 09 Nov 2016 00:57:50 +0000")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain

Marius Bakke <mbakke@fastmail.com> writes:

> Leo Famulari <leo@famulari.name> writes:
>
>> Here is a patch to fix CVE-2016-4738 in libxslt.
>> From 1cbfeb5bb98924eddf1726fe56987fd1d282e7f8 Mon Sep 17 00:00:00 2001
>> From: Leo Famulari <leo@famulari.name>
>> Date: Tue, 8 Nov 2016 17:12:01 -0500
>> Subject: [PATCH] gnu: libxslt: Fix CVE-2016-4738.
>>
>> * gnu/packages/patches/libxslt-CVE-2016-4738.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Add it.
>> * gnu/packages/xml.scm (libxslt)[replacement]: New field.
>> (libxslt/fixed): New variable.
>
> Yay, more grafts ;)
Aw yeah!

>
> Anyway, LGTM, thanks!

LGTM as well!

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYIoC2AAoJEOal7jwZRnoNaf0P+gLyI36QaMmr65HI5J4SOKUc
9VnF3WCT6xw1O5wo6+33wNndoj8EvHklrV29k66IOuNlinPbsTKwhGdBd32JCtps
I7p0FjVuy5RVCjzbPm+ITScPnKKNKzmRyd7vUkwdVUCDM7rlMdRj8/ljw3OUKhnr
TY84T/VcOo2HAYlRivG7iwk8Gox6U1oE2UghJTsrIS1g7yqGrWR0sIdsd/kN4qKN
8KGTm06t2p3SB8RZBCR9dEaYVS+tLJg0Q50cCj5+ELWXIOrGn1TEPybip0qx39bO
eeoMdY1DJShtklcpiMG/hC6zXWB7mgITcBWY5mzEyen4BbK3ZDhTg6uodCPvj76P
1pY1IkRU3eXp2WNUlWC0lxztvCQvZh+OQqHERMfF4s43MbOKbwCnhU1ZaZxEf6E/
FDR7EYGs3g7zpOe/yZXvo5xzS1BnErMHUXqfschcVzxa/dedv48wN5RCZDLjVik5
p0zLDA87lILhWc7L/cspXSuzDqgiC4oTWXlbUWS18ztCTJHIc2IruqXWW6trFQUu
axVenqbZErHaU4Vod9CanfwzXeCEeUyN73tvJ7LSabPpNE4mqEwX4AepUDCF9d8y
TIq4+gb2bdQ0Yz6hbqRZKr5cvWrNH5rmTGR8hth1lV8i9o+sdfifPfBfnYh/IUN1
NcDiJMrk+XORVTvyg6D8
=HZfu
-----END PGP SIGNATURE-----
--=-=-=--