From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34209)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dnVWV-0007id-8S
	for guix-patches@gnu.org; Thu, 31 Aug 2017 15:53:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dnVWQ-0006M8-Dn
	for guix-patches@gnu.org; Thu, 31 Aug 2017 15:53:07 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:57643)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1dnVWQ-0006Lz-4O
	for guix-patches@gnu.org; Thu, 31 Aug 2017 15:53:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dnVWP-0000vN-UO
	for guix-patches@gnu.org; Thu, 31 Aug 2017 15:53:01 -0400
Subject: bug#28294: [PATCH] gnu: libxml2: Fix CVE-2017-{0663, 7375, 7376, 9047,
	9048, 9049, 9050}.
Resent-To: guix-patches@gnu.org
Resent-Message-ID: <handler.28294.D28294.15042091753534.done@debbugs.gnu.org>
From: Marius Bakke <mbakke@fastmail.com>
In-Reply-To: <87y3q0ow9h.fsf@gmail.com>
References: <87inh5uqpd.fsf@gmail.com> <87inh4lw7y.fsf@fastmail.com>
	<87y3q0ow9h.fsf@gmail.com>
Date: Thu, 31 Aug 2017 21:52:49 +0200
Message-ID: <87k21jjyzy.fsf@fastmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Alex Vong <alexvong1995@gmail.com>
Cc: 28294-done@debbugs.gnu.org

--=-=-=
Content-Type: text/plain

Alex Vong <alexvong1995@gmail.com> writes:

> Marius Bakke <mbakke@fastmail.com> writes:
>
>> Alex Vong <alexvong1995@gmail.com> writes:
>>
>>> Severity: important
>>> Tags: patch security
>>>
>>> Hi,
>>>
>>> This patch fixes CVEs of libxml2. The changes to 'runtest.c' in
>>> 'libxml2-CVE-2017-9049+CVE-2017-9050.patch are removed since they
>>> introduce test failure. The changes only enable new tests so it should
>>> be fine to remove them.
>>
>> Thanks for this!  I think we have to graft this fix since changing
>> 'libxml2' would rebuild 2/3 of the tree.  Can you try that?
>>
>> PS: Do you have a Savannah account?  I'm sure Ludo or someone can add
>> you given the steady rate of quality commits.
>
> Sure, here is the new patch:

Pushed, thanks!  I added tabs before the line breaks in gnu/local.mk,
but otherwise untouched.

Side note: I think we should start adding patches as origins instead of
copying them wholesale, to try and keep the git repository slim.

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlmoaRIACgkQoqBt8qM6
VPpsYAf/Y02dcsAJHQm5cl+xuYVxoplU82N55Xgl+wr6LwcnhNsntBtCqsAnlhqd
W/8nDw87P+j4SlD2kXjGPDtu2taxYIskpqr82nNH9613dOnGO5Q3G2ZIWUXiRehH
ew0OiKkBLakEj09caeUIef5ckjjFt4wqxuvRIpktaaA04r45Cik1iehru8CLlLHr
1r+ffZE7todyYqcTA3+qdP8Hw5CT0pWjLc2Eds/hMsEUXdmpP3i9wk6+LwrfKHdF
NJAcpTYS/nB9EnD5x/grjzM0+ZNc/xl5MxMJThl1XmzQz0TUsCDdtceWzr85hXHH
9zPDL6Ur9z0Yntxd8WZpQOi68GP0FA==
=7x2G
-----END PGP SIGNATURE-----
--=-=-=--