From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: Libxslt CVE-2016-4738
Date: Wed, 9 Nov 2016 10:20:55 -0500
Message-ID: <20161109152055.GA31320@jasmine>
References: <20161108221616.GA2468@jasmine>
	<87lgwt79m9.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="zhXaljGHf11kAtnf"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49227)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1c4UgW-0003bK-I9
	for guix-devel@gnu.org; Wed, 09 Nov 2016 10:21:12 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1c4UgQ-0004DE-8N
	for guix-devel@gnu.org; Wed, 09 Nov 2016 10:21:08 -0500
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:55217)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1c4UgP-00049b-Tm
	for guix-devel@gnu.org; Wed, 09 Nov 2016 10:21:02 -0500
Content-Disposition: inline
In-Reply-To: <87lgwt79m9.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: guix-devel@gnu.org


--zhXaljGHf11kAtnf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 09, 2016 at 12:57:50AM +0000, Marius Bakke wrote:
> Leo Famulari <leo@famulari.name> writes:
>=20
> > Here is a patch to fix CVE-2016-4738 in libxslt.
> > From 1cbfeb5bb98924eddf1726fe56987fd1d282e7f8 Mon Sep 17 00:00:00 2001
> > From: Leo Famulari <leo@famulari.name>
> > Date: Tue, 8 Nov 2016 17:12:01 -0500
> > Subject: [PATCH] gnu: libxslt: Fix CVE-2016-4738.
> >
> > * gnu/packages/patches/libxslt-CVE-2016-4738.patch: New file.
> > * gnu/local.mk (dist_patch_DATA): Add it.
> > * gnu/packages/xml.scm (libxslt)[replacement]: New field.
> > (libxslt/fixed): New variable.
>=20
> Yay, more grafts ;)
>=20
> Anyway, LGTM, thanks!

Thanks for the reviews. Pushed as
0b34b58688ac0d9bc0e2700acf82269e67ccdfa3

--zhXaljGHf11kAtnf
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYIz7XAAoJECZG+jC6yn8ISJ4QAIy9wEHDGevrLFnz3QdguYkg
a8nbSnuhq0zRROyX+OyEA7Vi7cvyQ6a0rvXQfiXDwyDh45bcwf8/sqF3qDorx/v/
IVX7ycIPBgN0eJjUdr9Yn+Mxnj6DsWoRisGujtRiWwrwpp4vgRIo6ilf2s+fGRWM
be1Ss4ts802EC0zx08CjWbswzyodS6tCR3zOYBBlN2hBMNSwm6npvtLws03Zuhb5
9youatQDLpvcy6DJvvroZ7jhpgTzS1cyH/JdKzOlL2GW2kmbbw9zXLCszAUSxls8
Z3jWdTU6e5NXqLczXkloRMlGFIrq3Hmi8NbbLRCKcqQUd0ZKjMz6CEpvhqnSVN6Z
vf0w/OWfMBrQmJDMK28x62EsLxC6q671Wm6Os0E3hX0KMNZGTSxGQWoX7rJhtFF0
7sBwMKkadGrDE1A1aNW9tiw5IDr2Jye1w9u8PRzw3x87kvA59oWYO7vsIInY0GzI
ZKVZ4LpBvVpfBWKME+M8J31QEy7dUPHG0XI548uMzkGyTdHCyvBZXhFlO2NcRucY
i/pPBvLM99ULgmkowLJjnTxqsnWWq0jJKsMHw5FHHmoyaK4yr1cuVdNbVB1V+PJI
ueGC3UQUrxx/DIB6/Vmb96/QbvLX2LH1GE46dsTHYcvIq6cBPP9fQdJLXPxk48Mk
ZaOhXmUfQBBSc0dqym83
=CHnR
-----END PGP SIGNATURE-----

--zhXaljGHf11kAtnf--