See https://gitlab.gnome.org/GNOME/libxslt/-/commit/50f9c9cd3b7dfe9b3c8c795247752d1fdcadcac8 and https://gitlab.gnome.org/GNOME/libxslt/-/issues/56.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0 commit 76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-10-29 15:26:36 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-10-29 15:28:24 +0000 dev-libs/libxslt: fix tests with newer libxml2; patch CVE-2021-30560 Note that we're now depending on >= .11 of libxml2 just to be safe, even though some of the patches seem to have compatibility guards, not all do - and upstream develop these in tandem anyway. Closes: https://bugs.gentoo.org/790218 Bug: https://bugs.gentoo.org/820722 Signed-off-by: Sam James <sam@gentoo.org> .../files/libxslt-1.1.34-CVE-2021-30560.patch | 194 +++++++++++++++++++++ .../files/libxslt-1.1.34-libxml2-2.9.12.patch | 120 +++++++++++++ dev-libs/libxslt/libxslt-1.1.34-r2.ebuild | 72 ++++++++ 3 files changed, 386 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=49515c936bcad95017ac696eb33dd49f6f28e9b5 commit 49515c936bcad95017ac696eb33dd49f6f28e9b5 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-31 12:53:57 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-10-31 12:54:25 +0000 [ GLSA 202310-23 ] libxslt: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/820722 Bug: https://bugs.gentoo.org/833508 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202310-23.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+)
