Summary: | dev-ruby/nokogiri-1.10.3 version bump | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Anton Bolshakov <anton.bugs> |
Component: | Current packages | Assignee: | Gentoo Ruby Team <ruby> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 684206 | ||
Bug Blocks: |
Description
Anton Bolshakov
2019-01-14 03:31:25 UTC
1.10.3 / 2019-04-22 Security Notes [MRI] Pulled in upstream patch from libxslt that addresses CVE-2019-11068. Full details are available in #1892. Note that this patch is not yet (as of 2019-04-22) in an upstream release of libxslt. (In reply to Jeroen Roovers from comment #1) > 1.10.3 / 2019-04-22 > Security Notes > [MRI] Pulled in upstream patch from libxslt that addresses CVE-2019-11068. > Full details are available in #1892. Note that this patch is not yet (as of > 2019-04-22) in an upstream release of libxslt. We use unbundled libxml2 and libxslt in Gentoo. I have filed a bug for libxslt. graaff: dev-libs/libxslt-1.1.33-r1 now in the tree with the vuln fixed. dev-ruby/nokogiri-1.10.3 has been added. |