Bug 820722

Comment 1 Larry the Git Cow 2021-10-29 15:28:38 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0

commit 76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-10-29 15:26:36 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-10-29 15:28:24 +0000

    dev-libs/libxslt: fix tests with newer libxml2; patch CVE-2021-30560
    
    Note that we're now depending on >= .11 of libxml2 just to be safe,
    even though some of the patches seem to have compatibility guards,
    not all do - and upstream develop these in tandem anyway.
    
    Closes: https://bugs.gentoo.org/790218
    Bug: https://bugs.gentoo.org/820722
    Signed-off-by: Sam James <sam@gentoo.org>

 .../files/libxslt-1.1.34-CVE-2021-30560.patch      | 194 +++++++++++++++++++++
 .../files/libxslt-1.1.34-libxml2-2.9.12.patch      | 120 +++++++++++++
 dev-libs/libxslt/libxslt-1.1.34-r2.ebuild          |  72 ++++++++
 3 files changed, 386 insertions(+)

Comment 2 Larry the Git Cow 2023-10-31 12:54:31 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=49515c936bcad95017ac696eb33dd49f6f28e9b5

commit 49515c936bcad95017ac696eb33dd49f6f28e9b5
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-10-31 12:53:57 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-10-31 12:54:25 +0000

    [ GLSA 202310-23 ] libxslt: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/820722
    Bug: https://bugs.gentoo.org/833508
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202310-23.xml | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)