Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 622556 - dev-libs/libxml2-2.9.4-r1: Multiple vulnerabilities CVE-2017-0663, CVE-2017-9047, CVE-2017-9048, CVE-2017-9049, CVE-2017-9050
Summary: dev-libs/libxml2-2.9.4-r1: Multiple vulnerabilities CVE-2017-0663, CVE-2017-9...
Status: RESOLVED DUPLICATE of bug 618604
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2017-06-23 23:54 UTC by Andrey Ovcharov
Modified: 2017-06-28 12:47 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
libxml2-CVE-2017-0663.patch (libxml2-CVE-2017-0663.patch,1.34 KB, patch)
2017-06-23 23:54 UTC, Andrey Ovcharov 		Details | Diff
libxml2-CVE-2017-9047_CVE-2017-9048.patch (libxml2-CVE-2017-9047_CVE-2017-9048.patch,14.87 KB, patch)
2017-06-23 23:56 UTC, Andrey Ovcharov 		Details | Diff
libxml2-CVE-2017-9049_CVE-2017-9050.patch (libxml2-CVE-2017-9049_CVE-2017-9050.patch,9.40 KB, patch)
2017-06-23 23:57 UTC, Andrey Ovcharov 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrey Ovcharov 2017-06-23 23:54:10 UTC 
Created attachment 477740 [details, diff]
libxml2-CVE-2017-0663.patch

Multiple vulnerabilities CVE-2017-0663, CVE-2017-9047, CVE-2017-9048, CVE-2017-9049, CVE-2017-9050 find in dev-libs/libxml2-2.9.4-r1
Comment 1 Andrey Ovcharov 2017-06-23 23:56:45 UTC 
Created attachment 477742 [details, diff]
libxml2-CVE-2017-9047_CVE-2017-9048.patch
Comment 2 Andrey Ovcharov 2017-06-23 23:57:07 UTC 
Created attachment 477744 [details, diff]
libxml2-CVE-2017-9049_CVE-2017-9050.patch
Comment 3 Jonas Stein gentoo-dev 2017-06-24 07:25:02 UTC 
Thank you.
Comment 4 Jouni Kosonen 2017-06-24 17:14:12 UTC 
Is there any hope of getting the regression patch from bug 586886#c1 included too? The PR for that last year didn't get any traction, but schema validation with the in-tree libxml2 is still borked.
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-28 12:47:53 UTC 

*** This bug has been marked as a duplicate of bug 618604 ***