Changeset 0ea2a4a

Timestamp:

07/05/2019 06:46:15 PM (5 years ago)

Author:

Douglas R. Reno <renodr@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 9.0, 9.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

1908704

Parents:

9a121c0

Message:

Add security patch for libxslt, fixing CVE-2019-11068, a security framework bypass.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@21807 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:

• general/genlib/libxslt.xml (modified) (2 diffs)
• introduction/welcome/changelog.xml (modified) (1 diff)

general/genlib/libxslt.xml

@@ -69 +69 @@
         <para>
           Estimated build time: &libxslt-time;
+        </para>
+      </listitem>
+    </itemizedlist>
+
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>
+          Required patch:
+          <ulink url="&patch-root;/libxslt-&libxslt-version;-security_fix-1.patch"/>
         </para>
       </listitem>
@@ -115 +125 @@
   <sect2 role="installation">
     <title>Installation of libxslt</title>
+
+    <para>
+      First, install a security patch to fix a security framework bypass:
+    </para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../libxslt-&libxslt-version;-security_fix-1.patch</userinput></screen>
 
     <para>

introduction/welcome/changelog.xml

@@ -46 +46 @@
       <para>July 5th, 2019</para>
       <itemizedlist>
+        <listitem>
+          <para>[renodr] - Add security patch for libxslt, fixing CVE-2019-11068
+          (Security Framework Bypass). Fixes
+          <ulink url="&blfs-ticket-root;12209">#12209</ulink>.</para>
+        </listitem>
         <listitem>
           <para>[dj] - Add Polkit as a runtime dependency for