Opened 14 months ago

Closed 14 months ago

#19238 closed enhancement (fixed)

libxml2-2.12.5

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version

Change History (6)

comment:1 by Bruce Dubbs, 14 months ago

Summary: ilbxml2-2.11.7libxml2-2.11.7

comment:2 by pierre, 14 months ago

Priority: normalelevated
Summary: libxml2-2.11.7libxml2-2.12.5

Not sure why the currency script picked 2.11.7. The most recent is 2.12.5 (released as the same time), and we have 2.12.4 in the book:

v2.12.5: Feb 4 2024

### Security

  • [CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking

### Regressions

  • parser: Fix crash in xmlParseInNodeContext with HTML documents

More details on CVE at https://gitlab.gnome.org/GNOME/libxml2/-/issues/604

in reply to:  2 comment:3 by Bruce Dubbs, 14 months ago

Replying to pierre:

Not sure why the currency script picked 2.11.7. The most recent is 2.12.5 (released as the same time), and we have 2.12.4 in the book:

v2.12.5: Feb 4 2024

Indeed. Currency is using https://gitlab.gnome.org/api/v4/projects/1665/releases/permalink/latest and it returns 2.11.7. I will investigate.

comment:4 by Douglas R. Reno, 14 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:5 by Douglas R. Reno, 14 months ago

Fixed at 18381fd0b0ef506a39232a642e603706fbf4c982

Leaving open for the SA, should have that done in a few minutes

comment:6 by Douglas R. Reno, 14 months ago

Resolution: fixed
Status: assignedclosed

SA-12.0-087 issued

Note: See TracTickets for help on using tickets.