maintainer-feedback requested: [Bug 270906] textproc/libxml2: SecurityUpdate to 2.10.4
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 270906] textproc/libxml2: SecurityUpdate to 2.10.4"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 18 Apr 2023 02:43:50 UTC
Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-desktop (Team) <desktop@FreeBSD.org> for maintainer-feedback: Bug 270906: textproc/libxml2: SecurityUpdate to 2.10.4 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270906 --- Description --- fix: PORTCLIPPY(1) Compliant LIBXML2_SLAVE STRIP shared object files v2.10.4: Apr 11 2023 ### Security - [CVE-2023-29469] Hashing of empty dict strings isn't deterministic - [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType - schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK ### Regressions - SAX2: Ignore namespaces in HTML documents - io: Fix "buffer full" error with certain buffer sizes