[Bug 210298] textproc/libxslt: Update to 1.1.29, includes fix for CVE-2015-7995

Wed Jun 15 09:47:27 UTC 2016

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210298

Vladimir Krstulja <vlad-fbsd at acheronmedia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|textproc/libxslt outdated   |textproc/libxslt: Update to
                   |                            |1.1.29, includes fix for
                   |                            |CVE-2015-7995
                 CC|                            |ports-secteam at FreeBSD.org
           Keywords|                            |needs-patch, needs-qa,
                   |                            |security

--- Comment #1 from Vladimir Krstulja <vlad-fbsd at acheronmedia.com> ---
Thanks for the request. Well, according to the NEWS file, we have a security
fix in 1.1.29 as well. CC ports-secteam.

@ports-secteam: 

* https://git.gnome.org/browse/libxslt/tree/NEWS (1.1.29: May 24 2016)

  CVE-2015-7995 Fix for type confusion in preprocessing attributes (Daniel
Veillard)

I'll try prepare the patch...

-- 
You are receiving this mail because:
You are the assignee for the bug.