[Bug 210298] textproc/libxslt: Update to 1.1.29
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jun 20 19:09:22 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210298
--- Comment #10 from commit-hook at freebsd.org ---
A commit references this bug:
Author: feld
Date: Mon Jun 20 19:08:32 UTC 2016
New revision: 417173
URL: https://svnweb.freebsd.org/changeset/ports/417173
Log:
Update vuxml for libxslt vulnerabilities
These vulnerabilities were previously reported by Google as they bundle
libxslt with Chrome. When we patched Chromium to address these
vulnerabilites it was overlooked that we do not bundle libxslt library
with Chromium, but instead use textproc/libxslt. Chromium users have
continued to be vulnerable to these CVEs as a result. This update fixes
the Chromium CVE entry and adds a separate one for libxslt.
PR: 210298
Security: CVE-2016-1683
Security: CVE-2016-1684
Changes:
head/security/vuxml/vuln.xml
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
More information about the freebsd-gnome
mailing list