Created attachment 250706 [details] Patch for libxml2 Compile and runtime tested on FreeBSD 14.0-RELEASE (amd64) (make, make check-plist, make test) Poudriere testport OK 14.0-RELEASE (amd64) Poudriere testport OK 13.2-RELEASE (amd64)
Hi, I'd like to request an exp-run (a small one I've run locally looks fine) Best regards, Daniel
libxml2 2.11.8 fixes a CVE: [CVE-2024-34459] Fix buffer overread with xmllint --htmlout So I also request an exp-run. changelog: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8
Exp-run looks fine
Lgtm, thanks.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=d3ef7b30bd225abb397346cc50204dd3a90227fd commit d3ef7b30bd225abb397346cc50204dd3a90227fd Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2024-05-26 07:01:49 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2024-05-26 07:09:15 +0000 textproc/libxml2: Update to 2.11.8 Fixes CVE-2024-34459 Reference: https://www.cve.org/CVERecord?id=CVE-2024-34459 Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8 PR: 279043 Approved by: desktop (tcberner) Sponsored by: Blinkinblox Exp-run by: antoine textproc/libxml2/Makefile | 2 +- textproc/libxml2/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Thanks!