----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://git.reviewboard.kde.org/r/118270/#review59243 -----------------------------------------------------------
This review has been submitted with commit d4fca9ffb31a2383459c89b27f81b10b7ddece1a by Luigi Toscano to branch KDE/4.13. - Commit Hook On June 3, 2014, 1:50 p.m., Luigi Toscano wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://git.reviewboard.kde.org/r/118270/ > ----------------------------------------------------------- > > (Updated June 3, 2014, 1:50 p.m.) > > > Review request for Documentation, KDE Frameworks, kdelibs, Rohan Garg, > Jonathan Riddell, Luc Menut, and Rex Dieter. > > > Bugs: 335001 > http://bugs.kde.org/show_bug.cgi?id=335001 > > > Repository: kdelibs > > > Description > ------- > > Use the more modern API function for XML loading and enable the flags which > load the external entities, so that meinproc4 can work > again after the security changes implemented for CVE-2014-0191. > Without this change meinproc4 complains (see the referenced bug) > > The fix (half of the patch, the other half is on code which was removed) > applies to KF5 too, hence the group. > > My tests shows that the documentation cache is properly generated as before, > and the patch should work even on the old > > Packagers (Ubuntu packagers in CC, as Ubuntu is one of the few distributions > where libxml2 has been already patched) could you please test it with a fixed > libxml and without, and if possible with KF5 as well? > > > Diffs > ----- > > kdoctools/meinproc.cpp 0894d63 > kdoctools/xslt.cpp a7265ca > > Diff: https://git.reviewboard.kde.org/r/118270/diff/ > > > Testing > ------- > > meinproc4 works again > > > Thanks, > > Luigi Toscano > >