On Mon, Sep 26, 2016 at 11:21:07AM +0300, Efraim Flashner wrote:
> On Sun, Sep 25, 2016 at 07:18:11PM -0400, Leo Famulari wrote:
> > On Mon, Sep 12, 2016 at 05:35:15PM -0400, Leo Famulari wrote:
> > > This patch applies an upstream patch for a regression caused by the fix
> > > for CVE-2016-0718.
On Sun, Sep 25, 2016 at 07:18:11PM -0400, Leo Famulari wrote:
> On Mon, Sep 12, 2016 at 05:35:15PM -0400, Leo Famulari wrote:
> > This patch applies an upstream patch for a regression caused by the fix
> > for CVE-2016-0718.
> >
> > Apparently, the bug only manifests when building with -DXML_UNIC
On Mon, Sep 12, 2016 at 05:35:15PM -0400, Leo Famulari wrote:
> This patch applies an upstream patch for a regression caused by the fix
> for CVE-2016-0718.
>
> Apparently, the bug only manifests when building with -DXML_UNICODE,
> which I don't think our package does.
Sebastian Pipping (the Exp
On Tue, Sep 13, 2016 at 11:54:09PM +0200, Ludovic Courtès wrote:
> It’s enough to have the patch in ‘core-updates’ only, but I could go
> either way. WDYT?
I could go either way, too. It depends on how much we want to support
use of Guix outside of our package tree.
At least we have made the iss
Hello,
Leo Famulari skribis:
> This patch applies an upstream patch for a regression caused by the fix
> for CVE-2016-0718.
>
> Apparently, the bug only manifests when building with -DXML_UNICODE,
> which I don't think our package does.
I rebuilt it with --check and can confirm that XML_UNICOD
This patch applies an upstream patch for a regression caused by the fix
for CVE-2016-0718.
Apparently, the bug only manifests when building with -DXML_UNICODE,
which I don't think our package does.
Bug report:
https://sourceforge.net/p/expat/bugs/539/
Source of patch:
https://sourceforge.net/p/