Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 38855A65D1 for ; Mon, 3 Nov 2014 08:05:09 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id DC0CF14A198; Mon, 3 Nov 2014 08:05:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id ED1C814A17D for ; Mon, 3 Nov 2014 08:05:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id LBHYQdVyhILm for ; Mon, 3 Nov 2014 08:05:03 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 32C5314A172 for ; Mon, 3 Nov 2014 08:05:03 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 307BC98; Mon, 3 Nov 2014 08:05:03 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Mon, 3 Nov 2014 08:05:03 +0000 From: "OBATA Akio" Subject: CVS commit: pkgsrc/emulators/suse131_libxml2 To: pkgsrc-changes@NetBSD.org Reply-To: obache@netbsd.org X-Mailer: log_accum Message-Id: <20141103080503.307BC98@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: obache Date: Mon Nov 3 08:05:03 UTC 2014 Modified Files: pkgsrc/emulators/suse131_libxml2: Makefile distinfo Log Message: Apply following Security updates, resolve one CVE, but remove one CVE fix. Bump PKGREVISION to 3. ============================================================================== openSUSE Security Update: libxml2, python-libxml2: Reverted patch for CVE-2014-0191 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0753-1 Rating: moderate References: #876652 Cross-References: CVE-2014-0191 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Removed fix for CVE-2014-0191. This fix breaks existing applications and there's currently no way to prevent that. ============================================================================== openSUSE Security Update: update to fix CVE-2014-3660 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:1330-1 Rating: moderate References: #901546 Cross-References: CVE-2014-3660 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update fixes a denial of service vulnerability when expanding recursive entity (CVE-2014-3660) bnc#901546 To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 pkgsrc/emulators/suse131_libxml2/Makefile cvs rdiff -u -r1.3 -r1.4 pkgsrc/emulators/suse131_libxml2/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.