thanks !
Yes, I have now pushed it in master, this should solve all the
issues which got reported for that CVE-2014-0191 patch
https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825
feedback welcome !
Daniel
On Tue, Jun 10, 2014 at 02:18:19PM -0700,
Hi Daniel,
Your patch works for me, thanks! One more thing you missed though:
s/parsed/parameter/ in the copy-pasted comment :)
Regards,
Alexey.
On Monday, June 09, 2014 07:06:02 am Daniel Veillard wrote:
> Pong, sorry, but was distracted with other things and I accumulated
> feedback from di
Pong, sorry, but was distracted with other things and I accumulated
feedback from different places on this issue, I would rather not have to
push 3 different patches to cover this :-)
I ended up with a rather similar but slightly more complex patch
(attached), the DTD may have to be loaded in
PING!
On Tuesday, May 20, 2014 10:06:27 PM Alexey Neyman wrote:
> [More investigation follows. Writing from a different machine, so cannot
> reply to my own email]
>
> The issue, brief summary: upgrade of libxml2 from 2.7.6-14.el6 to
> 2.7.6-14.el6_5.1 (RHEL6) broke the --postvalid/--dtdvalid opt
[More investigation follows. Writing from a different machine, so cannot reply
to my own
email]
The issue, brief summary: upgrade of libxml2 from 2.7.6-14.el6 to
2.7.6-14.el6_5.1 (RHEL6)
broke the --postvalid/--dtdvalid options.
Minimal test case:
[a.xml]
[a.dtd]
%base.dtd;
[b.d
