Overview
Request 356073 accepted
- lockdown mini_portile2 to 2.0
- update to version 1.6.7.2
This version pulls in several upstream patches to the vendored
libxml2 and libxslt to address:
CVE-2015-7499
Ubuntu classifies this as "Priority: Low", RedHat classifies this
as "Impact: Moderate", and NIST classifies this as "Severity: 5.0
(MEDIUM)".
MITRE record is
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
This is not effecting us as we are using the system copy.
- refresh mini_portile patch to apply cleanly again
old: nokogiri-1.6.7.diff
new: nokogiri-1.6.7.2_mini_portile2_version.diff
- fix buildrequires for mini_portile
Request History
darix created request
- lockdown mini_portile2 to 2.0
- update to version 1.6.7.2
This version pulls in several upstream patches to the vendored
libxml2 and libxslt to address:
CVE-2015-7499
Ubuntu classifies this as "Priority: Low", RedHat classifies this
as "Impact: Moderate", and NIST classifies this as "Severity: 5.0
(MEDIUM)".
MITRE record is
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
This is not effecting us as we are using the system copy.
- refresh mini_portile patch to apply cleanly again
old: nokogiri-1.6.7.diff
new: nokogiri-1.6.7.2_mini_portile2_version.diff
- fix buildrequires for mini_portile
darix accepted request
force accept
