From 40074520d171d4b2f468db3ba26a9079892a7146 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Thu, 13 Apr 2023 01:06:52 +0000 Subject: [PATCH] =?UTF-8?q?libxml2:=202.10.3=20=E2=86=92=202.10.4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://gitlab.gnome.org/GNOME/libxml2/-/compare/v2.10.3...v2.10.4 - CVE-2023-29469: Hashing of empty dict strings isn't deterministic - CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexType --- pkgs/development/libraries/libxml2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 23123940057..a5eafa0fdec 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -34,7 +34,7 @@ in let libxml = stdenv.mkDerivation rec { pname = "libxml2"; - version = "2.10.3"; + version = "2.10.4"; outputs = [ "bin" "dev" "out" "doc" ] ++ lib.optional pythonSupport "py" @@ -43,7 +43,7 @@ libxml = stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/libxml2/${lib.versions.majorMinor version}/libxml2-${version}.tar.xz"; - sha256 = "XSzD14vsPb4hKp1/pimtolp9qSivQyyTBg/1wX7iipw="; + sha256 = "7QyRxYRQCPGTZznk7uIDVTHByUdCxlQfRO5m2IWUjUU="; }; patches = [