Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Based on the work done in the nokogiri project to address multiple CVEs in libxml2 and libxslt. https://usn.ubuntu.com/usn/usn-3424-1/ CVE-2017-0663, CVE-2017-7375, CVE-2017-7376, CVE-2017-9047, CVE-2017-9048, CVE-2017-9049, CVE-2017-9050 sparklemotion/nokogiri#1673 sparklemotion/nokogiri#1670 SHA256 generated from downloads. Downloads verified with GPG: gpg --verify libxml2-2.9.5.tar.gz.asc libxml2-2.9.5.tar.gz gpg: Signature made Mon Sep 4 09:00:53 2017 EDT using RSA key ID 596BEA5D gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown] gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D gpg --verify libxslt-1.1.30.tar.gz.asc libxslt-1.1.30.tar.gz gpg: Signature made Mon Sep 4 09:36:06 2017 EDT using RSA key ID 596BEA5D gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown] gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D Signed-off-by: Robb Kidd <robb@thekidds.org>
- Loading branch information