[xml/sgml-pkgs] Bug#993638: Bug#993638: libxml2: XHTML 1.0 validation is broken
Mattia Rizzolo
mattia at debian.org
Mon Sep 20 11:11:17 BST 2021
On Mon, Sep 20, 2021 at 11:41:38AM +0200, Vincent Lefevre wrote:
> Please also make sure that the NEWS file is up-to-date; see my other
> message. This is also useful for the user when getting regressions
> in general (possibly from bug fixes like here).
I'm not sure I'd like to add such item to the Debian's NEWS. It would
stop updates for too many users that most likely are not affected. For
now, you are really the only one that brought up this issue.
> BTW, the error message should be more detailed, e.g. saying which
> entity and which URI. This would have made debugging so much easier.
> But that's a separate issue; I'll report a bug upstream if this has
> not already been done.
It hasn't been done, so you should raise a bug with them if you think
they should.
> I'm wondering whether this check for invalid redeclarations of
> predefined entities should also go to Debian/stable since it fixes
> an integer overflow at the same time:
>
> https://gitlab.gnome.org/GNOME/libxml2/-/issues/217
>
> Any security issue related to that?
AFAIK not yet at least.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
More about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-xml-sgml-pkgs/attachments/20210920/cdabc8f0/attachment.sig>
More information about the debian-xml-sgml-pkgs
mailing list