[debbugs-tracker] bug#36424: closed (expat-2.2.7 for CVE-2018-20843)

[GNU bug Tracking System]

Your message dated Fri, 12 Jul 2019 01:00:32 +0200
with message-id <address@hidden>
and subject line Re: [bug#36424] expat-2.2.7 for CVE-2018-20843
has caused the debbugs.gnu.org bug report #36424,
regarding expat-2.2.7 for CVE-2018-20843
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden.)


-- 
36424: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=36424
GNU Bug Tracking System
Contact address@hidden with problems
> --- Begin Message ---
>
>
>
> Subject: 
>
> expat-2.2.7 for CVE-2018-20843
>
>
>
>
> Date: 
>
> Fri, 28 Jun 2019 15:56:42 -0400 (EDT)
>
>
>
>
> User-agent: 
>
> Alpine 2.20 (DEB 67 2015-01-07)
>
>
>
>
> Hi Guix,
>
> Sebastian Pipping recently wrote to guix-devel@ about expat-2.2.7 which 
> fixes CVE-2018-20843 [0]. I've prepared the forthcoming patch to add a 
> replacement for expat with expat-2.2.7. I also changed the origin to use 
> the GitHub hosted tarball as upstream is moving in that direction.
>
> [0] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
>
> Best,
> Jack
>
>
>
> --- End Message ---

--- Begin Message --- Subject: Re: [bug#36424] expat-2.2.7 for CVE-2018-20843 Date: Fri, 12 Jul 2019 01:00:32 +0200 User-agent: Notmuch/0.29.1 (https://notmuchmail.org) Emacs/26.2 (x86_64-pc-linux-gnu)

Jack Hill <address@hidden> writes:

> Please find updated patch files attached, that I think take into account 
> Marius's suggestions (thanks Marius!)

Thank you!  I made a tiny tweak to use char=? instead of equal=? for the
character comparison.

Pushed as 5a836ce38c9c29e9c2bd306007347486b90c5064.

signature.asc
Description: PGP signature

--- End Message ---