Updating Libxml2 to get past a CVE #1947

johnmccrae · 2024-12-18T15:22:42Z

Description

Updating Libxml and Libxslt to overcome CVE-2024-25062

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Chore (non-breaking change that does not add functionality or fix an issue)

I have read the CONTRIBUTING document.
I have run the pre-merge tests locally and they pass.
I have updated the documentation accordingly.
I have added tests to cover my changes.
If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
All new and existing tests passed.
All commits have been signed-off for the Developer Certificate of Origin.

Signed-off-by: John McCrae <[email protected]>

sonarqubecloud · 2024-12-18T15:50:14Z

updating libxml to get past a CVE

b8ba6d2

Signed-off-by: John McCrae <[email protected]>

johnmccrae requested review from a team as code owners December 18, 2024 15:22

johnmccrae changed the title ~~updating libxml to get past a CVE~~ Updating Libxml2 to get past a CVE Dec 18, 2024

updating libxml to get past a CVE

4a178d5

Signed-off-by: John McCrae <[email protected]>

poorndm approved these changes Dec 18, 2024

View reviewed changes

poorndm added the Expeditor: Skip Version Bump Used to skip built_in:bump_version label Dec 18, 2024

poorndm merged commit 5850eac into main Dec 18, 2024
7 checks passed

poorndm deleted the jfm/libxml2-cve-update-2 branch December 18, 2024 16:32