On Mon, Sep 20, 2021 at 11:41:38AM +0200, Vincent Lefevre wrote: > Please also make sure that the NEWS file is up-to-date; see my other > message. This is also useful for the user when getting regressions > in general (possibly from bug fixes like here).
I'm not sure I'd like to add such item to the Debian's NEWS. It would stop updates for too many users that most likely are not affected. For now, you are really the only one that brought up this issue. > BTW, the error message should be more detailed, e.g. saying which > entity and which URI. This would have made debugging so much easier. > But that's a separate issue; I'll report a bug upstream if this has > not already been done. It hasn't been done, so you should raise a bug with them if you think they should. > I'm wondering whether this check for invalid redeclarations of > predefined entities should also go to Debian/stable since it fixes > an integer overflow at the same time: > > https://gitlab.gnome.org/GNOME/libxml2/-/issues/217 > > Any security issue related to that? AFAIK not yet at least. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
