On Sat, May 28, 2016 at 05:33:26PM +0200, Ludovic Courtès wrote:
> Leo Famulari <l...@famulari.name> skribis:
>
> > This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839,
> > 1840, 3627, 3705, 4483}.
> >
> > * gnu/packages/patches/libxml2-CVE-2016-3627.patch,
> > gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files.
> > * gnu/local.mk (dist_patch_DATA): Remove them.
> > * gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4.
> > [source]: Remove patches.
>
> If this is claimed to be ABI-compatible with 2.9.3, fine with me.
After a few days with no reply on the upstream mailing list, and with no
problems after reconfiguring my GuixSD GNOME system with this patch, I
applied it as df2dd07b88.
https://mail.gnome.org/archives/xml/2016-May/msg00031.html
