Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: cherry-pick 81d7b3e613 from chromium #38274

Merged
merged 2 commits into from
May 17, 2023
Merged

chore: cherry-pick 81d7b3e613 from chromium #38274

merged 2 commits into from
May 17, 2023

Conversation

ppontes
Copy link
Member

@ppontes ppontes commented May 12, 2023

M112: Cherry pick libxml CVE fix

This patch cherry-picks a fix for [CVE-2023-29469] from libxml:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df

I cherry-picked these by going into my libxml checkout, checking out the
commit that libxml is at for this M112 branch, cherry-picking the CVE
fixes, then running the roll script on all platforms.

Bug: 1433328
Change-Id: Iaee58b0890f7190386cca3e430286f39ccbbdb02
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4456592
Commit-Queue: David Baron dbaron@chromium.org
Reviewed-by: David Baron dbaron@chromium.org
Commit-Queue: Joey Arhar jarhar@chromium.org
Auto-Submit: Joey Arhar jarhar@chromium.org
Cr-Commit-Position: refs/branch-heads/5615@{#1325}
Cr-Branched-From: 9c6408ef696e83a9936b82bbead3d41c93c82ee4-refs/heads/main@{#1109224}

Release Notes

Notes: Security: backported fix for CVE-2023-29469.

@ppontes ppontes added security 🔒 semver/patch backwards-compatible bug fixes backport-check-skip Skip trop's backport validity checking 22-x-y labels May 12, 2023
@ppontes ppontes requested a review from a team as a code owner May 12, 2023 22:05
@trop @jkleinsc
build: bump brew cache to v6
c99e90c 
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
(cherry picked from commit dbf9866)
@codebytere codebytere merged commit 900459e into 22-x-y May 17, 2023
13 checks passed
@codebytere codebytere deleted the cherry-pick/22-x-y/chromium/81d7b3e613 branch May 17, 2023 08:36
@release-clerk
Copy link

release-clerk bot commented May 17, 2023

Release Notes Persisted

Security: backported fix for CVE-2023-29469.

@0xmiroslav 0xmiroslav mentioned this pull request Jun 25, 2023
Merged
57 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codebytere codebytere codebytere approved these changes

Assignees
No one assigned
Labels
22-x-y backport-check-skip Skip trop's backport validity checking security 🔒 semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ppontes @codebytere