[Slackbuilds-users] Please patch yelp and yelp-xsl to overcome a security flaw
Willy Sudiarto Raharjo
willysr at slackbuilds.org
Tue Apr 22 01:10:49 UTC 2025
> as recommended by Michael Catanzaro:
> https://blogs.gnome.org/mcatanzaro/2025/04/15/dangerous-arbitrary-file-read-vulnerability-in-yelp-cve-2025-3155/
> I have patched locally yelp and yelp-xsl using these patches (also attached):
> https://gitlab.gnome.org/GNOME/yelp/-/issues/221#note_2359937
> against yelp-42.2 and yel-xsl-42.1 respectively
>
> I suggest that they be applied to the SlackBuilds @ SBo.
I have read the blog and the patch, but i would prefer an official patch
that has been reviewed by upstream itself.
> PS while I was at it I wanted to upgrade webkit2gtk to the last version as
> recommended by upstream for security reasons but could not because icu4c shipped
> in Slackware 15.0 is too old. I have posted about that on LQ:
> https://www.linuxquestions.org/questions/slackware-14/how-do-i-package-a-newer-icu4c-to-allow-upgrading-webkit2gtk-without-rebuilding-other-dependees-4175749884/
I also tried this before, but no luck after several attempts, so i
didn't do further research on this.
--
Willy Sudiarto Raharjo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x3F617144D7238786.asc
Type: application/pgp-keys
Size: 8363 bytes
Desc: OpenPGP public key
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20250422/5fb2b4df/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20250422/5fb2b4df/attachment-0001.asc>
More information about the SlackBuilds-users
mailing list