PostGIS Patch Releases

Paul Ramsey pramsey at cleverelephant.ca
Tue Feb 13 16:51:43 PST 2024


Sorry, this reply didn't hit my main inbox.

On Fri, Feb 9, 2024 at 5:50 AM Greg Troxel <gdt at lexort.com> wrote:
>
> > Of particular interest to those distributing PostGIS on RHEL variants,
> > these fixes include a patch to allow XML parsing to work with the
> > latest libxml2 updates being pushed to RHEL.
>
> I don't think it is just RHEL.  As I understand it, it's any system with
> an up-to-date libxml2.  That includes pkgsrc too.
>
> Would the 3.4.1 tests have failed if built with new libxml2?  Or would
> 3.4.1 have failed to build at all?

Yes, the regression tests should have failed once you updated to a
"fixed" libxml.

> Are other systems not applying what I understand to be a security fix?
> Or do they have some other patch?

They may have another patch. If you saw your 3.4.1 was still
regressing successfully in the presence of the security updates, it
speaks to maybe the RHEL changes being the security fix and some
perhaps ill-considered other bits that change the behaviour of the
SAX1 parser in the presence of namespaced tags. (which is what broke
our parsing).

ATB,

P


More information about the postgis-users mailing list