[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 14 Jun 2021 15:47:51 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256121

Tobias C. Berner <tcberner_at_freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|FIXED                       |---
             Status|Closed                      |Open

--- Comment #6 from Tobias C. Berner <tcberner_at_freebsd.org> ---
(In reply to Bryan Drewery from comment #5)
Moin moin 

It's a bigger step from 2.2.10 (instead of 2.3.0) to 2.4.1 there -- so I did
not really want to risk breakage. But given the CVE that is probably a risk
worth taking.

I guess I will risk it :)


mfg Tobias

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Mon Jun 14 2021 - 15:47:51 UTC

Original text of this message