[Bug 287391] textproc/libxml2: security patches for 2.11.9

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 23 Jun 2025 07:29:42 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287391

--- Comment #39 from Baptiste Daroussin <bapt@FreeBSD.org> ---
libxml2 upstream claim they will not embargo anymore any issue, so if there is
a CVE it will be public and fixed publically.
I don't see any relationship with stop publishing CVE in tools dedicated for
audit. so yes we should keep documenting libxml2 or any CVE as soon as they are
known.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.