[Bug 289213] textproc/libxslt: fix a security issue

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 289213] textproc/libxslt: fix a security issue"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 11 Sep 2025 19:03:48 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289213

--- Comment #6 from Charlie Li <vishwin@freebsd.org> ---
(In reply to Christos Chatzaras from comment #3)
Prevented.

(In reply to Sergey A. Osokin from comment #2)
Our review process is no match to upstream's process. These patches have not
been submitted as merge requests for upstream consideration, just the
issues/bugs. The first issue even has multiple approaches, one of them includes
an ABI break.

As for clearing vulnerability notices/VuXML/etc, there are more security issues
reported upstream that do not have fixes yet. In fact, there are (currently) no
open merge requests dealing with reported security issues. Do not count on this
getting any better anytime soon regardless of what we do (or not).

-- 
You are receiving this mail because:
You are the assignee for the bug.