[Bug 210155] textproc/expat2 & textproc/linux-*-expat: Expat issues CVE-2012-6702 and CVE-2016-5300
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Nov 30 15:45:11 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210155
John Hein <z7dr6ut7gs at snkmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |z7dr6ut7gs at snkmail.com
--- Comment #9 from John Hein <z7dr6ut7gs at snkmail.com> ---
Is undocumenting a vulnerability like this the right thing to do? There's
nothing to say a 3rd party linux package doesn't need linux expat and might use
it in a way that triggers the vulnerability.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
More information about the freebsd-emulation
mailing list