ports/128998: [vuxml] document vulnerabilities in textproc/libxml2

[Eygene Ryabinkin]

The following reply was made to PR ports/128998; it has been noted by GNATS.

From: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
To: bug-followup at freebsd.org
Cc: tabthorpe at freebsd.org, freebsd-security at freebsd.org
Subject: Re: ports/128998: [vuxml] document vulnerabilities in
	textproc/libxml2
Date: Thu, 20 Nov 2008 01:04:31 +0300

 --Qbvjkv9qwOGw/5Fx
 Content-Type: text/plain; charset=koi8-r
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 Wed, Nov 19, 2008 at 11:41:01PM +0300, Eygene Ryabinkin wrote:
 > The fix for the CVE-2008-4225 and CVE-2008-4226 was commited to the
 > textproc/libxml2 just an hour ago, but vulnerabilities seem to be left
 > undocumented.  At least I was not able to find the corresponding PR and
 > reporting channels are not clear from the commit comment.
 
 The entry was added shortly after this PR by tabthorpe@, so I think
 that this PR can be closed now.
 --=20
 Eygene
  _                ___       _.--.   #
  \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
  /  ' `         ,       __.--'      #  to read the on-line manual  =20
  )/' _/     \   `-_,   /            #  while single-stepping the kernel.
  `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
      _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook=20
     {_.-``-'         {_/            #
 
 --Qbvjkv9qwOGw/5Fx
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (FreeBSD)
 
 iEYEARECAAYFAkkkjW8ACgkQthUKNsbL7YiaWgCfZG6GxIlzLc2eJmTVlRAlSINr
 5TUAn2/sY5m9IGybwp2ymuhsrzUxLYjV
 =DGME
 -----END PGP SIGNATURE-----
 
 --Qbvjkv9qwOGw/5Fx--