Secure libxml2?
Gunther Mayer
gunther.mayer at googlemail.com
Mon Oct 20 11:45:51 UTC 2008
Hi there,
We're using libxml2 and the version in ports (2.6.x) currently suffers
from a rather serious security vulnerability already posted last Friday:
http://www.freebsd.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html
Yet there's no libxml2-2.7.x in ports as required by the above notice.
So there's no solution other than compiling an up-to-date one by hand
and that opens up a whole different can of worms regarding dependencies.
I emailed the official maintainer (gnome at freebsd.org) but am not holding
my breath, chances are they won't even see my mail amongst all the spam
they must be getting. So I'm wondering does anybody know what's going on
or what I could do to get my systems secure?
Regards,
Gunther
More information about the freebsd-security
mailing list