Date: Fri, 17 Oct 2008 17:14:31 -0000 From: "Jeremy Messenger" <mezz7@cox.net> To: "Igor Roshchin" <str@komkon.org> Cc: gnome@freebsd.org Subject: Re: libxml2 - will it be updated? (security vulnerability) Message-ID: <op.ui6h6hey9aq2h7@localhost> In-Reply-To: <200810171317.m9HDHgjb072048@trantor.komkon.org> References: <200810171317.m9HDHgjb072048@trantor.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Oct 2008 13:17:42 -0000, Igor Roshchin <str@komkon.org> wrote: > > Hello! > > libxml2 which is used by various applications outside of Gnome itself > is reported to have known security vulnerabilities. > I just looked at libxml2 website and I see that FreeBSD ports are > several versions (and about half a year) behind the source. > (the version 2.7 which presumably fixed the problem was released on Aug. > 30, while FreeBSD port is stuck at 2.6.32: Apr 8 2008) > > I do not mean to blaim anybody (I know that there was a port freeze > recently), - I am just trying to alert people in > charge for this port, in case it slipped through the cracks. The 2.7.0 and 2.7.1 are too buggy, and broke many stuff. The 2.7.2 (fixed bugs) seems to be better, but I am not trust it to get into FreeBSD ports during the slush. If you can point me where security patch(es) for 2.6.32 and I will be happy to it put in FreeBSD port, then bump it. Cheers, Mezz > Best regards, > > Igor > > Igor Roshchin > KomKon Sites -- mezz7@cox.net - mezz@FreeBSD.org FreeBSD GNOME Team http://www.FreeBSD.org/gnome/ - gnome@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.ui6h6hey9aq2h7>