OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Secure libxml2?

From: Gunther Mayer (gunther.mayergooglemail.com)
Date: Mon Oct 20 2008 - 06:22:20 CDT


Hi there,

We're using libxml2 and the version in ports (2.6.x) currently suffers
from a rather serious security vulnerability already posted last Friday:

http://www.freebsd.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html

Yet there's no libxml2-2.7.x in ports as required by the above notice.
So there's no solution other than compiling an up-to-date one by hand
and that opens up a whole different can of worms regarding dependencies.

I emailed the official maintainer (gnomefreebsd.org) but am not holding
my breath, chances are they won't even see my mail amongst all the spam
they must be getting. So I'm wondering does anybody know what's going on
or what I could do to get my systems secure?

Regards,

Gunther
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"