Date: Mon, 20 Jun 2016 18:42:25 +0000 From: bugzilla-noreply@freebsd.org To: gnome@FreeBSD.org Subject: [Bug 210298] textproc/libxslt: Update to 1.1.29 Message-ID: <bug-210298-6497-ougcUXKFsi@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-210298-6497@https.bugs.freebsd.org/bugzilla/> References: <bug-210298-6497@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D210298 --- Comment #8 from Mark Felder <feld@FreeBSD.org> --- After further review, I cannot be sure there are any vulnerabilities addres= sed by 1.1.29. The CVEs referenced are only for Google Chrome and the changelog= for libxslt only notes CVE-2015-7995 which we already fixed with a patch to the port.=20 This is a confusing situation because I don't know if it would be possible = for another consumer of libxslt to hit the same vulnerabilities that Chrome did. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-210298-6497-ougcUXKFsi>