[Bug 256436] textproc/libxml2: Update to 2.9.12 (fixes several vulnerabilities)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 256436] textproc/libxml2: Update to 2.9.12"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 06 Jun 2021 12:27:18 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256436

Kubilay Kocak <koobs@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|textproc/libxml2: Update to |textproc/libxml2: Update to
                   |2.9.12                      |2.9.12 (fixes several
                   |                            |vulnerabilities)
           Severity|Affects Only Me             |Affects Many People
           Keywords|                            |needs-qa, security
           Priority|---                         |Normal
                 CC|                            |ports-secteam@FreeBSD.org
              Flags|                            |merge-quarterly?
             Status|New                         |Open

--- Comment #2 from Kubilay Kocak <koobs@FreeBSD.org> ---
^Triage: Security and bugfix releases, MFH.

@Daniel Is there a canonical source for the 2.9.10-12 release notes? I see only
a single CVE reference for .11 (CVE-2021-3541) but see other CVE's being
referenced elsewhere online that affect .10 too.

CVE-2019-20388
CVE-2020-24977
CVE-2021-3517
CVE-2021-3518
CVE-2021-3537
CVE-2021-3516
CVE-2020-7595

-- 
You are receiving this mail because:
You are the assignee for the bug.