[Bug 210155] textproc/expat2 & textproc/linux-*-expat: Expat issues CVE-2012-6702 and CVE-2016-5300
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Nov 6 13:34:52 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210155
--- Comment #8 from commit-hook at freebsd.org ---
A commit references this bug:
Author: tijl
Date: Sun Nov 6 13:34:17 UTC 2016
New revision: 425491
URL: https://svnweb.freebsd.org/changeset/ports/425491
Log:
Undocument linux-*-expat vulnerabilities.
linux-*-expat is only used by linux-*-fontconfig to read configuration
files written in XML and by dbus-binding-tool(1) from linux-*-dbus-glib, a
development tool that generates C code from an Introspection XML file to
expose a GObject via D-Bus.
These vulnerabilities are therefore not believed to be exploitable on
FreeBSD and only cause annoying warnings and prevent installation of
linux-*-expat. It also does not look like Red Hat will provide fixes for
these any time soon.
PR: 210155
Changes:
head/security/vuxml/vuln.xml
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the freebsd-emulation
mailing list