-
Notifications
You must be signed in to change notification settings - Fork 251
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bundles vulnerable copy of Expat - please update to 2.2.5 #535
Comments
Any news or issues with updating? |
Is there a pull request? |
Not that I knew, no. For someone to make some, understanding of OpenCOLLADAs build system, the list of supported platforms and compilers, and a bit of time is needed. |
Nope you don't need to compile anything yourself. You can submit a PR and jenkins will build for us. It would be way to much work for anybody to compile for all those versions of all those tools for all those platforms.... Hopefully upgrading the library won't break the build. Otherwise, we'd have something to start with. |
You would still need to inspect the build system so that detection of high entropy sources like |
Hi!
This repository bundles an outdated vulnerable copy of Expat 2.0.1. Please update your copy to version 2.2.4 with the latest security fixes. A change log with details is available at https://github.com/libexpat/libexpat/blob/master/expat/Changes . Thank you!
Best
Sebastian
The text was updated successfully, but these errors were encountered: