-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Uses vulnerable copy of Expat - please update to 2.2.5 #3
Comments
We've been asked by the upstream maintainers to update it: mono/linux-packaging-mono#3
We've been asked by the upstream maintainers to update it: mono/linux-packaging-mono#3
Thanks. We updated the library in https://github.com/mono/bockbuild/blob/master/packages/expat.py which is used for our OSX packages. The file in https://github.com/mono/linux-packaging-mono/blob/master/external/bockbuild/packages/expat.py is just a copy of that and not used on Linux since we rely on the distribution's package instead there. Please note that Mono bugs should generally be filed on https://bugzilla.xamarin.com instead of on GitHub :) |
Hi!
This repository bundles an outdated vulnerable copy of Expat 2.0.1 at
Please update your copy to version 2.2.5 with the latest security fixes. A change log with details is available at https://github.com/libexpat/libexpat/blob/master/expat/Changes. If you happen to run into compile errors, please check the post-releases commits in Git as well. Thank you!
Best
Sebastian
Related: mono/linux-packaging-skiasharp#1
The text was updated successfully, but these errors were encountered: