Uses vulnerable copy of Expat - please update to 2.2.5 #3
Comments
89 tasks
akoeplinger
added a commit
to akoeplinger/mono
that referenced
this issue
Nov 28, 2017
We've been asked by the upstream maintainers to update it: mono/linux-packaging-mono#3
akoeplinger
added a commit
to mono/mono
that referenced
this issue
Nov 28, 2017
We've been asked by the upstream maintainers to update it: mono/linux-packaging-mono#3
|
Thanks. We updated the library in https://github.com/mono/bockbuild/blob/master/packages/expat.py which is used for our OSX packages. The file in https://github.com/mono/linux-packaging-mono/blob/master/external/bockbuild/packages/expat.py is just a copy of that and not used on Linux since we rely on the distribution's package instead there. Please note that Mono bugs should generally be filed on https://bugzilla.xamarin.com instead of on GitHub :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi!
This repository bundles an outdated vulnerable copy of Expat 2.0.1 at
Please update your copy to version 2.2.5 with the latest security fixes. A change log with details is available at https://github.com/libexpat/libexpat/blob/master/expat/Changes. If you happen to run into compile errors, please check the post-releases commits in Git as well. Thank you!
Best
Sebastian
Related: mono/linux-packaging-skiasharp#1
The text was updated successfully, but these errors were encountered: