freebsd security - Oct 2008 - Secure libxml2?

Hi there,

We're using libxml2 and the version in ports (2.6.x) currently suffers 
from a rather serious security vulnerability already posted last Friday:

http://www.freebsd.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html


Yet there's no libxml2-2.7.x in ports as required by the above notice. 
So there's no solution other than compiling an up-to-date one by hand 
and that opens up a whole different can of worms regarding dependencies.

I emailed the official maintainer (gnome@freebsd.org) but am not holding 
my breath, chances are they won't even see my mail amongst all the spam 
they must be getting. So I'm wondering does anybody know what's going on
or what I could do to get my systems secure?

Regards,

Gunther

Gunther Mayer <gunther.mayer@googlemail.com>
writes:
> I emailed the official maintainer (gnome@freebsd.org) but am not
> holding my breath, chances are they won't even see my mail amongst all
> the spam they must be getting. So I'm wondering does anybody know
> what's going on or what I could do to get my systems secure?
Actually, gnome@freebsd.org is a mailing list (freebsd-gnome) that gets
very little spam.  Feel free to subscribe and / or peruse the archive.
In the meantime, there is a PR (ports/127661) with a patch that you
might try.

DES
-- 
Dag-Erling Sm?rgrav - des@des.no