Hi there,
We're using libxml2 and the version in ports (2.6.x) currently suffers
from a rather serious security vulnerability already posted last Friday:
http://www.freebsd.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html
Yet there's no libxml2-2.7.x in ports as required by the above notice.
So there's no solution other than compiling an up-to-date one by hand
and that opens up a whole different can of worms regarding dependencies.
I emailed the official maintainer (gnome@freebsd.org) but am not holding
my breath, chances are they won't even see my mail amongst all the spam
they must be getting. So I'm wondering does anybody know what's going on
or what I could do to get my systems secure?
Regards,
Gunther