Summary: | <dev-libs/mxml-3.3: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | conikost |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/michaelrsweet/mxml/issues/286 | ||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-05-28 17:16:13 UTC
Based on the Github issue, it should be fixed in 3.3. I was also not able to reproduce with current version 3.3 in tree. Thanks! I guess, we can close here and release _no_ GLSA. Seeing https://github.com/michaelrsweet/mxml/issues/286, the CVE was rejected by upstream. https://www.cve.org/CVERecord?id=CVE-2021-42859 also lists as disputed. |