https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287391
--- Comment #26 from Charlie Li <vish...@freebsd.org> --- (In reply to commit-hook from comment #25) The 2.14 update has been reverted because it is not strictly for security purposes. Repeating myself from bug 279705 comment 107: upstream posted a notice on their README to clarify expectations, stating that security issues are treated as regular bugs. See https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 for details. This means that there may not be further CVEs issued, and even if any new ones surface, they are not really worth adding to vuxml. This is especially considering some of youse rely pretty heavily on it for alerts and such, but the upstream project has made it clear that security issues will not be prioritised any further than any other bug. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
