Hi,
as netcdf-parallel doesn't use the bundled copy of ezxml anymore, but links
against libxml2 since 1:4.9.0-1, I guess it's not _that_ relevant.
Should this bug just be marked as fixed in 1:4.9.0-1?
Best regards
Philip
OpenPGP_signature
Description: OpenPGP digital signature
Source: netcdf-parallel
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team
Multiple security issues were found in ezxml, which netcdf-parallel bundles:
CVE-2021-31598:
https://sourceforge.net/p/ezxml/bugs/28/
CVE-2021-31348 / CVE-2021-31347:
https://sourceforge.net/p/ezxml/bu
2 matches
Mail list logo
