shakaran
commented
2 years ago @fred214 could you confirm in 3.16.1 that it is present too?
Open fred214 opened 2 years ago
shakaran
commented
2 years ago @fred214 could you confirm in 3.16.1 that it is present too?
vienleidl
commented
2 years ago Hi, I noticed in alpine:3.16.0 the libxml2 version is 2.9.14-r0, does this version fix the vulnerability? Many thanks
The same to me when using the alpine:latest (3.16.2)
docker run --rm alpine:3.16 cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.16.2
PRETTY_NAME="Alpine Linux v3.16"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"apk libxml2 info
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.16/main: No such file or directory
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.16/community: No such file or directory
libxml2-2.9.14-r0 description:
XML parsing library, version 2
libxml2-2.9.14-r0 webpage:
http://www.xmlsoft.org/
libxml2-2.9.14-r0 installed size:
1200 KiBIt seems to be fixed in 3.16-main with libxml2-2.9.14.-r1 https://security.alpinelinux.org/srcpkg/libxml2
vienleidl
commented
2 years ago I think we should upgrade to libxml2 with version 2.10.2 for fixing other CVEs https://github.com/alpinelinux/aports/blob/master/main/libxml2/APKBUILD
vienleidl
commented
2 years ago Hi @ncopa, could you please help to have a look? Thank you!
ratishr
commented
1 year ago Any update on this ?
LucasLopesr
commented
1 year ago any news?
Hi, I noticed in alpine:3.16.0 the libxml2 version is 2.9.14-r0, does this version fix the vulnerability? Many thanks