1 |
Il giorno mer 18 dic 2019 alle ore 22:03 Sebastian Pipping <sping@g.o> |
2 |
ha scritto: |
3 |
|
4 |
> |
5 |
> CMake bundles a (previously outdated and vulnerable) copy of expat so |
6 |
> I'm not sure if re-activating that bundle — say with a new use flag |
7 |
> "system-expat" — would be a good thing to resort to for breaking the |
8 |
> cycle, with regard to security in particular. |
9 |
> |
10 |
> Pushing gently upstream to upgrade bundled expat copy would (at least |
11 |
temporarily) fix the issue and also benefit other use cases. Maybe they are |
12 |
Gentoo friendly |
13 |
they also release quite often, which would fix the problem soon |