Ignore:
Timestamp:
02/25/2022 04:10:04 AM (2 years ago)
Author:
Xi Ruoyao <xry111@…>
Branches:
11.1, 11.2, 11.2-rc1, 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, arm, bdubbs/gcc13, multilib, renodr/libudev-from-systemd, s6-init, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/lfs-next, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/pip3, xry111/rust-wip-20221008, xry111/update-glibc
Children:
460f575, 9c12b93, cbd0a9a
Parents:
ba2dc1b
Message:

mention that expat may delete vulnerable releases

File:
1 edited

Legend:

Unmodified
Added
Removed

  • chapter03/packages.xml

    rba2dc1b rb0a6b0c  
    174174        <para>Download: <ulink url="&expat-url;"/></para>
    175175        <para>MD5 sum: <literal>&expat-md5;</literal></para>
     176        <note>
     177          <para>The upstream may remove tarballs of the specific releases of
     178          <application>Expat</application> when these releases contain a
     179          security vulnerability.  You should refer to
     180          <ulink url='&lfs-root;lfs/advisories/'>LFS security advisories</ulink>
     181          to figure out which version (with the vulnerability fixed) should
     182          be used.  You may download the vulnerable version from a mirror,
     183          but it's not recommended.</para>
     184        </note>
    176185      </listitem>
    177186    </varlistentry>
Note: See TracChangeset for help on using the changeset viewer.