Multiple pinnings to vulnerable copies of libexpat

Hi!

I found pinnings to old and vulnerable versions of libexpat in here at:

- Expat 2.2.9 at https://github.com/NLnetLabs/unbound/blob/HEAD/contrib/ios/install_expat.sh
- Expat 2.2.9 at https://github.com/NLnetLabs/unbound/blob/HEAD/contrib/android/install_expat.sh
- Expat 2.2.10 at https://github.com/NLnetLabs/unbound/blob/HEAD/.github/workflows/analysis_ports.yml

If any of these affect end users, please update to Expat 2.7.0 (or [upcoming 2.7.1](https://github.com/libexpat/libexpat/issues/990)).

Thanks and best, Sebastian

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Multiple pinnings to vulnerable copies of libexpat #1255

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Multiple pinnings to vulnerable copies of libexpat #1255

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions