(lwn.net)

278 points jwilk | 1 comments | 25 Jun 25 19:36 UTC | HN request time: 0.235s | source

1. ZiiS ◴[26 Jun 25 11:58 UTC] No.44386541[source]▶

It seems perfectly reasonable for any library to take the stance they are not a security barrier. It is up to people using libxml2 in applications and OSs that have the resources to issue CVEs and track embargos. I am sure any resulting PRs will be gratefully welcomed.

↑

Libxml2's "no security embargoes" policy