Y
Hacker News
new
|
ask
|
show
|
jobs
by
sgoranson
6154 days ago
Pretty skeptical this flaw could be in "virtually every open-source XML library available". Seems unlikely a million brains collectively missed whatever this is.
2 comments
jrockway
6154 days ago
You are underestimating how easy it is to write insecure C code.
But it would be nice to know if this is expat, libxml2, or what.
link
philh
6154 days ago
My understanding is it's not a single flaw. Virtually every XML library available is flawed, but each in their own way.
link
But it would be nice to know if this is expat, libxml2, or what.