diff options
Diffstat (limited to 'chapter03/packages.xml')
| -rw-r--r-- | chapter03/packages.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/chapter03/packages.xml b/chapter03/packages.xml index 171daec75..67adc3e31 100644 --- a/chapter03/packages.xml +++ b/chapter03/packages.xml @@ -173,6 +173,15 @@ <para>Home page: <ulink url="&expat-home;"/></para> <para>Download: <ulink url="&expat-url;"/></para> <para>MD5 sum: <literal>&expat-md5;</literal></para> + <note> + <para>The upstream may remove tarballs of the specific releases of + <application>Expat</application> when these releases contain a + security vulnerability. You should refer to + <ulink url='&lfs-root;lfs/advisories/'>LFS security advisories</ulink> + to figure out which version (with the vulnerability fixed) should + be used. You may download the vulnerable version from a mirror, + but it's not recommended.</para> + </note> </listitem> </varlistentry> |