MantisBT - VTK
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0005472VTK(No Category)public2007-08-09 12:592016-08-12 09:54
ReporterSean McBride 
Assigned ToDave DeMarle 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionmoved 
PlatformOSOS Version
Product Version6.3.0 
Target VersionFixed in Version 
ProjectTBD
Typeincorrect functionality
Summary0005472: VTK uses old version of libxml2 (containing security vulnerabilities); should update
DescriptionAs of 2008-01-22 the latest version of libxml2 is 2.6.31. See http://xmlsoft.org/news.html [^]

VTK includes 2.6.27 according to CMakeLists.txt.

A quick search of the Common Vulnerabilities and Exposures (CVE) database reveals that a security fix has since been made:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 [^]

VTK should update.
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2007-08-09 12:59Sean McBrideNew Issue
2007-10-17 10:10Sean McBrideDescription Updated
2008-01-22 10:10Sean McBrideSummaryVTK uses old version of libxml2; should update => VTK uses old version of libxml2 (containing security vulnerabilities); should update
2008-01-22 10:10Sean McBrideDescription Updated
2008-01-28 18:46Sean McBrideNote Added: 0010319
2008-01-28 18:47Sean McBrideStatusbacklog => tabled
2008-01-28 18:47Sean McBrideAssigned To => David Cole
2011-01-19 09:43David ColeAssigned ToDavid Cole => David Partyka
2011-06-16 13:11Zack GalbreathCategory => (No Category)
2013-07-22 20:33Dave DeMarleStatusbacklog => expired
2013-07-22 20:33Dave DeMarleNote Added: 0031302
2013-07-23 10:27Sean McBrideProject => TBD
2013-07-23 10:27Sean McBrideType => incorrect functionality
2013-07-23 10:27Sean McBrideNote Added: 0031316
2013-07-23 10:27Sean McBrideAssigned ToDavid Partyka => Dave DeMarle
2013-07-23 10:30Sean McBrideProduct Version => 6.0.0
2014-10-04 20:24Berk GeveciStatusexpired => backlog
2014-10-04 20:24Berk GeveciResolutionopen => reopened
2015-02-05 12:33Dave DeMarleNote Added: 0034169
2015-02-05 12:33Dave DeMarleProduct Version6.0.0 => 6.3.0
2016-07-06 16:50Berk GeveciStatusbacklog => expired
2016-07-06 16:50Berk GeveciNote Added: 0036295
2016-07-07 13:22Dave DeMarleNote Added: 0036330
2016-07-07 13:22Dave DeMarleStatusexpired => backlog
2016-08-12 09:46Kitware RobotNote Added: 0036693
2016-08-12 09:46Kitware RobotStatusbacklog => expired
2016-08-12 09:46Kitware RobotResolutionreopened => moved
2016-08-12 09:54Kitware RobotNote Added: 0036924
2016-08-12 09:54Kitware RobotStatusexpired => closed

Notes
(0010319)
Sean McBride   
2008-01-28 18:46   
Because this involves security vulnerabilities, I think it should be fixed for 5.2.
(0031302)
Dave DeMarle   
2013-07-22 20:33   
Dave P no longer works on the project. If these old issues still exist in 6.0.0, reopen them and assign to Dave DeMarle
(0031316)
Sean McBride   
2013-07-23 10:27   
VTK seems to still be at 2.6.27, current is 2.9.1.
(0034169)
Dave DeMarle   
2015-02-05 12:33   
Will try to make this a priority for 6.3.
(0036295)
Berk Geveci   
2016-07-06 16:50   
Setting bugs that have not been touched in 1 year to expired. If important, please re-open.
(0036330)
Dave DeMarle   
2016-07-07 13:22   
I think this in is important enough to reopen.
(0036693)
Kitware Robot   
2016-08-12 09:46   
Resolving issue as `moved`.

This issue tracker is no longer used. Further discussion of this issue may take place in the current VTK Issues page linked in the banner at the top of this page.
(0036924)
Kitware Robot   
2016-08-12 09:54   
Resolving issue as `moved`.

This issue tracker is no longer used. Further discussion of this issue may take place in the current VTK Issues page linked in the banner at the top of this page.