version of LibExpat and LibPCRE
magesh041985
does nxlog-2.9.1716 still uses LibExpat v2.0.1 and LibPCRE v8.02?
Impact:
LibPCRE v8.02 is vulnerable to DoS and code overflow.
LibExpat v2.0.1 has 4 publicly identified vulnerabilities.
References
https://www.cvedetails.com/vulnerability-list/vendor_id-12037/product_id-22545/version_id-129378/Libexpat-Expat-2.0.1.html
https://www.cvedetails.com/vulnerability-list/vendor_id-3265/product_id-5715/version_id-191791/Pcre-Pcre-8.02.html
is it possible to update LibExpat to v2.1.0 and LibPCRE to v8.39?
