This blog post explains the serious problems the single libxml2 author is having in maintaining the library:
https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports
There are few learnings from this:
* libxml2 is even less production-ready than we thought
* many projects don't have the resources we do
--
Bruce Momjian <br...@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Do not let urgent matters crowd out time for investment in the future.
