Comments (4)
Thanks to @gaborcsardi, a patch has been made to libxls (libxls/libxls#129), so I will work on getting those changes into a readxl release in the near future.
from readxl.
Is there anything that can be done on your end?
Unfortunately, no. I am not in a position to tackle these vulnerabilities myself.
I have, at times, vendored a dev version of libxls, in order to get some security fixes into readxl ASAP. But they need to be in libxls itself, obviously, for that to work.
from readxl.
Totally understand. I'm basically in the same boat, as we don't really have anyone who can take on fixing these issues right now.
If we can't get movement on this, the next step will be something like removing libxls and support for xls files. It's unfortunate, but at least it's a way to stop the security alerts.
from readxl.
Have you tried reaching out to the libxls developer? No idea if this is a possibility, but maybe an offer to sponsor a targeted piece of work would be productive? It's not like removing xls support is a simple flick of a switch ....
from readxl.
Related Issues (20)
- read_excel() converts date to number HOT 3
- Build error on 10.6: error: 'gid_t' has not been declared HOT 2
- zip path is too long HOT 5
- Release readxl 1.4.2 HOT 2
- Upkeep for readxl
- Update errors to rlang 1.0.0
- read_excel unable to open file if the file is .xls but it was saved as .xml HOT 1
- Problems reading files with Windows path containing special characters
- FR: Check Excel sheets and consistency with readr
- Access is denied warning on valid paths that get read successfully
- installing readxl package to R 4.1.3 running in anaconda navigator HOT 1
- Can read_excel() allow reading of open Excel workbooks/sheets? HOT 3
- Scientific counting display issues
- Release readxl 1.4.3 HOT 1
- Force col_types for vector of known columns, default guess for other columns HOT 1
- readxl::read_excel fails with `Error: vector`
- col_types = 'text_as_shown' ? HOT 1
- readxl fails with truncated dates
- Round-off error when using `col_type = "text"`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from readxl.