VTK uses old version of libxml2 (containing security vulnerabilities); should update
This issue was created automatically from an original Mantis Issue. Further discussion may take place here.
As of 2008-01-22 the latest version of libxml2 is 2.6.31. See http://xmlsoft.org/news.html
VTK includes 2.6.27 according to CMakeLists.txt.
A quick search of the Common Vulnerabilities and Exposures (CVE) database reveals that a security fix has since been made:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284
VTK should update.