[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-40896/libxml2

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fef7134 by Salvatore Bonaccorso at 2024-12-23T21:44:11+01:00
Update status for CVE-2024-40896/libxml2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,8 +23,9 @@ CVE-2024-53256 (Rizin is a UNIX-like reverse engineering framework and command-l
 CVE-2024-45387 (An SQL injection vulnerability in Traffic Ops in Apache Traffic Contro ...)
 	TODO: check
 CVE-2024-40896 (In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ...)
-	- libxml2 <unfixed>
+	- libxml2 <not-affected> (Vulnerable code introduced later in 2.11.0)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
+	NOTE: Introduced with: https://gitlab.gnome.org/GNOME/libxml2/-/commit/481d79d44cf8ed864ed3d74edbeb96e8cd9ed4a7 (v2.11.0)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a8932303969907f6572b1b6aac4081c56adb5c6
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/de28e6ed3a7f18d3188dd18ac5b854b21e05d33a (v2.13.3)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/4c2b237174539db92f4504fbc5198d2f1561baca (v2.12.9)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fef7134630b5e88c392d3ec63100f37666b3b4a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fef7134630b5e88c392d3ec63100f37666b3b4a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241223/30cc1cad/attachment.htm>