[Git][security-tracker-team/security-tracker][master] Add CVE-2025-32415/libxml2

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c78dafb7 by Salvatore Bonaccorso at 2025-04-17T22:30:33+02:00
Add CVE-2025-32415/libxml2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -327,7 +327,11 @@ CVE-2025-32504 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-32490 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-32415 (In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNod ...)
-	TODO: check
+	- libxml2 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/890
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/487ee1d8711c6415218b373ef455fcd969d12399 (master)
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ac33b1c821b4e67326e8e416945b31c9537c7c0 (v2.14.2)
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84 (v2.13.8)
 CVE-2025-31380 (Weak Password Recovery Mechanism for Forgotten Password vulnerability  ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31030 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c78dafb7f38628796f50fc0f288468c96feb39c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c78dafb7f38628796f50fc0f288468c96feb39c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250417/f321638c/attachment.htm>