[Git][security-tracker-team/security-tracker][master] libxml2 fixed in sid

Thu Mar 27 14:56:49 GMT 2025


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
295d0b45 by Moritz Muehlenhoff at 2025-03-27T15:55:11+01:00
libxml2 fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12859,21 +12859,21 @@ CVE-2024-45774 (A flaw was found in grub2. A specially crafted JPEG file can cau
 	NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
 CVE-2025-27113 (libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer der ...)
 	{DLA-4064-1}
-	- libxml2 <unfixed> (bug #1098322)
+	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug #1098322)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/861
 	NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/2
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c716d491dd2e67f08066f4dc0619efeb49e43e6
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/503f788e84f1c1f1d769c2c7258d77faee94b5a3 (v2.12.10)
 CVE-2025-24928 (libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buff ...)
 	{DLA-4064-1}
-	- libxml2 <unfixed> (bug #1098321)
+	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug #1098321)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/847
 	NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/2
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c8753ad5280ee13aee5eec9b0f6eee2ed920f57
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/858ca26c0689161a6b903a6682cc8a1cc10a0ea8 (v2.12.10)
 CVE-2024-56171 (libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free i ...)
 	{DLA-4064-1}
-	- libxml2 <unfixed> (bug #1098320)
+	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug #1098320)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/828
 	NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/2
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5880a9a6bd97c0f9ac8fc4f30110fe023f484746
@@ -18727,7 +18727,7 @@ CVE-2024-10574 (The Quiz Maker Business, Developer, and Agency plugins for WordP
 CVE-2022-49043 (xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-af ...)
 	{DLA-4064-1}
 	[experimental] - libxml2 2.12.3+dfsg-0exp1
-	- libxml2 <unfixed> (bug #1094238)
+	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug #1094238)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b (v2.11.0)
 	NOTE: https://github.com/php/php-src/issues/17467
 CVE-2025-0543 (Local privilege escalation in G DATA Security Client due to incorrect  ...)
@@ -91646,7 +91646,7 @@ CVE-2024-34697 (FreeScout is a free, self-hosted help desk and shared mailbox. A
 CVE-2024-34555 (Unrestricted Upload of File with Dangerous Type vulnerability in URBAN ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2. ...)
-	- libxml2 <unfixed> (unimportant; bug #1071162)
+	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (unimportant; bug #1071162)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/720
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145 (v2.11.8)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac5392a4e891b81e40e592c3ac6cb46016ce (v2.12.7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/295d0b4556cbb8971dea74d885f7442d03156f53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/295d0b4556cbb8971dea74d885f7442d03156f53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250327/0739d20a/attachment.htm>
