[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-12863

Wed Nov 19 19:24:07 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e9d343e by Salvatore Bonaccorso at 2025-11-19T20:23:56+01:00
Update status for CVE-2025-12863

It will likely be rejeted soon.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3302,10 +3302,10 @@ CVE-2025-12875 (A weakness has been identified in mruby 3.4.0. This vulnerabilit
 	NOTE: Introduced with: https://github.com/mruby/mruby/commit/9e8cda73f69493012c8784667b03016c2072ed2b
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94
 CVE-2025-12863 (A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML pa ...)
-	- libxml2 2.15.1+dfsg-0.4 (bug #1120364)
-	[bullseye] - libxml2 <postponed> (Minor issue, revisit when merged upstream)
+	- libxml2 2.15.1+dfsg-0.4 (bug #1120364; unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1012
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/349
+	NOTE: Not a security issue, documented behaviour
 CVE-2025-12621 (The Flexible Refund and Return Order for WooCommerce plugin for WordPr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12583 (The Simple Downloads List plugin for WordPress is vulnerable to unauth ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e9d343e62588e884c080e9d4b716f48e2680c57

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e9d343e62588e884c080e9d4b716f48e2680c57
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251119/f5bf5481/attachment.htm>
