[Git][security-tracker-team/security-tracker][master] Reserve DLA-4319-1 for libxml2

[Guilhem Moulin (@guilhem)]

Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ecd5087 by Guilhem Moulin at 2025-09-30T23:41:59+02:00
Reserve DLA-4319-1 for libxml2

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Sep 2025] DLA-4319-1 libxml2 - security update
+	{CVE-2025-9714}
+	[bullseye] - libxml2 2.9.10+dfsg-6.7+deb11u9
 [30 Sep 2025] DLA-4318-1 libcpanel-json-xs-perl - security update
 	{CVE-2025-40929}
 	[bullseye] - libcpanel-json-xs-perl 4.25-1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -229,13 +229,6 @@ libsoup2.4
   NOTE: 20250520: seems sensible.  Or maybe someone else will have more luck
   NOTE: 20250520: than me with getting the backported tests to run.  (spwhitton)
 --
-libxml2 (guilhem)
-  NOTE: 20250907: Added by Front-Desk (apo)
-  NOTE: 20250907: Currently insufficient information for CVE-2025-26434 but is
-  NOTE: 20250907: affected by CVE-2025-9714.
-  NOTE: 20250922: libxslt's CVE-2025-7425 can be mitigated in libxml2. (guilhem)
-  NOTE: 20250922: In progress (guilhem)
---
 libxmltok
   NOTE: 20250421: Added by Front-Desk (ta)
   NOTE: 20250421: Also review all other expat CVEs. (bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ecd5087c05e4d27102bec819bea0de6d95f3a35

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ecd5087c05e4d27102bec819bea0de6d95f3a35
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/587e85c5/attachment-0001.htm>