[Git][security-tracker-team/security-tracker][master] Add new libxml2 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 15 20:27:49 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6481939d by Salvatore Bonaccorso at 2026-01-15T21:27:20+01:00
Add new libxml2 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87,11 +87,16 @@ CVE-2026-20075 (A vulnerability in the web-based management interface of Cisco E
 CVE-2026-20047 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2026-0992 (A flaw was found in the libxml2 library. This uncontrolled resource co ...)
-	TODO: check
+	- libxml2 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/f75abfcaa419a740a3191e56c60400f3ff18988d
 CVE-2026-0990 (A flaw was found in libxml2, an XML parsing library. This uncontrolled ...)
-	TODO: check
+	- libxml2 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1961208e958ca22f80a0b4e4c9d71cfa050aa982
 CVE-2026-0989 (A flaw was identified in the RelaxNG parser of libxml2 related to how  ...)
-	TODO: check
+	- libxml2 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/998
 CVE-2026-0976 (A flaw was found in Keycloak. This improper input validation vulnerabi ...)
 	- keycloak <itp> (bug #1088287)
 CVE-2026-0897 (Allocation of Resources Without Limits or Throttling in the HDF5 weigh ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6481939dfb24980ae8bbe7bd2bdbdbb83f47a859

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6481939dfb24980ae8bbe7bd2bdbdbb83f47a859
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260115/183df59d/attachment.htm>

More information about the debian-security-tracker-commits mailing list