[Git][security-tracker-team/security-tracker][master] Track (re-)fixed version for CVE-2006-10003/libxml-parser-perl via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 21 09:33:22 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abb326fe by Salvatore Bonaccorso at 2026-03-21T10:31:59+01:00
Track (re-)fixed version for CVE-2006-10003/libxml-parser-perl via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -922175,7 +922175,7 @@ CVE-2006-10002 (XML::Parser versions through 2.47 for Perl could overflow the pr
NOTE: Additional improvement: https://github.com/cpan-authors/XML-Parser/commit/5361c2b7f48599718cdecbe50c5fdd88b28ffd79 (2.48)
NOTE: Issue was originally fixed in 2.34-4.2 but was lost with the 2.40-1 rebases.
CVE-2006-10003 (XML::Parser versions through 2.47 for Perl has an off-by-one heap buff ...)
- - libxml-parser-perl <unfixed> (bug #378412; medium)
+ - libxml-parser-perl 2.47-2 (bug #378412; medium)
[trixie] - libxml-parser-perl <no-dsa> (Minor issue, can be fixed later via point release)
[bookworm] - ibxml-parser-perl <no-dsa> (Minor issue, can be fixed later via point release)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/38106362/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abb326fed5c80543d3cbd98bb72b8125c0dacdc1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abb326fed5c80543d3cbd98bb72b8125c0dacdc1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260321/e53d8231/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list