[xml/sgml-pkgs] libxml2_2.12.7+dfsg+really2.9.14-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu May 15 09:34:49 BST 2025
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 15 May 2025 15:34:25 +0800
Source: libxml2
Architecture: source
Version: 2.12.7+dfsg+really2.9.14-1
Distribution: unstable
Urgency: medium
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
Changed-By: Aron Xu <aron at debian.org>
Closes: 1051230 1053629 1063234 1102521 1103511
Changes:
libxml2 (2.12.7+dfsg+really2.9.14-1) unstable; urgency=medium
.
* Acknowledge previous NMUs.
* Security fixes:
- CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
(Closes: #1051230)
- CVE-2023-45322: use-after-free in xmlUnlinkNode()
(Closes: #1053629)
- CVE-2024-25062: use-after-free in xmlValidatePopElement()
(Closes: #1063234)
- CVE-2025-32414: out-of-bounds read in Python bindings
(Closes: #1102521)
- CVE-2025-32415: heap-based buffer under-read via
xmlSchemaIDCFillNodeTables() (Closes: #1103511)
Checksums-Sha1:
b97189be45f90cde97146e884421ebb927cb3f0b 2681 libxml2_2.12.7+dfsg+really2.9.14-1.dsc
acf604965fc6dc6685ac168c58adb77642dcd36b 40760 libxml2_2.12.7+dfsg+really2.9.14-1.debian.tar.xz
e6b1d496ceb426e15a96d28169070d2d8ca8d180 5704 libxml2_2.12.7+dfsg+really2.9.14-1_source.buildinfo
Checksums-Sha256:
bde8a79865bb079ecf858b54f1a89fd791135b7cff228cd63900106bb37ffae2 2681 libxml2_2.12.7+dfsg+really2.9.14-1.dsc
070629f9101eba338ddcf6e66933246a1f072e7e0eaf57c314eced6174e8fe05 40760 libxml2_2.12.7+dfsg+really2.9.14-1.debian.tar.xz
b166b2c08db4e61aba7d442d67cf0b90a8ec724b8a0aae74735927bcd9eba040 5704 libxml2_2.12.7+dfsg+really2.9.14-1_source.buildinfo
Files:
f90edcba0e46778fb3f54d286169af90 2681 libs optional libxml2_2.12.7+dfsg+really2.9.14-1.dsc
1db86677aa23c3e7bd047cb123ead863 40760 libs optional libxml2_2.12.7+dfsg+really2.9.14-1.debian.tar.xz
eaf3a0ab247f9179094fec1f18d6f52c 5704 libs optional libxml2_2.12.7+dfsg+really2.9.14-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEBLHAyuu1xqoC2aJ5NP8o68vMTMgFAmgln5gACgkQNP8o68vM
TMixbAf8Cj9XhoyYQiKbIi7CM91JpqHIHRU+bL7jonHaz38MyogAtAJaNE83t325
f/n4l8oS0LznHH9zVdszWtMYhmlaaCqKi6FeJ0zVkcUZ3ib8Xv5IuYpdiPxixZ/J
18SwXnOF7ASnOyT/ETr/ib+/S8JCtIB7LXxih/OObN5SRTflrxQKqVTpgKqZJhaV
aI4d4ytRkLG6bokQ9tqzcEir2gi6DwpZQVrb2JswMmw/DsyESIQEvAgN339drKKi
oSpiqGnbmOHbbAyvDJ/VlWM2bSaB5JG2bgK7IjmZOOFJBnmBPm7WoygKR3GMHbwf
CvRP47JCEsobWdauzaQIK8chO50rhw==
=v51D
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-xml-sgml-pkgs/attachments/20250515/59553824/attachment.sig>
More information about the debian-xml-sgml-pkgs
mailing list