Forum: >>> Magnum BBS <<<

Bug#1109440: unblock: libxml2/2.12.7+dfsg+really2.9.14-2

From Ivo De Decker@21:1/5 to Aron Xu on Fri Jul 18 12:50:01 2025

XPost: linux.debian.devel.release

Control: tags -1 confirmed moreinfo

Hi,

On Thu, Jul 17, 2025 at 11:56:14PM +0200, Aron Xu wrote:

I would like to apply two patches for libxml2 fixing 3 CVEs:
- CVE-2025-6021: integer overflow in xmlBuildQName() (Closes: #1107720)
- CVE-2025-{49794,49796}: use after free and type confusion in xmlSchematronReportOutput() (Closes: #1107755)

Please go ahead with the upload and remove the moreinfo tag from this unblock request once the new upload has been in unstable for a few days, and you think it's ready to migrate.

Thanks,

Ivo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	42:03:47
Calls:	12,109
Files:	15,006
Messages:	6,518,416