-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Jun 2025 16:50:13 +0800
Source: libxml2
Binary: libxml2-doc
Architecture: all
Version: 2.9.14+dfsg-1.3~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libxml2-doc - GNOME XML library - documentation
Closes: 1051230 1053629 1063234 1071162 1094238 1098320 1098321 1098322 1102521 1103511
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u2) bookworm-security; urgency=high
 .
   * Security fixes:
     - CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
       (Closes: #1051230)
     - CVE-2023-45322: use-after-free in xmlUnlinkNode()
       (Closes: #1053629)
     - CVE-2024-25062: use-after-free in xmlValidatePopElement()
       (Closes: #1063234)
     - CVE-2025-32414: out-of-bounds read in Python bindings
       (Closes: #1102521)
     - CVE-2025-32415: heap-based buffer under-read via
       xmlSchemaIDCFillNodeTables() (Closes: #1103511)
     - CVE-2022-49043: use-after-free in xmlXIncludeAddNode()
       (Closes: #1094238)
     - CVE-2024-34459: buffer over-read in xmlHTMLPrintFileContext of xmllint
       (Closes: #1071162)
     - CVE-2024-56171: use-after-free after xmlSchemaItemListAdd()
       (Closes: #1098320)
     - CVE-2025-24928: stack-buffer-overflow in xmlSnprintfElements()
       (Closes: #1098321)
     - CVE-2025-27113: NULL pointer dereference in xmlPatMatch()
       (Closes: #1098322)
Checksums-Sha1:
 2a5caa80fa7203c235dbfe343be37d9c46ccc36e 666988 libxml2-doc_2.9.14+dfsg-1.3~deb12u2_all.deb
 8d5e26d6a80bee7513d3de69ed9e1ffddaa5cd8a 6063 libxml2_2.9.14+dfsg-1.3~deb12u2_all-buildd.buildinfo
Checksums-Sha256:
 679918941bb0cf86e46e860fd21ba4da15f36cad039e07dd4898bd7438403f66 666988 libxml2-doc_2.9.14+dfsg-1.3~deb12u2_all.deb
 f6c607c0172a16147a982a4ac686f54812cb71c90310d7658978130d47d280f7 6063 libxml2_2.9.14+dfsg-1.3~deb12u2_all-buildd.buildinfo
Files:
 a1b19bb7ef347daf4f001e6299ef8cf9 666988 doc optional libxml2-doc_2.9.14+dfsg-1.3~deb12u2_all.deb
 deeffd2f4353854f4b8f48f036dffaac 6063 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmhCx/sACgkQfUw6/tXb
AmN/9w/+OF0Gu2VQSfwLseaYu41loQcl73LVbtE26c59m67vUzScpGgR37gbgyA+
GqMRfZOo6bHnBvYIR0WVak/nMvjfBCsXPMwDi9V+GgFVRbTZgEx91WSNbHd0QSws
GxZVsz6TJ6WJJtTScKMK5nYJoe7jvAPdkjHRbhTkLu5Y10h7D5/wmceJglD8ztUP
HmOm7QhXuUfyf6qN+xSTkEOaeSOK1dIYQwpIyaUeW8Dt+2M3Ak7Bi2lEWk10nAlV
kIDrfSZdKYkPXJOZcULODUL+Ui/EilJm2XVXzKpLIP0awD0iXgebwFiDbzFp6DuL
m21CIvVfzloQYpXdZsHyCQSkgj0pESVULsmnIlk9ViiIqbJbcu1fqNqZp0VWsH5S
mwWhj+RCNHsHIHaxhau2MN4nKLHNw43XcgzY3ktiVn5JZspSmcT+adnn93/fAvq+
TRejzKcqlPKIIa3ci92CC0FDjGiRF328lNG7I1nSZAkmUESyRXxfaPJhDBIcEdfu
t31k607AOG2INQ2vngxdEN2mrp5jtWck4594U82xj1Rq3XLH+dawbq/Z4Mh1LxOn
YNnic+lLyho8/DpgI3APiRZerR/jB5BmELfBpWIQ/rkHJ5S6WEGad1Fe8kq9GR8/
SJbN2A1hXfSmNe66p9vv6PCGn1bcSk9Ff+OmKEEdL07fSpbWhww=
=fucm
-----END PGP SIGNATURE-----