-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Jun 2025 16:50:13 +0800
Source: libxml2
Binary: libxml2 libxml2-dbgsym libxml2-dev libxml2-utils libxml2-utils-dbgsym python3-libxml2 python3-libxml2-dbgsym
Architecture: amd64
Version: 2.9.14+dfsg-1.3~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dev - GNOME XML library - development files
 libxml2-utils - GNOME XML library - utilities
 python3-libxml2 - GNOME XML library - Python3 bindings
Closes: 1051230 1053629 1063234 1071162 1094238 1098320 1098321 1098322 1102521 1103511
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u2) bookworm-security; urgency=high
 .
   * Security fixes:
     - CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
       (Closes: #1051230)
     - CVE-2023-45322: use-after-free in xmlUnlinkNode()
       (Closes: #1053629)
     - CVE-2024-25062: use-after-free in xmlValidatePopElement()
       (Closes: #1063234)
     - CVE-2025-32414: out-of-bounds read in Python bindings
       (Closes: #1102521)
     - CVE-2025-32415: heap-based buffer under-read via
       xmlSchemaIDCFillNodeTables() (Closes: #1103511)
     - CVE-2022-49043: use-after-free in xmlXIncludeAddNode()
       (Closes: #1094238)
     - CVE-2024-34459: buffer over-read in xmlHTMLPrintFileContext of xmllint
       (Closes: #1071162)
     - CVE-2024-56171: use-after-free after xmlSchemaItemListAdd()
       (Closes: #1098320)
     - CVE-2025-24928: stack-buffer-overflow in xmlSnprintfElements()
       (Closes: #1098321)
     - CVE-2025-27113: NULL pointer dereference in xmlPatMatch()
       (Closes: #1098322)
Checksums-Sha1:
 e4d230b662ff638918378b0ec98960ae3f709511 1865140 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 7a49bdf217d068775e9710294b242454563e6107 783300 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 4478f2891499bdee03b833b1d8fe87d97ee30b23 77256 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 611a6ec61e197c2c5b42a81c8c891aa05e99cfb2 99384 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 b6cd8cecf3424847281c7c5bd2d2c5591edca49f 9163 libxml2_2.9.14+dfsg-1.3~deb12u2_amd64-buildd.buildinfo
 21a7ddae58f6deaf2a2c06a5f55dbbfbaa89b044 686776 libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 6b02d1ca529a5c7f613d9928f9235faef0125c2b 220560 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 74d978233cd221a9f8629b6823260cfd6c01aa28 187216 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb
Checksums-Sha256:
 c2c0bca00c0b4d4334492cc1d9522c34f02c0d818b23013e54ec78cb24f5fafb 1865140 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 603749bde5e67071bc36c0d690c91ff178b74b47a00ca9c060f0851cebf9bae6 783300 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 293829e412ea62ed362249c7425fa563510878f43a5c6de8873e69aae52c21a6 77256 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 2e89e38958433b1170c8a226718760ee55255d243f2abbd1f3b5b0142d27f849 99384 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 f1149033403e7c0e1c794a3911f1b989da1b9ef9217f3f5016b010813fd1c75b 9163 libxml2_2.9.14+dfsg-1.3~deb12u2_amd64-buildd.buildinfo
 d4804a276c7b831d2420f513798bf41e67cafeb5259067291243533bc2935b9a 686776 libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 685943b1340868ef83d31d5393f0660e4d6e89363007229fc92376cacf33833a 220560 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 db7053acbb9412e11882e545fefae6d7b86082430db84f7a15a842aad0871476 187216 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb
Files:
 9e02211950089bd7d11375b32e852cd0 1865140 debug optional libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 a70d7894ba5ef89f925ca7ffed00ea0e 783300 libdevel optional libxml2-dev_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 f6295cd7d75ac6833b09a4de3895d78d 77256 debug optional libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 96eed6a6888bd973cfd7a109882fb450 99384 text optional libxml2-utils_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 02b7f3ee143d3f3cc79fb9bf8e84ab4c 9163 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_amd64-buildd.buildinfo
 15d5c5a19abdc938646d0f0036f39107 686776 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 508b79cfabbce5d9103f6797252b2f63 220560 debug optional python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_amd64.deb
 50ac61bb3ccf8ca1956e3286f988032d 187216 python optional python3-libxml2_2.9.14+dfsg-1.3~deb12u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmhCtTUACgkQIy3Pg040
HrBkhw//WV9I+WbfL6Ldxd+HjTd4QgevN5J7lP8bzE4jiWyeDVwLFTplHmwC8vV0
8DpveQHKUonsh1l3asdrYJay8r7zQvttNJGcvbEhYYNZ8vLY6mFSMEP9jdmL8PPs
ErIJS7YiRnnjyxzhpdosHAhXAFRUf6haxfaHT3n8A4oIgYSTnjeiQvAHIChSxaNz
/USHPHhUT4/Wfp6y2PGGHvBBNTeVNz0UlFbwMnrFsVOkFNc+CLhSaGmU1i1zBaC5
4ywuBys/BAfqy9/vL0ZT5mnk3we8qRESVN0TL22h3rB4l1IohUynM38FDYjN2i08
5Vlt6GvbNWtlSqJ+VrI8PTF+P7MJNl5dDkphp2RiqZI1EnUFVzcnwK+XwQ8cJVts
wSeXaCSXCkce5w+zKdpwgDbeGoBSmAOlYqc3YF8gUBc3VENdbJZuMwGBtF4nqN4V
cPQu8Xt14Wojdu1AqkvxSSH2F1NKGteetMsmJsB/QuLaiQGElve76THD0dncwgta
9Dquh82kM5IFFA1UjvWJR8jlYG3HKaw9yyfLwz816uiqMfvqPUlr4Vp2X00st+aR
TaMm69AVpNTwCqV8IZ0Z1luFddiZqFjWCZIlCciANoVjzawrlNwE3Ch70XtGqxo/
KV3ZnWeICeN862MX0Yt3wSMwoEIjI/wdSx4ZCSD/21J1H6Twy/4=
=HVxj
-----END PGP SIGNATURE-----