-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Jun 2025 16:50:13 +0800
Source: libxml2
Binary: libxml2 libxml2-dbgsym libxml2-dev libxml2-utils libxml2-utils-dbgsym python3-libxml2 python3-libxml2-dbgsym
Architecture: armel
Version: 2.9.14+dfsg-1.3~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dev - GNOME XML library - development files
 libxml2-utils - GNOME XML library - utilities
 python3-libxml2 - GNOME XML library - Python3 bindings
Closes: 1051230 1053629 1063234 1071162 1094238 1098320 1098321 1098322 1102521 1103511
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u2) bookworm-security; urgency=high
 .
   * Security fixes:
     - CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
       (Closes: #1051230)
     - CVE-2023-45322: use-after-free in xmlUnlinkNode()
       (Closes: #1053629)
     - CVE-2024-25062: use-after-free in xmlValidatePopElement()
       (Closes: #1063234)
     - CVE-2025-32414: out-of-bounds read in Python bindings
       (Closes: #1102521)
     - CVE-2025-32415: heap-based buffer under-read via
       xmlSchemaIDCFillNodeTables() (Closes: #1103511)
     - CVE-2022-49043: use-after-free in xmlXIncludeAddNode()
       (Closes: #1094238)
     - CVE-2024-34459: buffer over-read in xmlHTMLPrintFileContext of xmllint
       (Closes: #1071162)
     - CVE-2024-56171: use-after-free after xmlSchemaItemListAdd()
       (Closes: #1098320)
     - CVE-2025-24928: stack-buffer-overflow in xmlSnprintfElements()
       (Closes: #1098321)
     - CVE-2025-27113: NULL pointer dereference in xmlPatMatch()
       (Closes: #1098322)
Checksums-Sha1:
 6b68362e6ff902ba2f749d40d360cef393d85cc3 1819700 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 2a06f8fb326023cf6a8e1f569f4f7a00e902f9f0 687072 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_armel.deb
 21aa7055f87eca39ecf42795b1e759291708acd4 76820 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 fd65723f7f2eb23b575d86f139607e9d18a2147d 97392 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_armel.deb
 943f4614915bebd414843cfc71749fc76a48b808 9004 libxml2_2.9.14+dfsg-1.3~deb12u2_armel-buildd.buildinfo
 c245d684a92af1ca1b8861afde9feb3b943d2a91 571932 libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb
 4cf4840775a32fbb26682f743cd83f254c30d6cf 248604 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 4734f38d49d9048d9462530d8b6f3505c266fcbe 177508 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb
Checksums-Sha256:
 466883a7ce5172938bf966cc0b2dacac73c9c3b44e12fc23aea55741ca8367c6 1819700 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 8ea71b8530d6622367556957923a10d56c2427662e78cf5d126152f405a4727e 687072 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_armel.deb
 1e89b64f67bce62e0d7a7aecc88a7907bdc345b8aa325c77bc7bfec9d61405f8 76820 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 70f3b3412fc3feeed5684dca617e0f7cfafba06bae8f8d40a25d77ec6628d64a 97392 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_armel.deb
 dd3057b0c17ba5fcf0317faa1a5c166339e625a2705915af3a39896dfd4a15c1 9004 libxml2_2.9.14+dfsg-1.3~deb12u2_armel-buildd.buildinfo
 3fe005904d6659e90e376bac71cc99348dbd61bd943fc1439dfb3f847ae6620f 571932 libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb
 d5dc2f1054f0ba0ff564a75104f0e526d0e3cc78d6a60b45641bf026ed9b2153 248604 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 249c73ab72693d81c7b38088554a4745e5c175e951bfd80eab611556ab56e97c 177508 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb
Files:
 3b9fac6f24c0642181067d3a6f95d7fe 1819700 debug optional libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 862e47530dbb6613aed2ca0eb8a55783 687072 libdevel optional libxml2-dev_2.9.14+dfsg-1.3~deb12u2_armel.deb
 5fba9c37f89cadd83f48175ea56c411b 76820 debug optional libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 f44bd19926e0834644e94b52cb523f38 97392 text optional libxml2-utils_2.9.14+dfsg-1.3~deb12u2_armel.deb
 fb94963dd0ae9d975467b5d8a917ba88 9004 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_armel-buildd.buildinfo
 50d2f659f892c749aad1a45cb0c3272d 571932 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb
 b9316ddfe15cf48275a450980248fd0c 248604 debug optional python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_armel.deb
 d46640530e57eaf526876f32aa3a1ee6 177508 python optional python3-libxml2_2.9.14+dfsg-1.3~deb12u2_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENsdrABvTD8MQ0UffVza3l394K2AFAmhCtk8ACgkQVza3l394
K2CtZxAAvdWsYCAkxHQmH3RLjr3CKOAgEXCgGUhx3t6d8BwBcvwLfkixw7ug+gL9
k2MXqyMdQG6PrscpmqETwtJJWIJk31g9D1kTcggeZJPXutdgtva+SNKnSArpbvhr
rXxe9YI+G7dYAwMBpa2fypEsLL+t22Ty4dI0N7ozYNyxwLzP9FY6DGDTwkxVQg0u
Ag4x1GeyqeTS0vhbOvI+78OhGZDTsQt2nkF52+2bYX+xGozofGsY9rBukJDnGcCr
7lbETwyV9cIMh7b/BwetXv5g+d0p+CqHk6IllnNdGbRD3jpVtJg0Hm0Q8c4BVopn
A+vXNsPDuq+CcwWQbtgRRrnumTvSAvi1GJww93eEwmmuP/szhv+SJk6DZraZnEal
ZWiQXVD6tBi0nz5BxV0nviZUkuEKJ3YLEjLXP3NZwPH2F1VlErUDMzbtOA7RJOP0
KiGlqcp20Vav08Mkawf2KdGtSeueEQRnW6VBmuBkqWdbTfYX7zFVYhh6POdQqJZ2
QjEGQBFnGpvCTukbYcBVPgscad1vTPMjBnua2U8g1v+TtCMpZa8GmIKbUIeNnUU8
GIgjyeSJvkZFi3d+Y/3U6dc2A9NXdfpFrrJxyldtWV8R4lwoW0o75ymWviUwZilo
C+dyTbjhRi9RZvyxmQ3QnZjCK2yHJbwjzzWDcdpeQRhRD1Xrphc=
=lOY6
-----END PGP SIGNATURE-----