-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Jun 2025 16:50:13 +0800
Source: libxml2
Binary: libxml2 libxml2-dbgsym libxml2-dev libxml2-utils libxml2-utils-dbgsym python3-libxml2 python3-libxml2-dbgsym
Architecture: i386
Version: 2.9.14+dfsg-1.3~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dev - GNOME XML library - development files
 libxml2-utils - GNOME XML library - utilities
 python3-libxml2 - GNOME XML library - Python3 bindings
Closes: 1051230 1053629 1063234 1071162 1094238 1098320 1098321 1098322 1102521 1103511
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u2) bookworm-security; urgency=high
 .
   * Security fixes:
     - CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
       (Closes: #1051230)
     - CVE-2023-45322: use-after-free in xmlUnlinkNode()
       (Closes: #1053629)
     - CVE-2024-25062: use-after-free in xmlValidatePopElement()
       (Closes: #1063234)
     - CVE-2025-32414: out-of-bounds read in Python bindings
       (Closes: #1102521)
     - CVE-2025-32415: heap-based buffer under-read via
       xmlSchemaIDCFillNodeTables() (Closes: #1103511)
     - CVE-2022-49043: use-after-free in xmlXIncludeAddNode()
       (Closes: #1094238)
     - CVE-2024-34459: buffer over-read in xmlHTMLPrintFileContext of xmllint
       (Closes: #1071162)
     - CVE-2024-56171: use-after-free after xmlSchemaItemListAdd()
       (Closes: #1098320)
     - CVE-2025-24928: stack-buffer-overflow in xmlSnprintfElements()
       (Closes: #1098321)
     - CVE-2025-27113: NULL pointer dereference in xmlPatMatch()
       (Closes: #1098322)
Checksums-Sha1:
 a4522b9d78183473a3141b958a2fdbe889b72826 1710532 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 0a85e921213d27d8032729bb1a43abe3763509f9 846236 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_i386.deb
 8286caa4b09cf16151c6adf3be0fb184b93cbedd 71052 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 c9cb704804147c586a95a7a078397ac2d58f53fe 99424 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_i386.deb
 31a81c52d8b55f26ea56578ec9bc8cce8f31f9d3 9072 libxml2_2.9.14+dfsg-1.3~deb12u2_i386-buildd.buildinfo
 94da69be5f4c7b28460a8630b0912795978d7ca6 720708 libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb
 7a4b492fe779908b0fbd5ac927121ad43421b0ef 181776 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 f9d52965432567a428367a2da02aab6d71abd791 188596 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb
Checksums-Sha256:
 1021fe3bc706e560e4b0db18f3f25ec771feca362ebcaf10680e07a1323036e6 1710532 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 3b0109fc765006b8267037da8fdbab22a7ebf80cc69201bf7d1ed7460a392f7f 846236 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_i386.deb
 1f88fd463e54346352dc506c6c62492105f97a253e8cbb9fc783d196d4e93675 71052 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 c6ce7d03b8d0aa12f666236004f80b5b7f0866ce7af268caa2b83b43f783268d 99424 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_i386.deb
 c1ddab7491420348e06a10bb5bf50abab6e21d9120ab1e4395afa8ea5371ed96 9072 libxml2_2.9.14+dfsg-1.3~deb12u2_i386-buildd.buildinfo
 aea200d9cd4255fef2a9c1e0612a7af46cbabec763c8d9e3ce37e425c25210b3 720708 libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb
 9572d82aff6ccb776185e1c1d22946058b1c0042eb8063da5aa170522f8d65a6 181776 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 a30dac556dbea9052b95728c97a7cc42d2174d7bf003938a1ee22fbbedd07ca8 188596 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb
Files:
 840eacccb5d68907baca96c983d77a3b 1710532 debug optional libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 33ccde00465a4f931ba3d360b004df65 846236 libdevel optional libxml2-dev_2.9.14+dfsg-1.3~deb12u2_i386.deb
 869cb9634d5c8742b63795ae99029941 71052 debug optional libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 ea39160cb4d942c7455f03605b292c83 99424 text optional libxml2-utils_2.9.14+dfsg-1.3~deb12u2_i386.deb
 642a1b96aabbcb34f9f731f1edc89602 9072 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_i386-buildd.buildinfo
 7a9b2915fa194dae2e864525e83593cd 720708 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb
 2678e4cfb2848cd32af88c8e2a32a34b 181776 debug optional python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_i386.deb
 73664f0c83ffb4e0a3662ce4aa78e11a 188596 python optional python3-libxml2_2.9.14+dfsg-1.3~deb12u2_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEc5vuvf2HND40bnI+8IREj/cRiTMFAmhCtRIACgkQ8IREj/cR
iTPy9A//YBK//3d867abte2c1jasU03nKwh55/tD4zqA7frOx+yXbRc/vHkyseX0
9Z3SlNjEnn0NlzmLdyIOOMJxLrE9/0Wmwj84164aW5priOsYIIKyYC5ZgOc+3ugd
Rmo+j94dD4C6J7yeKF8IQs7q82Fbl2iZUd5ED2OMY9xZpZ35duf8JrqEev7T1oxt
O1yw+lBHMW9+EulJ7MPa+hhcIXhzbJBpd0mDWPj2RNjEkxCuFwu9LWyhDJHq1HDS
r8ErKe3O/2dVJM9VwuPTOoKvvP3lWLisdc51ZJ+ia+aCtIXZAGoiVsbeCt6Y42rg
JGmUCTPNNEC5emuf8SCX3fDkDj4sHPyAJvawKEBDRn6mdL3Q0cTWHyPjPleagqu0
kawfWkiCep46+rKgaOEQHgRlY6x7eQbvMZGYco6hDgbr57AnRaVQgCL9r750Gh2S
UJugszB+C54D/B0kFS+0PWnX7faOeYuSN0sxJAJU5N+wxv+cWUgP1tS4UNDLP7rw
oNEel1tyQb5NTq8l04RRezqs1wMCzrm3iLLnISnOHxCvRHsOT1SafRV+Gh+NG3qv
IO9SW3tnaYJ/W8eS9oIcIFaFi43g023nPnzQCvcOnhiGwdttx+rtuqpxgl8O6AK4
sWijNYPNOG2kdIL5j52q4p6B1htpQXFqfktcDGeurDw4QWHJ3xE=
=Tp9y
-----END PGP SIGNATURE-----