-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Jun 2025 16:50:13 +0800
Source: libxml2
Binary: libxml2 libxml2-dbgsym libxml2-dev libxml2-utils libxml2-utils-dbgsym python3-libxml2 python3-libxml2-dbgsym
Architecture: arm64
Version: 2.9.14+dfsg-1.3~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libxml2    - GNOME XML library
 libxml2-dev - GNOME XML library - development files
 libxml2-utils - GNOME XML library - utilities
 python3-libxml2 - GNOME XML library - Python3 bindings
Closes: 1051230 1053629 1063234 1071162 1094238 1098320 1098321 1098322 1102521 1103511
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u2) bookworm-security; urgency=high
 .
   * Security fixes:
     - CVE-2023-39615: out-of-bounds read via the xmlSAX2StartElement()
       (Closes: #1051230)
     - CVE-2023-45322: use-after-free in xmlUnlinkNode()
       (Closes: #1053629)
     - CVE-2024-25062: use-after-free in xmlValidatePopElement()
       (Closes: #1063234)
     - CVE-2025-32414: out-of-bounds read in Python bindings
       (Closes: #1102521)
     - CVE-2025-32415: heap-based buffer under-read via
       xmlSchemaIDCFillNodeTables() (Closes: #1103511)
     - CVE-2022-49043: use-after-free in xmlXIncludeAddNode()
       (Closes: #1094238)
     - CVE-2024-34459: buffer over-read in xmlHTMLPrintFileContext of xmllint
       (Closes: #1071162)
     - CVE-2024-56171: use-after-free after xmlSchemaItemListAdd()
       (Closes: #1098320)
     - CVE-2025-24928: stack-buffer-overflow in xmlSnprintfElements()
       (Closes: #1098321)
     - CVE-2025-27113: NULL pointer dereference in xmlPatMatch()
       (Closes: #1098322)
Checksums-Sha1:
 a1ec8edfc6269cfde223274e5d6d863530e831af 1868152 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 05a8d926bf0c5952efb85840eb1f072f08180319 739336 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 885ec93eb5bb8d0e8760bdbc49dd20e2703c987c 80184 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 2a59ccd56e5cbe00a42169e378a8d19ec77abb92 97476 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 45dd7ee1cf97fb86fc30b39ced0a105c779b915e 9162 libxml2_2.9.14+dfsg-1.3~deb12u2_arm64-buildd.buildinfo
 d3d4a41edd767110cf8a5207077d0836cb05dfa8 619048 libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 d8c8f7337d5ffdf4c73ea62d2b4a3d1f039433f3 241208 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 0b8018b037dd71a7362c7120ebe3394cade9798a 184596 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb
Checksums-Sha256:
 c72f6c11f1466bdc5ee06d1b9a07ff1f1d48326b3ecb774f32803cf502a1437f 1868152 libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 f9e31e93d8434c00e5e78f547f8433f4a6bc4ab088cf9671e6c68f491857c6e2 739336 libxml2-dev_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 cca43d8daa65a59a59ca409783f4a393e9793f9f633f9d800419bcdc6b598ec4 80184 libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 3da53c7345b49e83f3d3f37da367f218b3d576ca2f5406bfa73cad5c1c10ec08 97476 libxml2-utils_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 da5da3e10afc738737f2e53d8ebafb1b8ddd8a19cd07f34ca2f0bccb313a5fcc 9162 libxml2_2.9.14+dfsg-1.3~deb12u2_arm64-buildd.buildinfo
 934390847afe68ed72d19e6f533cf63f5797709485e2cf353bb39f4421accceb 619048 libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 1b426d0b452ade4982ac3172913425f5f65d263d940a113165b83721ff4219fc 241208 python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 1f5360177ae42a4bb5d2dab17048ce87a4f2d831f33f654b9fe80de47f47f5ab 184596 python3-libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb
Files:
 7681b641c89f90d9284bc02d2dc9095f 1868152 debug optional libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 e138bb5d4bceb690caaf4e51a31baa28 739336 libdevel optional libxml2-dev_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 ad632aa2c591e9935c587f102b0eacc9 80184 debug optional libxml2-utils-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 fffc600492d6fa65063da7aec50df670 97476 text optional libxml2-utils_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 089ce956770c4ef26464bf42e7a60207 9162 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_arm64-buildd.buildinfo
 8e97ac86fc68576b29684862f6218784 619048 libs optional libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 7f6ce208e61e9eee31220ce73e0a353b 241208 debug optional python3-libxml2-dbgsym_2.9.14+dfsg-1.3~deb12u2_arm64.deb
 93b17f3954042976c284aa61c17d9a2f 184596 python optional python3-libxml2_2.9.14+dfsg-1.3~deb12u2_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbIns2iWsAAdAqh2MS/ZIXkV8oLAFAmhCtgMACgkQS/ZIXkV8
oLCwzRAAymKYuf6QIehHoUFsWO6OqXk08TMf106i8UZMFoIkf6DxhcREf2bnNdNP
AMMaKgdwc+ZY0ob+zN6nXdLMdIxUFHpKozYs1inHAymUFzR5F1L/onEYA5X6c8+L
VpghapoZApWdpHW8u+wdEr9seTJE8Wi2Ngi+A7N+xeKc4oWIchp9tl41O4Oh7n95
kVVuzgRPYChKTljGkS2x/BLD/cvyEvtPtQgyRhazjHF/FzRJg9HbJS08ZA/I9BuT
cKpVkEdBZf8nFIDqdssCFV6BckQ9Es5rbEc1sifK9NMqzfhKYW87Jt05kDtHvfne
WU6hvc9JGQR9CVSQJD/WNHlG0F/+G+dEOVHu8AVnmfLc7ZwzJpDoapQNqBmADuRY
Zcqeo2F9yHoEWQgMG4s9+/8X/y4HjU26DtVbCtEeCKtgC67aPQSzRAplTdz0CwVG
4ktYYiDo2aVS3UAdBVKNvRK/u/nNS4X0uwpSNrKzjKW7l971HWC9UHB1T3/rrQRv
YjJUH7GK8LAqKyUc111dYofabAOQNTAJqkTDkS9MnyujtsZhoq22JqZxrlwLu5w+
eFL6g4HVUgeHvhgtIKcrZRnaa7vXtTJ50/f4xZLACsGoZmY9HxzMmMKQYCdg3Lxs
KrSVXdlQVOSYEYyB1wj9hWXP58Ab0477ViwWWLWiPkmz6noaE6g=
=HWzv
-----END PGP SIGNATURE-----