Package: release.debian.org Severity: normal User: [email protected] Usertags: unblock Control: affects -1 + src:libxml2
Dear release team,
I would like to apply two patches for libxml2 fixing 3 CVEs:
- CVE-2025-6021: integer overflow in xmlBuildQName() (Closes: #1107720)
- CVE-2025-{49794,49796}: use after free and type confusion in
xmlSchematronReportOutput() (Closes: #1107755)
Regards,
Aron
libxml2_2.12.7+dfsg+really2.9.14-2.debdiff
Description: Binary data
