Bug#1107753: marked as done (libxml2: CVE-2025-49795: Null pointer dereference leads to Denial of service (DoS) )

Debian Bug Tracking System Mon, 28 Jul 2025 02:09:16 -0700

Your message dated Mon, 28 Jul 2025 11:07:44 +0200
with message-id <[email protected]>
and subject line Re: Bug#1107753: libxml2: CVE-2025-49795: Null pointer 
dereference leads to Denial of service (DoS)
has caused the Debian Bug report #1107753,
regarding libxml2: CVE-2025-49795: Null pointer dereference leads to Denial of 
service (DoS) 
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1107753: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107753
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Source: libxml2
Version: 2.12.7+dfsg+really2.9.14-1.3
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libxml2/-/issues/932
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerability was published for libxml2.

CVE-2025-49795[0]:
| Null pointer dereference leads to Denial of service (DoS)


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-49795
    https://www.cve.org/CVERecord?id=CVE-2025-49795
[1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/932

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Version: 2.14.5+dfsg-0exp1

On Fri, 13 Jun 2025 at 21:02:51 +0200, Salvatore Bonaccorso wrote:
> The following vulnerability was published for libxml2.
>
> CVE-2025-49795[0]:
> | Null pointer dereference leads to Denial of service (DoS)

sid has 2.9 which is not affected (value-of tag support was added in
v2.10.0).

-- 
Guilhem.

signature.asc
Description: PGP signature

--- End Message ---

Bug#1107753: marked as done (libxml2: CVE-2025-49795: Null pointer dereference leads to Denial of service (DoS) )

Reply via email to