Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c78dafb7 by Salvatore Bonaccorso at 2025-04-17T22:30:33+02:00
Add CVE-2025-32415/libxml2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -327,7 +327,11 @@ CVE-2025-32504 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2025-32490 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-32415 (In libxml2 before 2.13.8 and 2.14.x before 2.14.2,
xmlSchemaIDCFillNod ...)
- TODO: check
+ - libxml2 <unfixed>
+ NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/890
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/487ee1d8711c6415218b373ef455fcd969d12399
(master)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ac33b1c821b4e67326e8e416945b31c9537c7c0
(v2.14.2)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84
(v2.13.8)
CVE-2025-31380 (Weak Password Recovery Mechanism for Forgotten Password
vulnerability ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31030 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c78dafb7f38628796f50fc0f288468c96feb39c5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c78dafb7f38628796f50fc0f288468c96feb39c5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
