-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 07 Jun 2026 17:53:53 +0200
Source: libxml2
Architecture: source
Version: 2.9.14+dfsg-1.3~deb12u6
Distribution: bookworm
Urgency: high
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1125691 1125695 1125696
Changes:
 libxml2 (2.9.14+dfsg-1.3~deb12u6) bookworm; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2026-0989: Specially crafted or overly complex schemas can cause
     excessive recursion during parsing, which may lead to stack exhaustion and
     application crashes. The parser now enforces a limit on inclusion depth
     when resolving nested `<include>` directives; the limit defaults to 1000
     and can be modified at runtime with the env variable `RNG_INCLUDE_LIMIT`.
     (Closes: #1125691)
   * Fix CVE-2026-0990: `xmlCatalogXMLResolveURI()` will recurse infinitely if
     a catalog has a URI delegate referencing itself, eventually resulting in a
     call stack overflow. (Closes: #1125695)
   * Fix CVE-2026-0992: Denial of Service vulnerability due to uncontrolled
     resource consumption when processing XML catalogs containing repeated
     `<nextCatalog>` elements pointing to the same downstream catalog.
     (Closes: #1125696)
   * Fix CVE-2025-8732: When a catalog file contains a CATALOG directive
     pointing to itself, `xmlExpandCatalog()` and `xmlParseSGMLCatalog()`
     recursively call each other without bounds until stack overflow.
   * Fix CVE-2026-1757: Memory leak issue in the command parsing logic of the
     xmllint interactive shell.
   * Fix unit tests for CVE-2025-49794 and -49796.
   * Backport some more upstream changes from v2.15.2:
     + Fix memory leak of prefix in `xmlTextWriterStartElementNS()`.
     + Mitigate use-after-free issue in `xmlRelaxNGValidateValue()`.
     + Fix memory leak in `xmlTextWriterStartAttributeNS()`.
     + Schematron: Fix additional memory leaks on error paths.
     + Catalog: Fix stack overflow from self-referencing SGML CATALOG entries.
Checksums-Sha1:
 5ee2d167c62ac3a43211867a234898ad41a3673c 2974 libxml2_2.9.14+dfsg-1.3~deb12u6.dsc
 a010768073027ad985584f25b472b826ff07e55a 56668 libxml2_2.9.14+dfsg-1.3~deb12u6.debian.tar.xz
 5b6fa9745e4a138b41551a099ab17992dde1cb78 5851 libxml2_2.9.14+dfsg-1.3~deb12u6_source.buildinfo
Checksums-Sha256:
 d86ce3efb1b75d2781f72f5cdd187474c148a915d610295c85162681bb070a65 2974 libxml2_2.9.14+dfsg-1.3~deb12u6.dsc
 f33a99a0018cbb94aadc3bf26661e401cb90dff856aa170faf7239151ee9b9ac 56668 libxml2_2.9.14+dfsg-1.3~deb12u6.debian.tar.xz
 f7ff24957f2bd196baf128ccefac4e1e82cf55df1c15a8f358abbe220e568f77 5851 libxml2_2.9.14+dfsg-1.3~deb12u6_source.buildinfo
Files:
 7c69b7dfe9956382bb0a131e6849f3ae 2974 libs optional libxml2_2.9.14+dfsg-1.3~deb12u6.dsc
 361179f92d021df788180fd03f4dafcd 56668 libs optional libxml2_2.9.14+dfsg-1.3~deb12u6.debian.tar.xz
 ab4152bff09a47262b95f1bda2b8b771 5851 libs optional libxml2_2.9.14+dfsg-1.3~deb12u6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmonHaIACgkQ05pJnDwh
pVKY0xAAlFcjkZ22885sxXSJ2HiDAZunKLdHe7AxeEubAG0ZBtQLP2fBAmK7HcT1
9m+Oz12W65CynmN77Yvoix/mIT4mAq/7Fmc8bM1kpDCEyZ8q9GZDefJNdvom7hQV
l0LGIMjd8Edb1tfOpauc22x1IPujXiohJu3D/eTAts5V44vTBwo33DdkiTw22ZOF
sdjeyLRmuHGUk6/CjTDDULkP2qjqoDAtrO1zhVLfQjM5hqfANnrw0VgEEyRtD0r8
VwI9VXvKS9q3jF/+K8nbk+KtQA+qV3zomEuvRjepWTm6S9vTIgd30SslIgZJd5HM
BBEpiOS2INglLNsPSXsFeiZbXUtzw4S1mk5u9D2nxnhn51ph3hj/om5RB8dSt6bk
G4/aw9XHPuUpsVZq8qQvg/F8RkwGkmSAW7ohBqbN/yGfRJlhX2KtBGJ7mWsyzdAN
DfHlp39jQ8Qozv2PE/9hdjTJjc1JgADouJgiPKdcN+zU67clQH24iGdtMOQDjZFm
KFL2XLoUVi8WxFGVY1sx76rz1oUk5O3zYey0Mg8/CiOSyGomdvZY8T9r/OlmSaXB
+W4YtHDeMfUQGjQOMWoSyjLbgLT0TvaAkg5H1f7+7SQs6nfItuybS1v2P6TE36qG
EUHb8iiFwOy5MJyCQXKm+uIMsP3GBO04ot0VKWd2SMkS+PZWjNU=
=V5Ti
-----END PGP SIGNATURE-----