File _patchinfo of Package patchinfo.42775

<patchinfo incident="42775">
  <issue tracker="cve" id="2026-1757"/>
  <issue tracker="cve" id="2026-0992"/>
  <issue tracker="cve" id="2025-10911"/>
  <issue tracker="cve" id="2026-0990"/>
  <issue tracker="bnc" id="1256809">VUL-0: CVE-2026-0992: libxml2: libxml2: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `&lt;nextCatalog&gt;` elements</issue>
  <issue tracker="bnc" id="1250553">VUL-0: CVE-2025-10911: libxslt: use-after-free with key data stored cross-RVT</issue>
  <issue tracker="bnc" id="1257593">VUL-0: CVE-2026-1757: TRACKERBUG: libxml2: memory leak in the `xmllint` interactive shell</issue>
  <issue tracker="bnc" id="1257594">VUL-0: CVE-2026-1757: libxml2: libxml2: memory leak in the `xmllint` interactive shell</issue>
  <issue tracker="bnc" id="1256812">VUL-0: CVE-2026-0992: python-libxml2, python-libxml2-python: libxml2: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `&lt;nextCatalog&gt;` elements</issue>
  <issue tracker="bnc" id="1256807">VUL-0: CVE-2026-0990: libxml2: libxml2: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`</issue>
  <issue tracker="bnc" id="1256808">VUL-0: CVE-2026-0992: TRACKERBUG: libxml2: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `&lt;nextCatalog&gt;` elements</issue>
  <issue tracker="bnc" id="1256811">VUL-0: CVE-2026-0990: python-libxml2, python-libxml2-python: libxml2: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`</issue>
  <issue tracker="bnc" id="1257595">VUL-0: CVE-2026-1757: python-libxml2: libxml2: memory leak in the `xmllint` interactive shell</issue>
  <packager>david.anes</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libxml2</summary>
  <description>This update for libxml2 fixes the following issues:

- CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811)
- CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812)
- CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595)
- CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553)
  </description>
</patchinfo>