Overview

File _patchinfo of Package patchinfo.39592

<patchinfo incident="39592">
  <issue tracker="cve" id="2025-6021"/>
  <issue tracker="cve" id="2025-49796"/>
  <issue tracker="cve" id="2025-49794"/>
  <issue tracker="cve" id="2025-6170"/>
  <issue tracker="bnc" id="1244700">VUL-0: CVE-2025-6170: libxml2: stack buffer overflow may lead to a crash</issue>
  <issue tracker="bnc" id="1244554">VUL-0: CVE-2025-49794: libxml2: heap use after free (UAF) can lead to Denial of service (DoS)</issue>
  <issue tracker="bnc" id="1244557">VUL-0: CVE-2025-49796: libxml2: type confusion may lead to Denial of service (DoS)</issue>
  <issue tracker="bnc" id="1244590">VUL-0: CVE-2025-6021: TRACKERBUG: libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libxml2</summary>
  <description>This update for libxml2 fixes the following issues:

- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places