You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fix CVE-2026-0989: Specially crafted or overly complex schemas can cause
excessive recursion during parsing, which may lead to stack exhaustion and
application crashes. The parser now enforces a limit on inclusion depth
when resolving nested <include> directives; the limit defaults to 1000
and can be modified at runtime with the env variable RNG_INCLUDE_LIMIT.
(Closes: #1125691)
Fix CVE-2026-0990: xmlCatalogXMLResolveURI() will recurse infinitely if
a catalog has a URI delegate referencing itself, eventually resulting in a
call stack overflow. (Closes: #1125695)
Fix CVE-2026-0992: Denial of Service vulnerability due to uncontrolled
resource consumption when processing XML catalogs containing repeated <nextCatalog> elements pointing to the same downstream catalog.
(Closes: #1125696)
Fix CVE-2025-8732: When a catalog file contains a CATALOG directive
pointing to itself, xmlExpandCatalog() and xmlParseSGMLCatalog()
recursively call each other without bounds until stack overflow.
Fix CVE-2026-1757: Memory leak issue in the command parsing logic of the
xmllint interactive shell.
Package information | 软件包信息
Package repository address | 软件包仓库地址
Changelog | 更新信息
libxcb (1.17.0-2) unstable; urgency=medium
[ Aurélien COUDERC ]
(Closes: #1069408)
[ Helmut Grohne ]
[!linux-any].
[ Emilio Pozuelo Monfort ]
libxau (1:1.0.11-1) unstable; urgency=medium
[ Debian Janitor ]
[ Julien Cristau ]
libpthread-stubs (0.5-1) unstable; urgency=medium
[ Debian Janitor ]
source.
[ Julien Cristau ]
check (0.15.2-3) unstable; urgency=medium
subunit (1.4.2-3) unstable; urgency=medium
debhelper (13.24.2) unstable; urgency=medium
[ Christoph Brinkhaus ]
[ Américo Monteiro ]
mawk (1.3.4.20250131-1) unstable; urgency=medium
autoconf (2.72-3.1) unstable; urgency=medium
(Closes: #852617)
libtool (2.5.4-4deepin1) unstable; urgency=medium
libtest-pod-perl (1.52-3) unstable; urgency=medium
man-db (2.13.1-1) unstable; urgency=medium
since 2002.
autoconf-dickey (2.52+20250126-1) unstable; urgency=medium
byacc (1:2.0.20241231-1) unstable; urgency=medium
m4 (1.4.19-8) unstable; urgency=medium
gettext (0.23.1-2deepin1) unstable; urgency=medium
flex (2.6.4-8.2) unstable; urgency=medium
2.5.4a-10) to unversioned Conflicts/Replaces flex-old.
Closes: #1034931
groff (1.23.0-9deepin1) unstable; urgency=medium
gdbm (1.23-3) unstable; urgency=medium
libpipeline (1.5.8-1) unstable; urgency=medium
(thanks, Niels Thykier).
libsigsegv (2.14-1deepin1) unstable; urgency=medium
dh-exec (0.30) unstable; urgency=medium
the files Closes: #1068632
gawk (1:5.2.1-2) unstable; urgency=medium
acl (2.3.2-2) unstable; urgency=medium
attr (1:2.5.2-3) unstable; urgency=medium
Thanks to Frans Spiesschaert Frans.Spiesschaert@yucom.be.
Thanks to Bjarni Ingi Gislason bjarniig@simnet.is. Closes: #1092503
libunistring (1.3-2) unstable; urgency=medium
libxml2 (2.12.7+dfsg+really2.9.14-2.1+deb13u3) trixie; urgency=high
excessive recursion during parsing, which may lead to stack exhaustion and
application crashes. The parser now enforces a limit on inclusion depth
when resolving nested
<include>directives; the limit defaults to 1000and can be modified at runtime with the env variable
RNG_INCLUDE_LIMIT.(Closes: #1125691)
xmlCatalogXMLResolveURI()will recurse infinitely ifa catalog has a URI delegate referencing itself, eventually resulting in a
call stack overflow. (Closes: #1125695)
resource consumption when processing XML catalogs containing repeated
<nextCatalog>elements pointing to the same downstream catalog.(Closes: #1125696)
pointing to itself,
xmlExpandCatalog()andxmlParseSGMLCatalog()recursively call each other without bounds until stack overflow.
xmllint interactive shell.
xmlTextWriterStartElementNS().xmlRelaxNGValidateValue().xmlTextWriterStartAttributeNS().fonts-urw-base35 (20200910-8) unstable; urgency=medium
(Closes: #1064972).
libx11 (2:1.8.12-1) unstable; urgency=medium
libxt (1:1.2.1-1.1deepin1) unstable; urgency=medium
gperf (3.2.1-1) unstable; urgency=medium
(Closes: #1102782)
bats (1.11.1-1) unstable; urgency=medium
mpfr4 (4.2.2-1) unstable; urgency=medium
rename (2.02-1) unstable; urgency=medium
libsm (2:1.2.6-1) unstable; urgency=medium
libice (2:1.1.1-1) unstable; urgency=medium
[ Timo Aaltonen ]
[ Debian Janitor ]
default.
1:1.8).
Replaces.
Breaks.
[ Julien Cristau ]
xmlto (0.0.28-3.1) unstable; urgency=medium
Closes: #1075673
gmp (2:6.3.0+dfsg-3) unstable; urgency=medium
[ Steve Robbins ]
autoconf-archive (20220903-3) unstable; urgency=medium
thanks to Jerome Benoit (Closes: #1020747).
libbsd (0.12.2-2deepin1) unstable; urgency=medium
docbook-xml (4.5-13) unstable; urgency=medium
QA upload.
Added d/gbp.conf to document and enforce pristine-tar and the branch used.
Updated Standards-Version from 4.6.0.1 to 4.7.0.
Use wrap-and-sort -at for debian control files
docbook-xsl (1.79.2+dfsg-7) unstable; urgency=medium
QA upload.
Added missing libxml2-utils dependency for xmllint to autopkgtest control file.
docbook5-xml (5.0-4) unstable; urgency=medium