git: 516ddee744c9 - main - security/vuxml: adjust affected textproc/libxml2 versions
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 21 Jun 2025 18:40:55 UTC
The branch main has been updated by vishwin:
URL: https://cgit.FreeBSD.org/ports/commit/?id=516ddee744c94bccd75edf2e571a8c04dd96084c
commit 516ddee744c94bccd75edf2e571a8c04dd96084c
Author: Charlie Li <vishwin@FreeBSD.org>
AuthorDate: 2025-06-21 18:38:59 +0000
Commit: Charlie Li <vishwin@FreeBSD.org>
CommitDate: 2025-06-21 18:38:59 +0000
security/vuxml: adjust affected textproc/libxml2 versions
Account for all branches' minor versions with fixes and local
backports to 2.11.
PR: 287391
---
security/vuxml/vuln/2025.xml | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index a9690dc889c7..fc3c3004bbac 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -952,8 +952,13 @@
<topic>libxml2 -- Out-of-bounds memory access</topic>
<affects>
<package>
- <name>libxml2</name>
- <range><lt>2.14.2</lt></range>
+ <name>py39-libxml2</name>
+ <name>py310-libxml2</name>
+ <name>py311-libxml2</name>
+ <name>py312-libxml2</name>
+ <range><lt>2.11.9_3</lt></range>
+ <range><ge>2.12.0</ge><lt>2.13.8</lt></range>
+ <range><ge>2.14.0</ge><lt>2.14.2</lt></range>
</package>
</affects>
<description>
@@ -983,7 +988,9 @@
<affects>
<package>
<name>libxml2</name>
- <range><lt>2.13.6</lt></range>
+ <range><lt>2.11.9_1</lt></range>
+ <range><ge>2.12.0</ge><lt>2.12.10</lt></range>
+ <range><ge>2.13.0</ge><lt>2.13.6</lt></range>
</package>
</affects>
<description>
@@ -1012,7 +1019,9 @@
<affects>
<package>
<name>libxml2</name>
- <range><lt>2.13.6</lt></range>
+ <range><lt>2.11.9_1</lt></range>
+ <range><ge>2.12.0</ge><lt>2.12.10</lt></range>
+ <range><ge>2.13.0</ge><lt>2.13.6</lt></range>
</package>
</affects>
<description>