rpi-buildroot/libxml2.hash at 4db9a46243eea0e7c4e3f852d57a6878ce01ce1a - rpi-buildroot - Gitea: Git with a cup of tea

Projetos/rpi-buildroot

Files

Christian Hitz 4df388d240 package/libxml2: security bump to version 2.13.8

Fixes the following security vulnerabilities:

[CVE-2025-32414] Buffer overflow when parsing text streams with Python API
https://gitlab.gnome.org/GNOME/libxml2/-/issues/889

[CVE-2025-32415] Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables
https://gitlab.gnome.org/GNOME/libxml2/-/issues/890

https://www.openwall.com/lists/oss-security/2025/04/17/3

For release notes since 2.13.6, see:
https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.7.news
https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.8.news

Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
[Julien: add links to release notes]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 8e1ad23f2a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>

2025-05-14 20:58:59 +02:00

5 lines

296 B

Plaintext

Raw Blame History

 # From https://download.gnome.org/sources/libxml2/2.13/libxml2-2.13.8.sha256sum
 sha256  277294cb33119ab71b2bc81f2f445e9bc9435b893ad15bb2cd2b0e859a0ee84a  libxml2-2.13.8.tar.xz
 # License files, locally calculated
 sha256  c99aae1afe013e50b8b3701e089222b351258043c3025b64053a233fd25b4be7  Copyright