Bug 54778

Summary: libxml2: multiple CVEs
Product: Sisyphus Reporter: Yuri N. Sedunov <aris>
Component: libxml2Assignee: Alexey Shabalin <shaba>
Status: NEW --- QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: at, shaba, zerg
Version: unstable   
Hardware: all   
OS: Linux   
Bug Depends on:    
Bug Blocks: 46625    

Description Yuri N. Sedunov 2025-06-10 20:20:08 MSK 
[CVE-2025-32414] Parsing text via the Python API causes invalid memory access leading to parse failures and crashes
https://gitlab.gnome.org/GNOME/libxml2/-/issues/889

[CVE-2025-32415] Out-of-bounds Read in xmlSchemaIDCFillNodeTables
https://gitlab.gnome.org/GNOME/libxml2/-/issues/890
Comment 1 Sergey V Turchin 2025-06-10 21:27:45 MSK 
(Ответ для Yuri N. Sedunov на комментарий #0)
> failures and crashes
Со времён KDE3 ничего не изменилось. ;-)