-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 21 Mar 2026 22:06:33 +0100 Source: libxml-parser-perl Architecture: source Version: 2.46-4+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Perl Group Changed-By: Salvatore Bonaccorso Closes: 378412 Changes: libxml-parser-perl (2.46-4+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow in parse_stream when filehandle has :utf8 layer. This improves the fix for CVE-2006-10002. * fix: off-by-one heap buffer overflow in st_serial_stack growth check (CVE-2006-10003) (Closes: #378412) Checksums-Sha1: 168b959cd9b8939bf1e408f23e53fd26594c4fbf 2382 libxml-parser-perl_2.46-4+deb12u1.dsc 40cba8a10847b71804684e5c72a410277f47f8ce 254763 libxml-parser-perl_2.46.orig.tar.gz 56c722036e7e968582a66a4079f0465dbffe887f 61004 libxml-parser-perl_2.46-4+deb12u1.debian.tar.xz Checksums-Sha256: 57629ce422273a0599a5b9b8d6e935062613729582f994c954382b043ba180e9 2382 libxml-parser-perl_2.46-4+deb12u1.dsc d331332491c51cccfb4cb94ffc44f9cd73378e618498d4a37df9e043661c515d 254763 libxml-parser-perl_2.46.orig.tar.gz 40c06250d15155d112483bc464ebc676092f196aa2deb67124a534c7294b6bee 61004 libxml-parser-perl_2.46-4+deb12u1.debian.tar.xz Files: 335720fc5544f2e4dd3684ccf42a33da 2382 perl optional libxml-parser-perl_2.46-4+deb12u1.dsc 80bb18a8e6240fcf7ec2f7b57601c170 254763 perl optional libxml-parser-perl_2.46.orig.tar.gz 49a1f32c8d59bf4deea4132dda720a86 61004 perl optional libxml-parser-perl_2.46-4+deb12u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmnAQ4VfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EcJkP+QE2BmO80Rlnru88Rea0Ic9v3ikgIZGh B9NbuTOOaQUMCfHWLCSU6TTnAUFJlcwGIxkCPVLuqjPmr4xEEuNTFv1fDLK3dO5X TOpapQfZuFfipRS/IWSiV66AU/E0TMxZ2+VvLsrVSuJubUIO3KMNwxB0JlTvmOKz Tf5XPCWeF+JthSGLTYs1auKsuPrp+0oyJFxy/ZTJH8hXNdcV1m0lv/85lxawAUcr FsAsFonRKedHxFd86hMnTUa+CjQRGS6uCMbRXHZa2WrhihVW7420g0pmchUb36nt I7fBi5ON91ReEzHQ//u8hvyh4X21bV5MB+KR5D27H9S4lAM1qsKsVd/+ZipQr1RY EtEyfHScnuBbq0V2/iq7A7fti4nNLGgOx/46PkuDV7BI9pp9hT5BHhyPO31lvbl+ vb6KW02/uBirucN5LBeAyNwBEkr6eS+Y8FAd/rivLcTL0wSORnvpicfvjlcgo2kK 30i2f3YX6ZYOF2PWaaJ3P4H/9cRwyLlhEXFDDR4RQ36YJXupn9ixd8cp8z0CRMT+ n61sO25dbYNHjN+arBF+M1Gb5EwX1e1bG3ghk3ZmyCrFiYXZa+SvdNnIp7gwpgwM 1YoVtNqzPZowEzQ8smEuyTgjTcBLL9Wr0zYaCObzxj+RJz/zbf4Iu+p4kB6orWB4 +rhp/czBe6xb =xWyk -----END PGP SIGNATURE-----