package release.debian.org tags 1139256 = bookworm pending thanks Hi,
The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details ============== Package: libxml2 Version: 2.9.14+dfsg-1.3~deb12u6 Explanation: fix catalogue recursion and duplicate-catalog handling [CVE-2025-8732 CVE-2026-0990 CVE-2026-0992]; limit RelaxNG include recursion [CVE-2026-0989]; fix xmllint shell memory leak [CVE-2026-1757]; correct schematron regression-test outputs [CVE-2025-49794 CVE-2025-49796]; fix XML writer and schematron memory leaks; mitigate RelaxNG validation use-after-free; update catalogue and RelaxNG regression tests
