libxml2 -- multiple vulnerabilities

Alan Coopersmith reports:

As discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available so that people other than the maintainer can contribute to fixing security issues in this library.

As part of this, the following 5 CVE's have been disclosed recently:

(CVE-2025-49794) Heap use after free (UAF) leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 [...]

(CVE-2025-49795) Null pointer dereference leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 [...]

(CVE-2025-49796) Type confusion leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 [...]

For all three of the above, note that upstream is considering removing Schematron support completely, as discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/935.

(CVE-2025-6021) Integer Overflow Leading to Buffer Overflow in xmlBuildQName() https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 [...]

(CVE-2025-6170) Stack-based Buffer Overflow in xmllint Shell https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 [...]

[source]