libxml-parser-perl - Debian Package Tracker

general

source: libxml-parser-perl (main)
version: 2.47-1
maintainer: Debian Perl Group (archive) (DMD) (LowNMU)
uploaders: gregor herrmann [DMD]
arch: any
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.46-2
oldstable: 2.46-4
stable: 2.47-1
testing: 2.47-1
unstable: 2.47-1

versioned links

2.46-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.46-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.47-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxml-parser-perl (1 bugs: 0, 0, 1, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2006-10003: XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Created: 2026-03-21 Last update: 2026-03-21 07:00

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2006-10003: XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Created: 2026-03-21 Last update: 2026-03-21 07:00

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2006-10003: XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Created: 2026-03-21 Last update: 2026-03-21 07:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2006-10003: XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Created: 2026-03-21 Last update: 2026-03-21 07:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.47-2, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Created: 2026-03-21 Last update: 2026-03-21 11:02

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2024-01-02 Last update: 2024-01-02 11:34

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2006-10003: (needs triaging) XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-03-21 Last update: 2026-03-21 07:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.6.2).

Created: 2024-04-07 Last update: 2025-12-23 20:00

news

[rss feed]

[2026-03-21] Accepted libxml-parser-perl 2.47-2 (source) into unstable (Salvatore Bonaccorso)
[2024-01-04] libxml-parser-perl 2.47-1 MIGRATED to testing (Debian testing watch)
[2024-01-01] Accepted libxml-parser-perl 2.47-1 (source) into unstable (gregor herrmann)
[2022-11-30] libxml-parser-perl 2.46-4 MIGRATED to testing (Debian testing watch)
[2022-11-30] libxml-parser-perl 2.46-4 MIGRATED to testing (Debian testing watch)
[2022-11-27] Accepted libxml-parser-perl 2.46-4 (source) into unstable (Jelmer Vernooĳ) (signed by: Jelmer Vernooij)
[2021-11-06] libxml-parser-perl 2.46-3 MIGRATED to testing (Debian testing watch)
[2021-11-03] Accepted libxml-parser-perl 2.46-3 (source) into unstable (gregor herrmann)
[2020-11-29] libxml-parser-perl 2.46-2 MIGRATED to testing (Debian testing watch)
[2020-11-26] Accepted libxml-parser-perl 2.46-2 (source) into unstable (gregor herrmann)
[2019-10-06] libxml-parser-perl 2.46-1 MIGRATED to testing (Debian testing watch)
[2019-10-03] Accepted libxml-parser-perl 2.46-1 (source) into unstable (Xavier Guimard)
[2019-03-11] libxml-parser-perl 2.44-4 MIGRATED to testing (Debian testing watch)
[2019-02-28] Accepted libxml-parser-perl 2.44-4 (source) into unstable (Xavier Guimard)
[2019-02-26] Accepted libxml-parser-perl 2.44-3 (source) into unstable (Xavier Guimard)
[2016-07-12] libxml-parser-perl 2.44-2 MIGRATED to testing (Debian testing watch)
[2016-07-06] Accepted libxml-parser-perl 2.44-2 (source) into unstable (Salvatore Bonaccorso)
[2015-11-07] libxml-parser-perl 2.44-1 MIGRATED to testing (Britney)
[2015-11-01] Accepted libxml-parser-perl 2.44-1 (source) into unstable (gregor herrmann)
[2014-09-12] libxml-parser-perl 2.41-3 MIGRATED to testing (Britney)
[2014-09-06] Accepted libxml-parser-perl 2.41-3 (source) into unstable (Niko Tyni) (signed by: Dominic Hargreaves)
[2014-07-18] libxml-parser-perl 2.41-2 MIGRATED to testing (Britney)
[2014-07-07] Accepted libxml-parser-perl 2.41-2 (source amd64) (gregor herrmann)
[2011-06-14] libxml-parser-perl 2.41-1 MIGRATED to testing (Debian testing watch)
[2011-06-04] Accepted libxml-parser-perl 2.41-1 (source i386) (Nicholas Bamber) (signed by: gregor herrmann)
[2011-05-31] libxml-parser-perl 2.40-2 MIGRATED to testing (Debian testing watch)
[2011-05-19] Accepted libxml-parser-perl 2.40-2 (source i386) (Nicholas Bamber) (signed by: gregor herrmann)
[2011-05-15] Accepted libxml-parser-perl 2.40-1 (source i386) (Nicholas Bamber) (signed by: gregor herrmann)
[2008-04-20] libxml-parser-perl 2.36-1.1 MIGRATED to testing (Debian testing watch)
[2008-04-09] Accepted libxml-parser-perl 2.36-1.1 (source amd64) (Niko Tyni)

bugs [bug history graph]

all: 1
RC: 0
I&N: 0
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.47-1build4
1 bug