There are 2 open security issues in bookworm.
2 issues left for the package maintainer to handle:
- CVE-2024-50614:
(postponed; to be fixed through a stable update)
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
- CVE-2024-50615:
(postponed; to be fixed through a stable update)
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
You can find information about how to handle these issues in the security team's documentation.