I just did a system update and once again I see some high vulnerabilities on libxml2. I am sure it could use some love. It looks like a build with autoconf. I can do that! https://gitlab.gnome.org/GNOME/libxml2 See if I can build this thing as a start. Brian libxml2 (2.9.10+dfsg-6.7+deb11u8) bullseye-security; urgency=high * Non-maintainer upload by the LTS Team. * Fix CVE-2024-34459: Heap buffer overflow with `xmllint --htmlout` (Closes: #1071162). * Fix CVE-2025-6021: Integer overflow issue in xmlBuildQName. (Closes: #1107720). * Fix CVE-2025-6170: Potential buffer overflows in the interactive shell (Closes: #1107938). * Fix CVE-2025-49794: Use-after-free issue in xmlSchematronReportOutput (Closes: #1107755). * Fix CVE-2025-49796: Type confusion issue in xmlSchematronReportOutput (Closes: #1107755). -- Brian Lavender https://www.brie.com/brian/ "There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies." Professor C. A. R. Hoare The 1980 Turing award lecture