Control: tags -1 + moreinfo On Thu, 2024-01-25 at 04:45 +0100, Guilhem Moulin wrote: > Fix CVE-2023-34194: Reachable assertion (and application exit) via a > crafted XML document with a '\0' located after whitespace.
+ * Fix CVE-2023-34194 / CVE-2023-40462: Reachable assertion (and application As far as I can tell from the Security Tracker, CVE-2023-40462 specifically refers to TinyXML's use in software that isn't in Debian. Does it make sense to mention it in the changelog? Regards, Adam