CLSA-2026-1773221551 Fix CVE(s): CVE-2025-12084

SECURITY UPDATE: quadratic complexity in xml.dom.minidom node ID cache clearing leads to denial of service - debian/patches/CVE-2025-12084.patch: Replace quadratic indocument traversal with ownerDocument attribute check in clearidcache; ensure Element and Attr instances have ownerDocument...

WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads Exploit

VULNERABILITY DETAILS void DocumentWriter::replaceDocumentconst String& source, Document ownerDocument ... beginmframe-document-url, true, ownerDocument; // 1 // begin might fire an unload event, which will result in a situation where no new document has been attached, // and the old document has...