[automatic] Publish and update 8 advisories for 7 packages

[jlsec-bot]

This action searched recent NVD/EUVD changes/publications, checking 460 (+2) advisories from NVD and 657 (+283) from EUVD for advisories that pertain here. It identified 8 advisories as being related to the Julia package(s): Libgcrypt_jll, GnuTLS_jll, wolfSSL_jll, MbedTLS_jll, XML2_jll, Kerberos_krb5_jll, and systemd_jll.

2 advisories apply to all registered versions of a package

These advisories had no obvious failures but computed a range without bounds.

• CVE-2025-4598 for packages: systemd_jll
  • systemd_jll computed ["*"]. Its latest version (256.7.0+0) has components: {systemd = "256.7"}
    • systemd_project:systemd at >= 256, < 256.14 mapped to [>= 256.7.0+0], includes the latest version`
• CVE-2025-7394 for packages: wolfSSL_jll
  • wolfSSL_jll computed ["*"]. Its latest version (5.7.2+0) has components: {wolfssl = "5.7.2-stable"}
    • wolfssl:wolfssl at >= 3.15.0, <= 5.8.0 includes all versions

6 advisories found concrete vulnerable ranges

• CVE-2019-19956 for packages: XML2_jll
  • XML2_jll computed ["< 2.9.10+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
• CVE-2020-28196 for packages: Kerberos_krb5_jll
  • Kerberos_krb5_jll computed ["< 1.21.3+0"]. Its latest version (1.21.3+0) has components: {krb5 = "1.21.3"}
• CVE-2020-36421 for packages: MbedTLS_jll
  • MbedTLS_jll computed ["< 2.16.8+0"]. Its latest version (2.28.1010+0) has components: {mbedtls = "2.28.10"}
• CVE-2020-7595 for packages: XML2_jll
  • XML2_jll computed [">= 2.9.10+0, < 2.9.12+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
• CVE-2021-20232 for packages: GnuTLS_jll
  • GnuTLS_jll computed ["< 3.7.1+0"]. Its latest version (3.8.4+0) has components: {gnutls = "3.8.4"}
• CVE-2021-33560 for packages: Libgcrypt_jll
  • Libgcrypt_jll computed ["< 1.8.11+0"]. Its latest version (1.11.1+0) has components: {libgcrypt = "1.11.0"}