summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2015-01-15 09:37:16 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-01-15 16:55:17 +0000
commit10837473b27aa1708866eb2b1b5701daa984e94e (patch)
tree403d62d074c02889a58a957963cfd8a21ac3b774
parent2b925045877aeb44d9823a8c9515e8ab8fca1e52 (diff)
downloadpoky-10837473b27aa1708866eb2b1b5701daa984e94e.tar.gz
libxml2: Backport fix for CVE introduced entity issues
The CVE fix introduced problems with entity issues, we observed this when building the Yocto Docs in particular. Backport the fix from upstream so we can build our docs correctly. [YOCTO #7134] (From OE-Core rev: af501bd51f9a86edd34e0405bc32dabe21312229) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch30
-rw-r--r--meta/recipes-core/libxml/libxml2_2.9.2.bb3
2 files changed, 32 insertions, 1 deletions
diff --git a/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch b/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch
new file mode 100644
index 0000000000..10a8112b58
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch
@@ -0,0 +1,30 @@
1From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001
2From: Daniel Veillard <veillard@redhat.com>
3Date: Thu, 23 Oct 2014 11:35:36 +0800
4Subject: Fix missing entities after CVE-2014-3660 fix
5
6For https://bugzilla.gnome.org/show_bug.cgi?id=738805
7
8The fix for CVE-2014-3660 introduced a regression in some case
9where entity substitution is required and the entity is used
10first in anotther entity referenced from an attribute value
11
12Upstream-Status: Backport
13
14diff --git a/parser.c b/parser.c
15index 67c9dfd..a8d1b67 100644
16--- a/parser.c
17+++ b/parser.c
18@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
19 * far more secure as the parser will only process data coming from
20 * the document entity by default.
21 */
22- if ((ent->checked == 0) &&
23+ if (((ent->checked == 0) ||
24+ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) &&
25 ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) ||
26 (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) {
27 unsigned long oldnbent = ctxt->nbentities;
28--
29cgit v0.10.1
30
diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb b/meta/recipes-core/libxml/libxml2_2.9.2.bb
index f0cfa59309..1affff12ae 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.2.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb
@@ -1,6 +1,7 @@
1require libxml2.inc 1require libxml2.inc
2 2
3SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar" 3SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
4 file://72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch"
4 5
5SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" 6SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788"
6SRC_URI[libtar.sha256sum] = "5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc" 7SRC_URI[libtar.sha256sum] = "5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc"