libxml2: Fix CVE-2017-9049 and CVE-2017-9050 - linux/poky.git

diff options

author	Andrej Valek <andrej.valek@siemens.com>	2017-06-14 14:58:47 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-06-23 11:44:13 +0100
commit	371ba8c74332b6ab2d9062edadc93c688751e4ab (patch)
tree	a4cac38d29cf01a6c85890f05a7984e7a35a5f81 /meta/recipes-core/initscripts
parent	1a4f1ccdcc51b7d97ab66214675357b6c2c075f8 (diff)
download	poky-371ba8c74332b6ab2d9062edadc93c688751e4ab.tar.gz

libxml2: Fix CVE-2017-9049 and CVE-2017-9050

Fix handling of parameter-entity references There were two bugs where parameter-entity references could lead to an unexpected change of the input buffer in xmlParseNameComplex and xmlDictLookup being called with an invalid pointer. Fixes bug 781205 and bug 781361 CVE: CVE-2017-9049 CVE-2017-9050 (From OE-Core rev: 2300762fef8fc8e3e56fb07fd4076c1deeba0a9b) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-core/initscripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: