diff options
author | Andrej Valek <andrej.valek@siemens.com> | 2017-06-14 14:55:03 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-06-23 11:44:13 +0100 |
commit | 1a4f1ccdcc51b7d97ab66214675357b6c2c075f8 (patch) | |
tree | 19dfe06bfccaf794cc2adf58ef24d3bd9a2ee9b2 /meta/recipes-core/libxml/libxml2_2.9.4.bb | |
parent | 6765fcec154b1c81250c124fcb46414dcac9be12 (diff) | |
download | poky-1a4f1ccdcc51b7d97ab66214675357b6c2c075f8.tar.gz |
libxml2: Fix CVE-2017-9047 and CVE-2017-9048
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 and bug 781701
CVE: CVE-2017-9047 CVE-2017-9048
(From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/libxml/libxml2_2.9.4.bb')
-rw-r--r-- | meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2_2.9.4.bb b/meta/recipes-core/libxml/libxml2_2.9.4.bb index 0577ad6509..dd2e034e2a 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.4.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.4.bb | |||
@@ -24,6 +24,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \ | |||
24 | file://libxml2-CVE-2016-4658.patch \ | 24 | file://libxml2-CVE-2016-4658.patch \ |
25 | file://libxml2-fix_NULL_pointer_derefs.patch \ | 25 | file://libxml2-fix_NULL_pointer_derefs.patch \ |
26 | file://libxml2-fix_and_simplify_xmlParseStartTag2.patch \ | 26 | file://libxml2-fix_and_simplify_xmlParseStartTag2.patch \ |
27 | file://libxml2-CVE-2017-9047_CVE-2017-9048.patch \ | ||
27 | file://CVE-2016-9318.patch \ | 28 | file://CVE-2016-9318.patch \ |
28 | file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ | 29 | file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ |
29 | " | 30 | " |