summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/newt
diff options
context:
space:
mode:
authorMaxin B. John <maxin.john@enea.com>2014-05-07 14:24:15 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-05-08 13:00:34 +0100
commite7e433413d241a1f266f3bd3bef155f1c1b8b3ed (patch)
tree181182ad93ce54c979bf5d940aa2110dad7d5c37 /meta/recipes-extended/newt
parente846e0fb09f7c3b9f298846c88df81c39b1576f9 (diff)
downloadpoky-e7e433413d241a1f266f3bd3bef155f1c1b8b3ed.tar.gz
libxml2: fix CVE-2014-0191
It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. Reference: https://access.redhat.com/security/cve/CVE-2014-0191 (From OE-Core rev: 674bd59d5e357a4aba18c472ac21712a660a84af) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/newt')
0 files changed, 0 insertions, 0 deletions