3 files changed, 263 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch
new file mode 100644
index 0000000000..3d4d3a0237
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch
@@ -0,0 +1,216 @@
+From 0f9817c75b50a77c6aeb8f36801966fdadad229a Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 10 Jun 2020 16:34:52 +0200
+Subject: [PATCH 1/2] Don't recurse into xi:include children in
+ xmlXIncludeDoProcess
+Otherwise, nested xi:include nodes might result in a use-after-free
+if XML_PARSE_NOXINCNODE is specified.
+Found with libFuzzer and ASan.
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/0f9817c75b50a77c6aeb8f36801966fdadad229a]
+CVE: CVE-2021-3518
+This patch brings in the necessary files to allow the 2nd patch that fixes the CVE to be applied.
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ result/XInclude/fallback3.xml     |  8 ++++++++
+ result/XInclude/fallback3.xml.err |  0
+ result/XInclude/fallback3.xml.rdr | 25 +++++++++++++++++++++++++
+ result/XInclude/fallback4.xml     | 10 ++++++++++
+ result/XInclude/fallback4.xml.err |  0
+ result/XInclude/fallback4.xml.rdr | 29 +++++++++++++++++++++++++++++
+ test/XInclude/docs/fallback3.xml  |  9 +++++++++
+ test/XInclude/docs/fallback4.xml  |  7 +++++++
+ xinclude.c                        | 24 ++++++++++--------------
+ 9 files changed, 98 insertions(+), 14 deletions(-)
+ create mode 100644 result/XInclude/fallback3.xml
+ create mode 100644 result/XInclude/fallback3.xml.err
+ create mode 100644 result/XInclude/fallback3.xml.rdr
+ create mode 100644 result/XInclude/fallback4.xml
+ create mode 100644 result/XInclude/fallback4.xml.err
+ create mode 100644 result/XInclude/fallback4.xml.rdr
+ create mode 100644 test/XInclude/docs/fallback3.xml
+ create mode 100644 test/XInclude/docs/fallback4.xml
+diff --git a/result/XInclude/fallback3.xml b/result/XInclude/fallback3.xml
+new file mode 100644
+index 0000000..b423551
+--- /dev/null
+++ b/result/XInclude/fallback3.xml
+@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<a>
+    <doc xml:base="../ents/something.xml">
+<p>something</p>
+<p>really</p>
+<p>simple</p>
+</doc>
+</a>
+diff --git a/result/XInclude/fallback3.xml.err b/result/XInclude/fallback3.xml.err
+new file mode 100644
+index 0000000..e69de29
+diff --git a/result/XInclude/fallback3.xml.rdr b/result/XInclude/fallback3.xml.rdr
+new file mode 100644
+index 0000000..aa2f137
+--- /dev/null
+++ b/result/XInclude/fallback3.xml.rdr
+@@ -0,0 +1,25 @@
+0 1 a 0 0
+1 14 #text 0 1 
+    
+1 1 doc 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 something
+2 15 p 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 really
+2 15 p 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 simple
+2 15 p 0 0
+2 14 #text 0 1 
+
+1 15 doc 0 0
+1 14 #text 0 1 
+
+0 15 a 0 0
+diff --git a/result/XInclude/fallback4.xml b/result/XInclude/fallback4.xml
+new file mode 100644
+index 0000000..9883fd5
+--- /dev/null
+++ b/result/XInclude/fallback4.xml
+@@ -0,0 +1,10 @@
+<?xml version="1.0"?>
+<a>
+    
+            <doc xml:base="../ents/something.xml">
+<p>something</p>
+<p>really</p>
+<p>simple</p>
+</doc>
+        
+</a>
+diff --git a/result/XInclude/fallback4.xml.err b/result/XInclude/fallback4.xml.err
+new file mode 100644
+index 0000000..e69de29
+diff --git a/result/XInclude/fallback4.xml.rdr b/result/XInclude/fallback4.xml.rdr
+new file mode 100644
+index 0000000..628b951
+--- /dev/null
+++ b/result/XInclude/fallback4.xml.rdr
+@@ -0,0 +1,29 @@
+0 1 a 0 0
+1 14 #text 0 1 
+    
+1 14 #text 0 1 
+            
+1 1 doc 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 something
+2 15 p 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 really
+2 15 p 0 0
+2 14 #text 0 1 
+
+2 1 p 0 0
+3 3 #text 0 1 simple
+2 15 p 0 0
+2 14 #text 0 1 
+
+1 15 doc 0 0
+1 14 #text 0 1 
+        
+1 14 #text 0 1 
+
+0 15 a 0 0
+diff --git a/test/XInclude/docs/fallback3.xml b/test/XInclude/docs/fallback3.xml
+new file mode 100644
+index 0000000..0c8b6c9
+--- /dev/null
+++ b/test/XInclude/docs/fallback3.xml
+@@ -0,0 +1,9 @@
+<a>
+    <xi:include href="../ents/something.xml" xmlns:xi="http://www.w3.org/2001/XInclude">
+        <xi:fallback>
+            <xi:include href="c.xml">
+                <xi:fallback>There is no c.xml ... </xi:fallback>
+            </xi:include>
+        </xi:fallback>
+    </xi:include>
+</a>
+diff --git a/test/XInclude/docs/fallback4.xml b/test/XInclude/docs/fallback4.xml
+new file mode 100644
+index 0000000..b500a63
+--- /dev/null
+++ b/test/XInclude/docs/fallback4.xml
+@@ -0,0 +1,7 @@
+<a>
+    <xi:include href="c.xml" xmlns:xi="http://www.w3.org/2001/XInclude">
+        <xi:fallback>
+            <xi:include href="../ents/something.xml"/>
+        </xi:fallback>
+    </xi:include>
+</a>
+diff --git a/xinclude.c b/xinclude.c
+index 001e992..6ec5d31 100644
+--- a/xinclude.c
+++ b/xinclude.c
+@@ -2382,21 +2382,19 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
+      * First phase: lookup the elements in the document
+      */
+     cur = tree;
+-    if (xmlXIncludeTestNode(ctxt, cur) == 1)
+-       xmlXIncludePreProcessNode(ctxt, cur);
+     while ((cur != NULL) && (cur != tree->parent)) {
+        /* TODO: need to work on entities -> stack */
+-       if ((cur->children != NULL) &&
+-           (cur->children->type != XML_ENTITY_DECL) &&
+-           (cur->children->type != XML_XINCLUDE_START) &&
+-           (cur->children->type != XML_XINCLUDE_END)) {
+-           cur = cur->children;
+-           if (xmlXIncludeTestNode(ctxt, cur))
+-               xmlXIncludePreProcessNode(ctxt, cur);
+-       } else if (cur->next != NULL) {
+        if (xmlXIncludeTestNode(ctxt, cur) == 1) {
+            xmlXIncludePreProcessNode(ctxt, cur);
+        } else if ((cur->children != NULL) &&
+                   (cur->children->type != XML_ENTITY_DECL) &&
+                   (cur->children->type != XML_XINCLUDE_START) &&
+                   (cur->children->type != XML_XINCLUDE_END)) {
+            cur = cur->children;
+            continue;
+        }
+       if (cur->next != NULL) {
+            cur = cur->next;
+-           if (xmlXIncludeTestNode(ctxt, cur))
+-               xmlXIncludePreProcessNode(ctxt, cur);
+        } else {
+            if (cur == tree)
+                break;
+@@ -2406,8 +2404,6 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
+                    break; /* do */
+                if (cur->next != NULL) {
+                    cur = cur->next;
+-                   if (xmlXIncludeTestNode(ctxt, cur))
+-                       xmlXIncludePreProcessNode(ctxt, cur);
+                    break; /* do */
+                }
+            } while (cur != NULL);
+-- 
+2.23.0
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch
new file mode 100644
index 0000000000..de5fc0e8cb
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch
@@ -0,0 +1,45 @@
+From 1098c30a040e72a4654968547f415be4e4c40fe7 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 22 Apr 2021 19:26:28 +0200
+Subject: [PATCH 2/2] Fix user-after-free with `xmllint --xinclude --dropdtd`
+The --dropdtd option can leave dangling pointers in entity reference
+nodes. Make sure to skip these nodes when processing XIncludes.
+This also avoids scanning entity declarations and even modifying
+them inadvertently during XInclude processing.
+Move from a block list to an allow list approach to avoid descending
+into other node types that can't contain elements.
+Fixes #237.
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7]
+CVE: CVE-2021-3518
+[OP: adjusted context]
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ xinclude.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+diff --git a/xinclude.c b/xinclude.c
+index 6ec5d31..b8eebcc 100644
+--- a/xinclude.c
+++ b/xinclude.c
+@@ -2387,9 +2387,8 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
+         if (xmlXIncludeTestNode(ctxt, cur) == 1) {
+             xmlXIncludePreProcessNode(ctxt, cur);
+         } else if ((cur->children != NULL) &&
+-                   (cur->children->type != XML_ENTITY_DECL) &&
+-                   (cur->children->type != XML_XINCLUDE_START) &&
+-                   (cur->children->type != XML_XINCLUDE_END)) {
+                   ((cur->type == XML_DOCUMENT_NODE) ||
+                    (cur->type == XML_ELEMENT_NODE))) {
+             cur = cur->children;
+             continue;
+         }
+-- 
+2.23.0
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb
index b850164285..a9bff74b55 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.10.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -26,6 +26,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
           file://fix-python39.patch \
           file://CVE-2021-3517.patch \
           file://CVE-2021-3516.patch \
+           file://CVE-2021-3518-0001.patch \
+           file://CVE-2021-3518-0002.patch \
           file://CVE-2021-3537.patch \
           "

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch new file mode 100644 index 0000000000..3d4d3a0237 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch
@@ -0,0 +1,216 @@
		1	From 0f9817c75b50a77c6aeb8f36801966fdadad229a Mon Sep 17 00:00:00 2001
		2	From: Nick Wellnhofer <wellnhofer@aevum.de>
		3	Date: Wed, 10 Jun 2020 16:34:52 +0200
		4	Subject: [PATCH 1/2] Don't recurse into xi:include children in
		5	xmlXIncludeDoProcess
		6
		7	Otherwise, nested xi:include nodes might result in a use-after-free
		8	if XML_PARSE_NOXINCNODE is specified.
		9
		10	Found with libFuzzer and ASan.
		11
		12	Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/0f9817c75b50a77c6aeb8f36801966fdadad229a]
		13	CVE: CVE-2021-3518
		14
		15	This patch brings in the necessary files to allow the 2nd patch that fixes the CVE to be applied.
		16
		17	Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
		18	Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
		19	---
		20	result/XInclude/fallback3.xml \| 8 ++++++++
		21	result/XInclude/fallback3.xml.err \| 0
		22	result/XInclude/fallback3.xml.rdr \| 25 +++++++++++++++++++++++++
		23	result/XInclude/fallback4.xml \| 10 ++++++++++
		24	result/XInclude/fallback4.xml.err \| 0
		25	result/XInclude/fallback4.xml.rdr \| 29 +++++++++++++++++++++++++++++
		26	test/XInclude/docs/fallback3.xml \| 9 +++++++++
		27	test/XInclude/docs/fallback4.xml \| 7 +++++++
		28	xinclude.c \| 24 ++++++++++--------------
		29	9 files changed, 98 insertions(+), 14 deletions(-)
		30	create mode 100644 result/XInclude/fallback3.xml
		31	create mode 100644 result/XInclude/fallback3.xml.err
		32	create mode 100644 result/XInclude/fallback3.xml.rdr
		33	create mode 100644 result/XInclude/fallback4.xml
		34	create mode 100644 result/XInclude/fallback4.xml.err
		35	create mode 100644 result/XInclude/fallback4.xml.rdr
		36	create mode 100644 test/XInclude/docs/fallback3.xml
		37	create mode 100644 test/XInclude/docs/fallback4.xml
		38
		39	diff --git a/result/XInclude/fallback3.xml b/result/XInclude/fallback3.xml
		40	new file mode 100644
		41	index 0000000..b423551
		42	--- /dev/null
		43	+++ b/result/XInclude/fallback3.xml
		44	@@ -0,0 +1,8 @@
		45	+<?xml version="1.0"?>
		46	+<a>
		47	+ <doc xml:base="../ents/something.xml">
		48	+<p>something</p>
		49	+<p>really</p>
		50	+<p>simple</p>
		51	+</doc>
		52	+</a>
		53	diff --git a/result/XInclude/fallback3.xml.err b/result/XInclude/fallback3.xml.err
		54	new file mode 100644
		55	index 0000000..e69de29
		56	diff --git a/result/XInclude/fallback3.xml.rdr b/result/XInclude/fallback3.xml.rdr
		57	new file mode 100644
		58	index 0000000..aa2f137
		59	--- /dev/null
		60	+++ b/result/XInclude/fallback3.xml.rdr
		61	@@ -0,0 +1,25 @@
		62	+0 1 a 0 0
		63	+1 14 #text 0 1
		64	+
		65	+1 1 doc 0 0
		66	+2 14 #text 0 1
		67	+
		68	+2 1 p 0 0
		69	+3 3 #text 0 1 something
		70	+2 15 p 0 0
		71	+2 14 #text 0 1
		72	+
		73	+2 1 p 0 0
		74	+3 3 #text 0 1 really
		75	+2 15 p 0 0
		76	+2 14 #text 0 1
		77	+
		78	+2 1 p 0 0
		79	+3 3 #text 0 1 simple
		80	+2 15 p 0 0
		81	+2 14 #text 0 1
		82	+
		83	+1 15 doc 0 0
		84	+1 14 #text 0 1
		85	+
		86	+0 15 a 0 0
		87	diff --git a/result/XInclude/fallback4.xml b/result/XInclude/fallback4.xml
		88	new file mode 100644
		89	index 0000000..9883fd5
		90	--- /dev/null
		91	+++ b/result/XInclude/fallback4.xml
		92	@@ -0,0 +1,10 @@
		93	+<?xml version="1.0"?>
		94	+<a>
		95	+
		96	+ <doc xml:base="../ents/something.xml">
		97	+<p>something</p>
		98	+<p>really</p>
		99	+<p>simple</p>
		100	+</doc>
		101	+
		102	+</a>
		103	diff --git a/result/XInclude/fallback4.xml.err b/result/XInclude/fallback4.xml.err
		104	new file mode 100644
		105	index 0000000..e69de29
		106	diff --git a/result/XInclude/fallback4.xml.rdr b/result/XInclude/fallback4.xml.rdr
		107	new file mode 100644
		108	index 0000000..628b951
		109	--- /dev/null
		110	+++ b/result/XInclude/fallback4.xml.rdr
		111	@@ -0,0 +1,29 @@
		112	+0 1 a 0 0
		113	+1 14 #text 0 1
		114	+
		115	+1 14 #text 0 1
		116	+
		117	+1 1 doc 0 0
		118	+2 14 #text 0 1
		119	+
		120	+2 1 p 0 0
		121	+3 3 #text 0 1 something
		122	+2 15 p 0 0
		123	+2 14 #text 0 1
		124	+
		125	+2 1 p 0 0
		126	+3 3 #text 0 1 really
		127	+2 15 p 0 0
		128	+2 14 #text 0 1
		129	+
		130	+2 1 p 0 0
		131	+3 3 #text 0 1 simple
		132	+2 15 p 0 0
		133	+2 14 #text 0 1
		134	+
		135	+1 15 doc 0 0
		136	+1 14 #text 0 1
		137	+
		138	+1 14 #text 0 1
		139	+
		140	+0 15 a 0 0
		141	diff --git a/test/XInclude/docs/fallback3.xml b/test/XInclude/docs/fallback3.xml
		142	new file mode 100644
		143	index 0000000..0c8b6c9
		144	--- /dev/null
		145	+++ b/test/XInclude/docs/fallback3.xml
		146	@@ -0,0 +1,9 @@
		147	+<a>
		148	+ <xi:include href="../ents/something.xml" xmlns:xi="http://www.w3.org/2001/XInclude">
		149	+ <xi:fallback>
		150	+ <xi:include href="c.xml">
		151	+ <xi:fallback>There is no c.xml ... </xi:fallback>
		152	+ </xi:include>
		153	+ </xi:fallback>
		154	+ </xi:include>
		155	+</a>
		156	diff --git a/test/XInclude/docs/fallback4.xml b/test/XInclude/docs/fallback4.xml
		157	new file mode 100644
		158	index 0000000..b500a63
		159	--- /dev/null
		160	+++ b/test/XInclude/docs/fallback4.xml
		161	@@ -0,0 +1,7 @@
		162	+<a>
		163	+ <xi:include href="c.xml" xmlns:xi="http://www.w3.org/2001/XInclude">
		164	+ <xi:fallback>
		165	+ <xi:include href="../ents/something.xml"/>
		166	+ </xi:fallback>
		167	+ </xi:include>
		168	+</a>
		169	diff --git a/xinclude.c b/xinclude.c
		170	index 001e992..6ec5d31 100644
		171	--- a/xinclude.c
		172	+++ b/xinclude.c
		173	@@ -2382,21 +2382,19 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
		174	* First phase: lookup the elements in the document
		175	*/
		176	cur = tree;
		177	- if (xmlXIncludeTestNode(ctxt, cur) == 1)
		178	- xmlXIncludePreProcessNode(ctxt, cur);
		179	while ((cur != NULL) && (cur != tree->parent)) {
		180	/* TODO: need to work on entities -> stack */
		181	- if ((cur->children != NULL) &&
		182	- (cur->children->type != XML_ENTITY_DECL) &&
		183	- (cur->children->type != XML_XINCLUDE_START) &&
		184	- (cur->children->type != XML_XINCLUDE_END)) {
		185	- cur = cur->children;
		186	- if (xmlXIncludeTestNode(ctxt, cur))
		187	- xmlXIncludePreProcessNode(ctxt, cur);
		188	- } else if (cur->next != NULL) {
		189	+ if (xmlXIncludeTestNode(ctxt, cur) == 1) {
		190	+ xmlXIncludePreProcessNode(ctxt, cur);
		191	+ } else if ((cur->children != NULL) &&
		192	+ (cur->children->type != XML_ENTITY_DECL) &&
		193	+ (cur->children->type != XML_XINCLUDE_START) &&
		194	+ (cur->children->type != XML_XINCLUDE_END)) {
		195	+ cur = cur->children;
		196	+ continue;
		197	+ }
		198	+ if (cur->next != NULL) {
		199	cur = cur->next;
		200	- if (xmlXIncludeTestNode(ctxt, cur))
		201	- xmlXIncludePreProcessNode(ctxt, cur);
		202	} else {
		203	if (cur == tree)
		204	break;
		205	@@ -2406,8 +2404,6 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
		206	break; /* do */
		207	if (cur->next != NULL) {
		208	cur = cur->next;
		209	- if (xmlXIncludeTestNode(ctxt, cur))
		210	- xmlXIncludePreProcessNode(ctxt, cur);
		211	break; /* do */
		212	}
		213	} while (cur != NULL);
		214	--
		215	2.23.0
		216


diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch new file mode 100644 index 0000000000..de5fc0e8cb --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch
@@ -0,0 +1,45 @@
		1	From 1098c30a040e72a4654968547f415be4e4c40fe7 Mon Sep 17 00:00:00 2001
		2	From: Nick Wellnhofer <wellnhofer@aevum.de>
		3	Date: Thu, 22 Apr 2021 19:26:28 +0200
		4	Subject: [PATCH 2/2] Fix user-after-free with `xmllint --xinclude --dropdtd`
		5
		6	The --dropdtd option can leave dangling pointers in entity reference
		7	nodes. Make sure to skip these nodes when processing XIncludes.
		8
		9	This also avoids scanning entity declarations and even modifying
		10	them inadvertently during XInclude processing.
		11
		12	Move from a block list to an allow list approach to avoid descending
		13	into other node types that can't contain elements.
		14
		15	Fixes #237.
		16
		17	Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7]
		18	CVE: CVE-2021-3518
		19
		20	[OP: adjusted context]
		21	Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
		22	Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
		23	---
		24	xinclude.c \| 5 ++---
		25	1 file changed, 2 insertions(+), 3 deletions(-)
		26
		27	diff --git a/xinclude.c b/xinclude.c
		28	index 6ec5d31..b8eebcc 100644
		29	--- a/xinclude.c
		30	+++ b/xinclude.c
		31	@@ -2387,9 +2387,8 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
		32	if (xmlXIncludeTestNode(ctxt, cur) == 1) {
		33	xmlXIncludePreProcessNode(ctxt, cur);
		34	} else if ((cur->children != NULL) &&
		35	- (cur->children->type != XML_ENTITY_DECL) &&
		36	- (cur->children->type != XML_XINCLUDE_START) &&
		37	- (cur->children->type != XML_XINCLUDE_END)) {
		38	+ ((cur->type == XML_DOCUMENT_NODE) \|\|
		39	+ (cur->type == XML_ELEMENT_NODE))) {
		40	cur = cur->children;
		41	continue;
		42	}
		43	--
		44	2.23.0
		45


diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index b850164285..a9bff74b55 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -26,6 +26,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
26	file://fix-python39.patch \	26	file://fix-python39.patch \
27	file://CVE-2021-3517.patch \	27	file://CVE-2021-3517.patch \
28	file://CVE-2021-3516.patch \	28	file://CVE-2021-3516.patch \
		29	file://CVE-2021-3518-0001.patch \
		30	file://CVE-2021-3518-0002.patch \
29	file://CVE-2021-3537.patch \	31	file://CVE-2021-3537.patch \
30	"	32	"
31		33