2 files changed, 1 insertions, 37 deletions
diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch
deleted file mode 100644
index 3c66a9ca5e..0000000000
--- a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-libxml2 CVE-2012-2871
-the patch come from:
-http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \
-/include/libxml/tree.h?r1=56276&r2=149930
-libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
-does not properly support a cast of an unspecified variable during handling
-of XSL transforms, which allows remote attackers to cause a denial of service
-or possibly have unknown other impact via a crafted document, related to the
-_xmlNs data structure in include/libxml/tree.h.
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871
-Signed-off-by: Li Wang <li.wang@windriver.com>
---
- include/libxml/tree.h |    1 +
- 1 files changed, 1 insertions(+), 0 deletions(-)
-diff --git a/include/libxml/tree.h b/include/libxml/tree.h
-index b733589..5422dda 100644
--- a/include/libxml/tree.h
-+++ b/include/libxml/tree.h
-@@ -351,6 +351,7 @@ struct _xmlNs {
-     struct _xmlNs  *next;      /* next Ns link for this node  */
-     xmlNsType      type;       /* global or local */
-     const xmlChar *href;       /* URL for the namespace */
-+    const char *dummy_children;        /* lines up with node->children */
-     const xmlChar *prefix;     /* prefix for the namespace */
-     void           *_private;   /* application data */
-     struct _xmlDoc *context;           /* normally an xmlDoc */
-- 
-1.7.0.5
diff --git a/meta/recipes-core/libxml/libxml2_2.9.1.bb b/meta/recipes-core/libxml/libxml2_2.9.1.bb
index fa9c65752d..0b6ac5d5c6 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.1.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.1.bb
@@ -1,8 +1,6 @@
 require libxml2.inc
-SRC_URI += "file://libxml2-CVE-2012-2871.patch \
+SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar"
-            http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
-           "
 SRC_URI[libtar.md5sum] = "9c0cfef285d5c4a5c80d00904ddab380"
 SRC_URI[libtar.sha256sum] = "fd3c64cb66f2c4ea27e934d275904d92cec494a8e8405613780cbc8a71680fdb"

diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch deleted file mode 100644 index 3c66a9ca5e..0000000000 --- a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch +++ /dev/null
@@ -1,34 +0,0 @@
1	libxml2 CVE-2012-2871
2
3	the patch come from:
4	http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \
5	/include/libxml/tree.h?r1=56276&r2=149930
6
7	libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
8	does not properly support a cast of an unspecified variable during handling
9	of XSL transforms, which allows remote attackers to cause a denial of service
10	or possibly have unknown other impact via a crafted document, related to the
11	_xmlNs data structure in include/libxml/tree.h.
12
13	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871
14
15	Signed-off-by: Li Wang <li.wang@windriver.com>
16	---
17	include/libxml/tree.h \| 1 +
18	1 files changed, 1 insertions(+), 0 deletions(-)
19
20	diff --git a/include/libxml/tree.h b/include/libxml/tree.h
21	index b733589..5422dda 100644
22	--- a/include/libxml/tree.h
23	+++ b/include/libxml/tree.h
24	@@ -351,6 +351,7 @@ struct _xmlNs {
25	struct _xmlNs next; / next Ns link for this node */
26	xmlNsType type; /* global or local */
27	const xmlChar href; / URL for the namespace */
28	+ const char dummy_children; / lines up with node->children */
29	const xmlChar prefix; / prefix for the namespace */
30	void _private; / application data */
31	struct _xmlDoc context; / normally an xmlDoc */
32	--
33	1.7.0.5
34


diff --git a/meta/recipes-core/libxml/libxml2_2.9.1.bb b/meta/recipes-core/libxml/libxml2_2.9.1.bb index fa9c65752d..0b6ac5d5c6 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.1.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.1.bb
@@ -1,8 +1,6 @@
1	require libxml2.inc	1	require libxml2.inc
2		2
3	SRC_URI += "file://libxml2-CVE-2012-2871.patch \	3	SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar"
4	http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
5	"
6		4
7	SRC_URI[libtar.md5sum] = "9c0cfef285d5c4a5c80d00904ddab380"	5	SRC_URI[libtar.md5sum] = "9c0cfef285d5c4a5c80d00904ddab380"
8	SRC_URI[libtar.sha256sum] = "fd3c64cb66f2c4ea27e934d275904d92cec494a8e8405613780cbc8a71680fdb"	6	SRC_URI[libtar.sha256sum] = "fd3c64cb66f2c4ea27e934d275904d92cec494a8e8405613780cbc8a71680fdb"