1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch
new file mode 100644
index 0000000000..e4d09c2ac7
--- /dev/null
+++ b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch
@@ -0,0 +1,33 @@
+From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Thu, 29 Oct 2015 19:33:23 +0800
+Subject: Fix for type confusion in preprocessing attributes
+CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
+We need to check that the parent node is an element before dereferencing
+its namespace
+Upstream-Status: Backport
+https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ libxslt/preproc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+Index: libxslt-1.1.28/libxslt/preproc.c
+===================================================================
+--- libxslt-1.1.28.orig/libxslt/preproc.c
+++ libxslt-1.1.28/libxslt/preproc.c
+@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr st
+        } else if (IS_XSLT_NAME(inst, "attribute")) {
+            xmlNodePtr parent = inst->parent;
+ 
+-           if ((parent == NULL) || (parent->ns == NULL) ||
+           if ((parent == NULL) ||
+               (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
+                ((parent->ns != inst->ns) &&
+                 (!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
+                (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {

diff --git a/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch new file mode 100644 index 0000000000..e4d09c2ac7 --- /dev/null +++ b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch
@@ -0,0 +1,33 @@
	1	From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
	2	From: Daniel Veillard <veillard@redhat.com>
	3	Date: Thu, 29 Oct 2015 19:33:23 +0800
	4	Subject: Fix for type confusion in preprocessing attributes
	5
	6	CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
	7	We need to check that the parent node is an element before dereferencing
	8	its namespace
	9
	10	Upstream-Status: Backport
	11
	12	https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
	13
	14	Signed-off-by: Armin Kuster <akuster@mvista.com>
	15
	16	---
	17	libxslt/preproc.c \| 3 ++-
	18	1 file changed, 2 insertions(+), 1 deletion(-)
	19
	20	Index: libxslt-1.1.28/libxslt/preproc.c
	21	===================================================================
	22	--- libxslt-1.1.28.orig/libxslt/preproc.c
	23	+++ libxslt-1.1.28/libxslt/preproc.c
	24	@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr st
	25	} else if (IS_XSLT_NAME(inst, "attribute")) {
	26	xmlNodePtr parent = inst->parent;
	27
	28	- if ((parent == NULL) \|\| (parent->ns == NULL) \|\|
	29	+ if ((parent == NULL) \|\|
	30	+ (parent->type != XML_ELEMENT_NODE) \|\| (parent->ns == NULL) \|\|
	31	((parent->ns != inst->ns) &&
	32	(!xmlStrEqual(parent->ns->href, inst->ns->href))) \|\|
	33	(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {