summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch37
-rw-r--r--meta/recipes-core/libxml/libxml2_2.9.4.bb1
2 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch
new file mode 100644
index 0000000000..26779aa572
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch
@@ -0,0 +1,37 @@
1From d2f873a541c72b0f67e15562819bf98b884b30b7 Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Wed, 23 Aug 2017 16:04:49 +0800
4Subject: [PATCH] fix CVE-2017-8872
5
6this makes xmlHaltParser "empty" the buffer, as it resets cur and ava
7il too here.
8
9this seems to cure this specific issue, and also passes the testsuite
10
11Signed-off-by: Marcus Meissner <meissner@suse.de>
12
13https://bugzilla.gnome.org/show_bug.cgi?id=775200
14Upstream-Status: Backport [https://bugzilla.gnome.org/attachment.cgi?id=355527&action=diff]
15Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
16---
17 parser.c | 4 ++++
18 1 file changed, 4 insertions(+)
19
20diff --git a/parser.c b/parser.c
21index 9506ead..6c07ffd 100644
22--- a/parser.c
23+++ b/parser.c
24@@ -12664,6 +12664,10 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) {
25 }
26 ctxt->input->cur = BAD_CAST"";
27 ctxt->input->base = ctxt->input->cur;
28+ if (ctxt->input->buf) {
29+ xmlBufEmpty (ctxt->input->buf->buffer);
30+ } else
31+ ctxt->input->length = 0;
32 }
33 }
34
35--
362.7.4
37
diff --git a/meta/recipes-core/libxml/libxml2_2.9.4.bb b/meta/recipes-core/libxml/libxml2_2.9.4.bb
index f67c47d29c..107539b50d 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.4.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.4.bb
@@ -28,6 +28,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
28 file://libxml2-CVE-2017-9049_CVE-2017-9050.patch \ 28 file://libxml2-CVE-2017-9049_CVE-2017-9050.patch \
29 file://libxml2-CVE-2017-5969.patch \ 29 file://libxml2-CVE-2017-5969.patch \
30 file://libxml2-CVE-2017-0663.patch \ 30 file://libxml2-CVE-2017-0663.patch \
31 file://libxml2-CVE-2017-8872.patch \
31 file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ 32 file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \
32 " 33 "
33 34