summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/expat/expat-2.1.0
Commit message (Collapse)AuthorAgeFilesLines
* expat: CVE-2012-6702, CVE-2016-5300Sona Sarmadi2017-02-101-0/+123
| | | | | | | | | | | | | | | | References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702 http://www.openwall.com/lists/oss-security/2016/06/04/5 Reference to upstream fix: https://bugzilla.redhat.com/attachment.cgi?id=1165210 Squashed backport against vanilla Expat 2.1.1, addressing: * CVE-2012-6702 -- unanticipated internal calls to srand * CVE-2016-5300 -- use of too little entropy Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* expat: CVE-2015-1283Zhixiong Chi2016-01-071-0/+62
| | | | | | | | | | | | | | | | | Add CVE-2015-1283 patch for fixing integer overflow bug in expat. Details are at below link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 Patch comes from: https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c https://codereview.chromium.org/1224303003 (From OE-Core rev: c89c5383e304a52b604a3672ac93fd88b5eb8b41) Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* expat: update to upstream version 2.1.0Marko Lindqvist2012-05-161-0/+24
(From OE-Core rev: 445f2721f92bae4a9ae86e13f14775e924dc7f84) Signed-off-by: Marko Lindqvist <cazfi74@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-24 08:06:34 +0000