Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | libxml2: Fix CVE-2017-9049 and CVE-2017-9050 | Andrej Valek | 2017-06-23 | 1 | -0/+291 |
Fix handling of parameter-entity references There were two bugs where parameter-entity references could lead to an unexpected change of the input buffer in xmlParseNameComplex and xmlDictLookup being called with an invalid pointer. Fixes bug 781205 and bug 781361 CVE: CVE-2017-9049 CVE-2017-9050 (From OE-Core rev: 2300762fef8fc8e3e56fb07fd4076c1deeba0a9b) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |