From b83baaf23d1e7b2e24dddc8b5efec0d0e4c9780e Mon Sep 17 00:00:00 2001
From: Lee Chee Yang <chee.yang.lee@intel.com>
Date: Fri, 21 Feb 2020 23:57:23 +0200
Subject: libxml2: Fix CVE-2019-20388

see:
https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68

(From OE-Core rev: 6c4477563bc418ec215671d6960e6e8d6bdd074b)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-core/libxml/libxml2_2.9.8.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-core/libxml/libxml2_2.9.8.bb')

diff --git a/meta/recipes-core/libxml/libxml2_2.9.8.bb b/meta/recipes-core/libxml/libxml2_2.9.8.bb
index 618f307214..ab47a50c56 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.8.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.8.bb
@@ -25,6 +25,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
            file://0001-Fix-infinite-loop-in-LZMA-decompression.patch \
            file://fix-CVE-2019-19956.patch \
            file://CVE-2020-7595.patch \
+           file://CVE-2019-20388.patch \
            "
 
 SRC_URI[libtar.md5sum] = "b786e353e2aa1b872d70d5d1ca0c740d"
-- 
cgit v1.2.3-54-g00ecf