expat: fix CVE-2021-46143 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Steve Sakoman <steve@sakoman.com>	2022-01-19 04:59:07 -1000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-01-25 12:06:55 +0000
commit	8c58e222ea496d73cba1dd1e12600f980b6007af (patch)
tree	d356e4b7053994162e4b67b4b59b19d2bdaa8aa0 /scripts/lib/scriptutils.py
parent	b618e57f798148c3d032129cf1e60fd209730dfd (diff)
download	poky-8c58e222ea496d73cba1dd1e12600f980b6007af.tar.gz

expat: fix CVE-2021-46143

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. Backport patch from: https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b CVE: CVE-2021-46143 (From OE-Core rev: 41a65d27e4ecdc11977e2944d8af2f51c48f32ec) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: