libxml2: ignore CVE-2025-8732 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Daniel Turull <daniel.turull@ericsson.com>	2025-08-19 12:47:24 +0200
committer	Steve Sakoman <steve@sakoman.com>	2025-08-22 05:59:55 -0700
commit	3318b5eb4d479c1fbb8e6c1568c92362fe35521d (patch)
tree	01a3f1ba958ee45f5267c0f905783bfcf348f6ae /scripts/lib/scriptutils.py
parent	9c4fe6dac5c88a3ad488a4c131649bcb3ae170dd (diff)
download	poky-3318b5eb4d479c1fbb8e6c1568c92362fe35521d.tar.gz

libxml2: ignore CVE-2025-8732

The code maintainer disputes the CVE as the issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. The issue triggers a crash if an invalid file is provided. Source: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958" (From OE-Core rev: 348ce728af1cea4f909de5c3597801b5612719e4) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: