expat: fix CVE-2021-46143 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Steve Sakoman <steve@sakoman.com>	2022-01-19 04:59:07 -1000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-01-31 21:56:01 +0000
commit	ae9b6db2a14d5a174add8023ac836ed3ae737625 (patch)
tree	1b70923fc5572c4539554e1da3afb79310106f5f /scripts/lib/scriptutils.py
parent	b769089b44b19dbc73c304c88b2ed67a4e03d844 (diff)
download	poky-ae9b6db2a14d5a174add8023ac836ed3ae737625.tar.gz

expat: fix CVE-2021-46143

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. Backport patch from: https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b CVE: CVE-2021-46143 (From OE-Core rev: babe185972eb71058762ca20c349ba2651d0f73d) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 41a65d27e4ecdc11977e2944d8af2f51c48f32ec) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: