libxml2: fix CVE-2025-6021 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-07-14 15:49:57 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-07-21 09:17:59 -0700
commit	58aa4f3e1befbf1a1143501cacb24d1ad4d9c629 (patch)
tree	b93646a164e91118c6d8d9621c90e8c7b05f34d7 /scripts/patchtest
parent	76e0206da09bd9478c22db534b4b75f810b46fe0 (diff)
download	poky-58aa4f3e1befbf1a1143501cacb24d1ad4d9c629.tar.gz

libxml2: fix CVE-2025-6021

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-6021 Upstream-patch: https://gitlab.gnome.org/GNOME/libxml2/-/commit/17d950ae33c23f87692aa179bacedb6743f3188a (From OE-Core rev: 99a239d9146c5ecf158cd9db7823ec1aff45fd48) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/patchtest')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: