diff options
| -rw-r--r-- | meta/recipes-core/libxml/libxml2_2.12.10.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2_2.12.10.bb b/meta/recipes-core/libxml/libxml2_2.12.10.bb index 078988286a..a155c3708e 100644 --- a/meta/recipes-core/libxml/libxml2_2.12.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.12.10.bb | |||
| @@ -32,6 +32,10 @@ SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be47223 | |||
| 32 | # Disputed as a security issue, but fixed in d39f780 | 32 | # Disputed as a security issue, but fixed in d39f780 |
| 33 | CVE_STATUS[CVE-2023-45322] = "disputed: issue requires memory allocation to fail" | 33 | CVE_STATUS[CVE-2023-45322] = "disputed: issue requires memory allocation to fail" |
| 34 | 34 | ||
| 35 | # Disputed as a security issue, if attempts to process an invalid file, it fails | ||
| 36 | # https://gitlab.gnome.org/GNOME/libxml2/-/issues/958 | ||
| 37 | CVE_STATUS[CVE-2025-8732] = "disputed: the code maintainer explains, that the issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. The issue triggers a crash if an invalid file is provided. https://gitlab.gnome.org/GNOME/libxml2/-/issues/958" | ||
| 38 | |||
| 35 | BINCONFIG = "${bindir}/xml2-config" | 39 | BINCONFIG = "${bindir}/xml2-config" |
| 36 | 40 | ||
| 37 | PACKAGECONFIG ??= "python \ | 41 | PACKAGECONFIG ??= "python \ |