mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-08 17:19:20 +00:00
Code Issues Projects Releases Wiki Activity

libxml2: Fix CVE-2017-9047 and CVE-2017-9048

Browse Source 
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.

Fixes bug 781333 and bug 781701

CVE: CVE-2017-9047 CVE-2017-9048
(From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Andrej Valek
2017-06-14 14:55:03 +02:00
committed by Richard Purdie
parent 6765fcec15
commit 1a4f1ccdcc
2 changed files with 104 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-9047_CVE-2017-9048.patch
+103
View File
File diff suppressed because one or more lines are too long
meta/recipes-core/libxml/libxml2_2.9.4.bb
+1
View File
@@ -24,6 +24,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
file://libxml2-CVE-2016-4658.patch \
file://libxml2-fix_NULL_pointer_derefs.patch \
file://libxml2-fix_and_simplify_xmlParseStartTag2.patch \
file://libxml2-CVE-2017-9047_CVE-2017-9048.patch \
file://CVE-2016-9318.patch \
file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \
"