mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-31 00:39:46 +00:00
Code Issues Projects Releases Wiki Activity

libxml2: remove patch for CVE-2012-2871

Browse Source 
This CVE patch is actually against Chromium as they ship an internal fork of
libxml2 and breaks ABI.  The real issue has been resolved in libxslt 1.1.27, and
we're shipping 1.1.28.

(From OE-Core rev: e6c60252ab4ba6842f63c6b8a519a85f2ff238fb)

(From OE-Core rev: 82b91d2484a4430a9b6689d0b6b07e6f62392266)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2013-09-17 10:22:17 +01:00
committed by Richard Purdie
parent 1633edffc7
commit a36c28943d
2 changed files with 0 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-core/libxml/libxml2/libxml2-CVE-2012-2871.patch
-34
View File
@@ -1,34 +0,0 @@
libxml2 CVE-2012-2871
the patch come from:
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \
/include/libxml/tree.h?r1=56276&r2=149930
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
does not properly support a cast of an unspecified variable during handling
of XSL transforms, which allows remote attackers to cause a denial of service
or possibly have unknown other impact via a crafted document, related to the
_xmlNs data structure in include/libxml/tree.h.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871
Signed-off-by: Li Wang <li.wang@windriver.com>
---
include/libxml/tree.h | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/include/libxml/tree.h b/include/libxml/tree.h
index b733589..5422dda 100644
--- a/include/libxml/tree.h
+++ b/include/libxml/tree.h
@@ -351,6 +351,7 @@ struct _xmlNs {
struct _xmlNs *next; /* next Ns link for this node */
xmlNsType type; /* global or local */
const xmlChar *href; /* URL for the namespace */
+ const char *dummy_children; /* lines up with node->children */
const xmlChar *prefix; /* prefix for the namespace */
void *_private; /* application data */
struct _xmlDoc *context; /* normally an xmlDoc */
--
1.7.0.5
meta/recipes-core/libxml/libxml2_2.9.0.bb
-2
View File
@@ -5,5 +5,3 @@ PR = "${INC_PR}.1"
SRC_URI[md5sum] = "5b9bebf4f5d2200ae2c4efe8fa6103f7"
SRC_URI[sha256sum] = "ad25d91958b7212abdc12b9611cfb4dc4e5cddb6d1e9891532f48aacee422b82"
SRC_URI += "file://libxml2-CVE-2012-2871.patch \
"