libxml2: Fix CVE-2017-9047 and CVE-2017-9048

Browse Source

xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.

Fixes bug 781333 and bug 781701

CVE: CVE-2017-9047 CVE-2017-9048
(From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a)

(From OE-Core rev: d549b8f3836b2ffda5c59a7ae4d955846c558646)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

...

This commit is contained in:

Andrej Valek

2017-06-14 14:55:03 +02:00

committed by Richard Purdie

parent b5ea1132a6

commit b611c4c7c0

2 changed files with 104 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-9047_CVE-2017-9048.patch

+103

File diff suppressed because one or more lines are too long