code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Tony Tascioglu <tony.tascioglu@windriver.com>
	Fri, 14 May 2021 13:14:50 +0000 (09:14 -0400)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Sat, 22 May 2021 09:01:16 +0000 (10:01 +0100)
commit	6d69f7453f78dcb19f472dcea183e859648c5243
tree	774ae6d1e2a16f6dff4481033a8b0e49f4b7d429	tree \| snapshot
parent	490cddd7baf1aacb814128b611aabf82fda3e77b	commit \| diff

libxml2: fix CVE-2021-3537

Parsing specially crafted Mixed Content while parsing XML data may
lead to invalid data structure being created, as errors were not
propagated. This could lead to several NULL Pointer Dereference when
post-validating documents parsed in recovery mode.

CVE: CVE-2021-3537
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61]

Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch	[new file with mode: 0644]	blob
meta/recipes-core/libxml/libxml2_2.9.10.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom