code.ossystems Code Review - openembedded-core.git/commit

author	Armin Kuster <akuster@mvista.com>
	Thu, 29 Oct 2015 23:22:41 +0000 (16:22 -0700)
committer	Robert Yang <liezhi.yang@windriver.com>
	Tue, 8 Dec 2015 08:18:12 +0000 (00:18 -0800)
commit	bc8b7401fa18f6a987041d7f93a1fa3512f8513c
tree	faf10f21584c8e91cd81f573c36fb5c4529b26fb	tree \| snapshot
parent	97b247a88024083ce145f9e64ac9c9a182d02d3e	commit \| diff

libxslt: CVE-2015-7995

This is a is being give a High rating so please consider it for
all 1.1.28 versions.

A type confusion error within the libxslt "xsltStylePreCompute()"
function in preproc.c can lead to a DoS. Confirmed in version 1.1.28,
other versions may also be affected.

(From OE-Core master rev: 0f89bbab6588a1171259801fa879516740030acb)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>

meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch	[new file with mode: 0644]	blob
meta/recipes-support/libxslt/libxslt_1.1.28.bb		diff \| blob \| history