]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: e2e0c91) | patch
libxml2: fix CVE-2017-8872
authorHongxu Jia <hongxu.jia@windriver.com>
Wed, 4 Jul 2018 01:39:14 +0000 (09:39 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 4 Jul 2018 23:24:14 +0000 (00:24 +0100)
commitdac867dc63af70ae992c50697d2be95c3e7b58bb
treeea126143747241b79f86acc4621f408d304e1148tree | snapshot
parente2e0c91c2c8229d9ed0958de98b5a9b14c6805d1commit | diff
libxml2: fix CVE-2017-8872

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4
allows attackers to cause a denial of service (buffer over-read) or
information disclosure.

https://bugzilla.gnome.org/show_bug.cgi?id=775200

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-core/libxml/libxml2/fix-CVE-2017-8872.patch [new file with mode: 0644] blob
meta/recipes-core/libxml/libxml2_2.9.8.bb diff | blob | history
Mirror of the official openembedded-core repository