]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f0017a7) | patch
libxml2: Fix CVE-2017-0663
authorAndrej Valek <andrej.valek@siemens.com>
Wed, 14 Jun 2017 13:07:56 +0000 (15:07 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 27 Jul 2017 21:34:38 +0000 (22:34 +0100)
commite442e7105ba39ddaed0749614b5ee552f9df2d5a
tree2d8a24e3206ae395f63726a20a2e374aa033ddf7tree | snapshot
parentf0017a7b8b3fc4407e6596156b57aa1183937382commit | diff
libxml2: Fix CVE-2017-0663

Fix type confusion in xmlValidateOneNamespace

Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types
on namespace declarations make no practical sense anyway.

Fixes bug 780228

CVE: CVE-2017-0663
(From OE-Core rev: a965be7b6a1d730851b4a3bc8fd534b9b2334227)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-0663.patch [new file with mode: 0644] blob
meta/recipes-core/libxml/libxml2_2.9.4.bb diff | blob | history
Mirror of the official openembedded-core repository