mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-15 13:13:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

expat: add missing Upstream-status, CVE tag and sign-off to CVE-2021-46143.patch

Browse Source 
(From OE-Core rev: f79b134c1ad77d7f508f443c1d155c898620087f)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Steve Sakoman
2022-01-31 07:15:20 -10:00
committed by Richard Purdie
parent 5eab654048
commit 239fa60002
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
meta/recipes-core/expat/expat/CVE-2021-46143.patch
View File

@@ -4,6 +4,12 @@ Date: Sat, 25 Dec 2021 20:52:08 +0100
Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function
doProlog (CVE-2021-46143)
Upstream-Status: Backport:
https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b
CVE: CVE-2021-46143
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
expat/lib/xmlparse.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)