mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-22 06:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

expat: add missing Upstream-status, CVE tag and sign-off to CVE-2021-46143.patch

Browse Source 
(From OE-Core rev: a32cee6c9e1ff53e424b8386c36555e6cf3bf3af)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 7e33aa25acc0c29b8f5e78757c6557e614eb1434)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Steve Sakoman
2022-01-31 07:15:20 -10:00
committed by Richard Purdie
parent 85dd9e10bd
commit bce56ecf96
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
meta/recipes-core/expat/expat/CVE-2021-46143.patch
View File

@@ -4,6 +4,12 @@ Date: Sat, 25 Dec 2021 20:52:08 +0100
Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function
doProlog (CVE-2021-46143)
Upstream-Status: Backport:
https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b
CVE: CVE-2021-46143
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
expat/lib/xmlparse.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)