From cf9d8807f80c5715daed11b5bcbb4378dcbcbd54 Mon Sep 17 00:00:00 2001 From: Siddharth Doshi Date: Mon, 17 Jun 2024 21:01:18 +0530 Subject: [PATCH] libxml2: Upgrade 2.12.6 -> 2.12.8 CVE's Fixed by upgrade: CVE-2024-34459 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c Other Changes between 2.12.6 -> 2.12.8 ====================================== https://gitlab.gnome.org/GNOME/libxml2/-/blob/2.12/NEWS?ref_type=heads (From OE-Core rev: 0dc695fe1f6deffc65d61257009bbfed4f2c53e9) Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman --- .../libxml/{libxml2_2.12.6.bb => libxml2_2.12.8.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-core/libxml/{libxml2_2.12.6.bb => libxml2_2.12.8.bb} (97%) diff --git a/meta/recipes-core/libxml/libxml2_2.12.6.bb b/meta/recipes-core/libxml/libxml2_2.12.8.bb similarity index 97% rename from meta/recipes-core/libxml/libxml2_2.12.6.bb rename to meta/recipes-core/libxml/libxml2_2.12.8.bb index 14fcff7fa4..fb103f0273 100644 --- a/meta/recipes-core/libxml/libxml2_2.12.6.bb +++ b/meta/recipes-core/libxml/libxml2_2.12.8.bb @@ -20,7 +20,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt file://install-tests.patch \ " -SRC_URI[archive.sha256sum] = "889c593a881a3db5fdd96cc9318c87df34eb648edfc458272ad46fd607353fbb" +SRC_URI[archive.sha256sum] = "43ad877b018bc63deb2468d71f95219c2fac196876ef36d1bee51d226173ec93" SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273" # Disputed as a security issue, but fixed in d39f780