mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-15 13:13:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,521 Commits 38 Branches 617 Tags
2cba73f2b138245d93979d7327a94de2ce91103e
Commit Graph

2 Commits

Author SHA1 Message Date
Ross Burton
95969ef3dd libxml2: refresh CVE-2017-8872 
The patch associated with the CVE-2017-8872 report was never merged into
libxml2, but a slightly different patch for the same problem was.  Cherry-pick
that as a backport, which also fixes the failing test suite.

(From OE-Core rev: 512869aea6dde1bb2374601f7c4d793ac9edaa42)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-04 23:00:55 +01:00
Hongxu Jia
956ddcc9d4 libxml2: fix CVE-2017-8872 
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4
allows attackers to cause a denial of service (buffer over-read) or
information disclosure.

https://bugzilla.gnome.org/show_bug.cgi?id=775200

(From OE-Core rev: dac867dc63af70ae992c50697d2be95c3e7b58bb)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-07-05 11:39:06 +01:00