Ovidiu Panait
|
f2422aad3b
|
libxml2: Fix CVE-2020-24977
GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow
vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has
been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1).
Reference:
https://gitlab.gnome.org/GNOME/libxml2/-/issues/178
Upstream patch:
50f06b3efb
(From OE-Core rev: d5406b389fcae8fb0f5fc9cc7dbf7ee819c04bc8)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 92dc02b8f03f3586de0a2ec1463b189a3918e303)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2020-09-17 12:51:24 +01:00 |
|
Lee Chee Yang
|
c066af580b
|
libxml2: Fix CVE-2019-20388
see:
https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
(From OE-Core rev: 12a5eb0ea6f530ad7be2e58d4091b4edadbf461b)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2020-02-15 10:26:42 +00:00 |
|
Anuj Mittal
|
0ca68e153d
|
libxml2: fix CVE-2020-7595
(From OE-Core rev: f2f7aa9a495774fe5a2e3947584cb3503bd1eaf1)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2020-02-05 12:00:34 +00:00 |
|
Alexander Kanavin
|
d62895e112
|
libxml2: update to 2.9.10
(From OE-Core rev: de72e0440bc36fab09a7e3c13d3967c97dcda66b)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2019-12-16 23:25:49 +00:00 |
|