sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity

libxml2: Fix CVE-2017-9047 and CVE-2017-9048 

xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.

Fixes bug 781333 and bug 781701

CVE: CVE-2017-9047 CVE-2017-9048
(From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a)

(From OE-Core rev: d549b8f3836b2ffda5c59a7ae4d955846c558646)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Andrej Valek 2017-06-14 14:55:03 +02:00 committed by Richard Purdie
parent b5ea1132a6
commit b611c4c7c0
2 changed files with 104 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-9047_CVE-2017-9048.patch Normal file
View File

File diff suppressed because one or more lines are too long

1
meta/recipes-core/libxml/libxml2_2.9.4.bb
View File

@ -24,6 +24,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
file://libxml2-CVE-2016-4658.patch \
file://libxml2-fix_NULL_pointer_derefs.patch \
file://libxml2-fix_and_simplify_xmlParseStartTag2.patch \
file://libxml2-CVE-2017-9047_CVE-2017-9048.patch \
file://CVE-2016-9318.patch \
"