libxml2: Fix CVE-2017-9047 and CVE-2017-9048
xmlSnprintfElementContent failed to correctly check the available buffer space in two locations. Fixes bug 781333 and bug 781701 CVE: CVE-2017-9047 CVE-2017-9048 (From OE-Core rev: bb0af023e811907b4e641b39f654ca921ac8794a) (From OE-Core rev: d549b8f3836b2ffda5c59a7ae4d955846c558646) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
b5ea1132a6
commit
b611c4c7c0
File diff suppressed because one or more lines are too long
|
@ -24,6 +24,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
|
|||
file://libxml2-CVE-2016-4658.patch \
|
||||
file://libxml2-fix_NULL_pointer_derefs.patch \
|
||||
file://libxml2-fix_and_simplify_xmlParseStartTag2.patch \
|
||||
file://libxml2-CVE-2017-9047_CVE-2017-9048.patch \
|
||||
file://CVE-2016-9318.patch \
|
||||
"
|
||||
|
||||
|
|
Loading…
Reference in New Issue