diff options
author | Armin Kuster <akuster@mvista.com> | 2015-11-11 14:21:46 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-11-25 07:56:57 +0000 |
commit | 27de51f4ad21d9b896e7d48041e7cdf20c564a38 (patch) | |
tree | 2622534248c1cbb41132c81b8c5c10155734da6a /meta/recipes-core/libxml/libxml2.inc | |
parent | 457bd6297ae99627c5f596c3c09086d787d5a5ab (diff) | |
download | openembedded-core-contrib-27de51f4ad21d9b896e7d48041e7cdf20c564a38.tar.gz |
libxml2: fix CVE-2015-7942 and CVE-2015-8035
CVE-2015-7942 libxml2: heap-based buffer overflow in xmlParseConditionalSections()
CVE-2015-8035 libxml2: DoS when parsing specially crafted XML document if XZ support is enabled
[YOCTO #8641]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-core/libxml/libxml2.inc')
-rw-r--r-- | meta/recipes-core/libxml/libxml2.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2.inc b/meta/recipes-core/libxml/libxml2.inc index 1c3c37d509..6ada401385 100644 --- a/meta/recipes-core/libxml/libxml2.inc +++ b/meta/recipes-core/libxml/libxml2.inc @@ -21,6 +21,8 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \ file://libxml-m4-use-pkgconfig.patch \ file://configure.ac-fix-cross-compiling-warning.patch \ file://0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch \ + file://CVE-2015-7942.patch \ + file://CVE-2015-8035.patch \ " BINCONFIG = "${bindir}/xml2-config" |