expat: CVE-2012-6702, CVE-2016-5300 - openembedded-core

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2017-01-16 07:30:00 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-05-18 13:13:38 +0100
commit	c9a2e2f33e8b473f06a3941dab9b4ecccd111a23 (patch)
tree	78dc7c70657ab5aef2b57d7a2192df0cd62059b0 /meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch
parent	990db70dac60541ef14977177fff4361e31c51eb (diff)
download	openembedded-core-c9a2e2f33e8b473f06a3941dab9b4ecccd111a23.tar.gz

expat: CVE-2012-6702, CVE-2016-5300

References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702 http://www.openwall.com/lists/oss-security/2016/06/04/5 Reference to upstream fix: https://bugzilla.redhat.com/attachment.cgi?id=1165210 Squashed backport against vanilla Expat 2.1.1, addressing: * CVE-2012-6702 -- unanticipated internal calls to srand * CVE-2016-5300 -- use of too little entropy Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: