diff options
Diffstat (limited to 'meta/recipes-core/expat/expat/CVE-2023-52426-011.patch')
-rw-r--r-- | meta/recipes-core/expat/expat/CVE-2023-52426-011.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-core/expat/expat/CVE-2023-52426-011.patch b/meta/recipes-core/expat/expat/CVE-2023-52426-011.patch new file mode 100644 index 0000000000..d1b0be2aff --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2023-52426-011.patch @@ -0,0 +1,45 @@ +From 8a6c61de4a425977e357cafd8667a0d7771ce292 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Thu, 26 Oct 2023 01:29:03 +0200 +Subject: [PATCH] lib: Add XML_GE to XML_GetFeatureList and XML_FeatureEnum + Co-authored-by: Snild Dolkow <snild@sony.com> + +CVE: CVE-2023-52426 +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/8a6c61de4a425977e357cafd8667a0d7771ce292] + +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +--- + lib/expat.h | 4 +++- + lib/xmlparse.c | 2 ++ + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/lib/expat.h b/lib/expat.h +index fa2eb45..9e64174 100644 +--- a/lib/expat.h ++++ b/lib/expat.h +@@ -1025,7 +1025,9 @@ enum XML_FeatureEnum { + XML_FEATURE_ATTR_INFO, + /* Added in Expat 2.4.0. */ + XML_FEATURE_BILLION_LAUGHS_ATTACK_PROTECTION_MAXIMUM_AMPLIFICATION_DEFAULT, +- XML_FEATURE_BILLION_LAUGHS_ATTACK_PROTECTION_ACTIVATION_THRESHOLD_DEFAULT ++ XML_FEATURE_BILLION_LAUGHS_ATTACK_PROTECTION_ACTIVATION_THRESHOLD_DEFAULT, ++ /* Added in Expat 2.6.0. */ ++ XML_FEATURE_GE + /* Additional features must be added to the end of this enum. */ + }; + +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 82a8006..0627d6c 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -2544,6 +2544,8 @@ XML_GetFeatureList(void) { + {XML_FEATURE_BILLION_LAUGHS_ATTACK_PROTECTION_ACTIVATION_THRESHOLD_DEFAULT, + XML_L("XML_BLAP_ACT_THRES"), + EXPAT_BILLION_LAUGHS_ATTACK_PROTECTION_ACTIVATION_THRESHOLD_DEFAULT}, ++ /* Added in Expat 2.6.0. */ ++ {XML_FEATURE_GE, XML_L("XML_GE"), 0}, + #endif + {XML_FEATURE_END, NULL, 0}}; + +-- +2.40.0 |