libxml2 CVE-2012-2871 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Li Wang <li.wang@windriver.com>	2012-12-13 13:54:21 +0800
committer	Saul Wold <sgw@linux.intel.com>	2012-12-14 15:17:21 -0800
commit	bc601f96f34ad17a87f599b58e502ec1b2c13fa3 (patch)
tree	11145a9f7e039d39d80f0edb17d32366687f74ac /meta/recipes-core/busybox
parent	9f6964b489ef3e0f175bf33a94ab819408875da8 (diff)
download	openembedded-core-contrib-bc601f96f34ad17a87f599b58e502ec1b2c13fa3.tar.gz

libxml2 CVE-2012-2871

the patch come from: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \ /include/libxml/tree.h?r1=56276&r2=149930 libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871 [YOCTO #3580] [ CQID: WIND00376779 ] Upstream-Status: Pending Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>

Diffstat (limited to 'meta/recipes-core/busybox')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: