libxml2: Fix CVE-2017-0663

Fix type confusion in xmlValidateOneNamespace Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on namespace declarations make no practical sense anyway. Fixes bug 780228 CVE: CVE-2017-0663 Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
author: Andrej Valek <andrej.valek@siemens.com> 2017-06-14 15:07:56 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-06-23 11:43:39 +0100
commit: a965be7b6a1d730851b4a3bc8fd534b9b2334227 (patch)
tree: 625ae75fdeea3a33ce4fe5cfd47966f11df45f1f /meta/recipes-core/libxml/libxml2_2.9.4.bb
parent: 0cae039cbe513b7998e067f4f3958af2ec65ed1a (diff)
download: openembedded-core-contrib-a965be7b6a1d730851b4a3bc8fd534b9b2334227.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2_2.9.4.bb b/meta/recipes-core/libxml/libxml2_2.9.4.bb
index 2996809e4a..677d8c9bb5 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.4.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.4.bb
@@ -27,6 +27,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
            file://libxml2-CVE-2017-9047_CVE-2017-9048.patch \
            file://libxml2-CVE-2017-9049_CVE-2017-9050.patch \
            file://libxml2-CVE-2017-5969.patch \
+           file://libxml2-CVE-2017-0663.patch \
            file://CVE-2016-9318.patch \
            file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \
            "
author	Andrej Valek <andrej.valek@siemens.com>	2017-06-14 15:07:56 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-06-23 11:43:39 +0100
commit	a965be7b6a1d730851b4a3bc8fd534b9b2334227 (patch)
tree	625ae75fdeea3a33ce4fe5cfd47966f11df45f1f /meta/recipes-core/libxml/libxml2_2.9.4.bb
parent	0cae039cbe513b7998e067f4f3958af2ec65ed1a (diff)
download	openembedded-core-contrib-a965be7b6a1d730851b4a3bc8fd534b9b2334227.tar.gz