From 6589de727ba9c9901fdd53d31bd88ad0f17f3905 Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com>
Date: Fri, 17 Jun 2016 11:20:58 +0800
Subject: expat: CVE-2016-0718

Fix CVE-2016-0718: expat XML parser crashes on malformed input

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0718
https://bugzilla.redhat.com/show_bug.cgi?id=1296102
https://bugzilla.suse.com/show_bug.cgi?id=979441

Patch from:
https://bugzilla.redhat.com/show_bug.cgi?id=1296102

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
---
 meta/recipes-core/expat/expat.inc | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-core/expat/expat.inc')

diff --git a/meta/recipes-core/expat/expat.inc b/meta/recipes-core/expat/expat.inc
index fe9d7e74f0..3d8429c513 100644
--- a/meta/recipes-core/expat/expat.inc
+++ b/meta/recipes-core/expat/expat.inc
@@ -6,6 +6,7 @@ LICENSE = "MIT"
 
 SRC_URI = "${SOURCEFORGE_MIRROR}/expat/expat-${PV}.tar.bz2 \
            file://autotools.patch \
+           file://CVE-2016-0718.patch \
 	  "
 
 inherit autotools lib_package gzipnative
-- 
cgit 1.2.3-korg