]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5858567) | patch
libxml2: ignore CVE-2025-8732
authorDaniel Turull <daniel.turull@ericsson.com>
Tue, 19 Aug 2025 10:47:24 +0000 (12:47 +0200)
committerSteve Sakoman <steve@sakoman.com>
Tue, 19 Aug 2025 13:36:09 +0000 (06:36 -0700)
commit348ce728af1cea4f909de5c3597801b5612719e4
treeaeab7389d115272fe650bb67a77efe71a25442ebtree | snapshot
parent5858567a9222d9fff6f0a282cf7c7bda4e19af57commit | diff
libxml2: ignore CVE-2025-8732

The code maintainer disputes the CVE as the issue can only be triggered with
untrusted SGML catalogs and it makes absolutely no sense to use untrusted
catalogs.

The issue triggers a crash if an invalid file is provided.
Source: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958"

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/libxml/libxml2_2.12.10.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib