git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

projects / thirdparty / openembedded / openembedded-core.git / commit

author	Ralph Siemsen <ralph.siemsen@linaro.org>
	Fri, 11 Mar 2022 20:37:58 +0000 (15:37 -0500)
committer	Steve Sakoman <steve@sakoman.com>
	Mon, 14 Mar 2022 16:07:47 +0000 (06:07 -1000)
commit	6c2f91ce93921c9bfe52c62c0347b992df98d62d
tree	fb3d515a32de30bd43668e30a37d2f09d4b6176b	tree
parent	ff90d0e91aec252d3f5986df9ce02293cddadbca	commit \| diff

libxml2: backport fix for CVE-2022-23308

Use-after-free of ID and IDREF attributes, which could result in denial
of service.

https://nvd.nist.gov/vuln/detail/CVE-2022-23308
CVE: CVE-2022-23308

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch	[new file with mode: 0644]	blob
meta/recipes-core/libxml/libxml2_2.9.10.bb		diff \| blob \| blame \| history

Mirror of git://git.openembedded.org/openembedded-core

RSS Atom