]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 24c0ab1) | patch
libxml2: fix CVE-2025-49795
authorRoland Kovacs <roland.kovacs@est.tech>
Thu, 17 Jul 2025 11:44:13 +0000 (13:44 +0200)
committerSteve Sakoman <steve@sakoman.com>
Fri, 18 Jul 2025 15:50:31 +0000 (08:50 -0700)
commitb144c3ef3ba1797d925ea44d9450a6ec0fe32047
tree62cf671b6a77af4ff93b7701a78b122c09de4615tree
parent24c0ab18045920bb5c1e965c0ea6d176fd6de234commit | diff
libxml2: fix CVE-2025-49795

A NULL pointer dereference vulnerability was found in libxml2 when processing
XPath XML expressions. This flaw allows an attacker to craft a malicious XML
input to libxml2, leading to a denial of service.

Signed-off-by: Roland Kovacs <roland.kovacs@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/libxml/libxml2/CVE-2025-49795.patch [new file with mode: 0644] blob
meta/recipes-core/libxml/libxml2_2.12.10.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib