From: Khem Raj <raj.khem@gmail.com>
Date: Sun, 14 Aug 2022 22:20:35 +0000 (-0700)
Subject: libxml2: Ignore CVE-2016-3709
X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~3267
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=131b7010ae45b0c4e1c6a29dfc56b225d2ad2a69;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

libxml2: Ignore CVE-2016-3709

This is fixed via a revert in 2.9.11 [1]

[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb b/meta/recipes-core/libxml/libxml2_2.9.14.bb
index 3081ebf92f0..e58298d3b01 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -29,6 +29,10 @@ SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c
 
 BINCONFIG = "${bindir}/xml2-config"
 
+# Fixed since 2.9.11 via
+# https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f
+CVE_CHECK_IGNORE += "CVE-2016-3709"
+
 PACKAGECONFIG ??= "python \
     ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
 "