From a0d164d7705034b2c351c518cebad8811ed5026f Mon Sep 17 00:00:00 2001 From: Lee Chee Yang Date: Mon, 11 Mar 2024 16:39:48 +0800 Subject: [PATCH] libxml2: upgrade to 2.11.7 libxml2 2.11.7 Security [CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking libxml2 2.11.6 Regressions threads: Fix --with-thread-alloc xinclude: Fix 'last' pointer in xmlXIncludeCopyNode Bug fixes parser: Fix potential use-after-free in xmlParseCharDataInternal Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- .../libxml/{libxml2_2.11.5.bb => libxml2_2.11.7.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-core/libxml/{libxml2_2.11.5.bb => libxml2_2.11.7.bb} (97%) diff --git a/meta/recipes-core/libxml/libxml2_2.11.5.bb b/meta/recipes-core/libxml/libxml2_2.11.7.bb similarity index 97% rename from meta/recipes-core/libxml/libxml2_2.11.5.bb rename to meta/recipes-core/libxml/libxml2_2.11.7.bb index fc82912df25..482ce9042de 100644 --- a/meta/recipes-core/libxml/libxml2_2.11.5.bb +++ b/meta/recipes-core/libxml/libxml2_2.11.7.bb @@ -18,7 +18,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt file://install-tests.patch \ " -SRC_URI[archive.sha256sum] = "3727b078c360ec69fa869de14bd6f75d7ee8d36987b071e6928d4720a28df3a6" +SRC_URI[archive.sha256sum] = "fb27720e25eaf457f94fd3d7189bcf2626c6dccf4201553bc8874d50e3560162" SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273" # Disputed as a security issue, but fixed in d39f780 -- 2.47.2