projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 694fa0e) | patch
libxml2: add several security patches
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Tue, 17 Nov 2015 23:08:45 +0000 (20:08 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Wed, 18 Nov 2015 21:21:31 +0000 (22:21 +0100)
commit97abbf210a9fbbddaec534faef7c6e86f0545bef
tree7c8264010b06ca969ee35abfa8ccfc77ce1fb587tree
parent694fa0e332f8b3894a606619263c6ae38e4f6e20commit | diff
libxml2: add several security patches

Fixes:
CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause
a denial of service (memory consumption) via crafted XML data, related
to an XML Entity Expansion (XEE) attack.
CVE-2015-7941 - out-of-bounds memory access.
CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections.
CVE-2015-8035 - DoS via crafted xz file.

All patches upstream.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/libxml2/0003-fix-CVE-2015-1819.patch [new file with mode: 0644] blob
package/libxml2/0004-fix-CVE-2015-7941-1.patch [new file with mode: 0644] blob
package/libxml2/0005-fix-CVE-2015-7941-2.patch [new file with mode: 0644] blob
package/libxml2/0006-fix-CVE-2015-7942-1.patch [new file with mode: 0644] blob
package/libxml2/0007-fix-CVE-2015-7942-2.patch [new file with mode: 0644] blob
package/libxml2/0008-fix-CVE-2015-8035.patch [new file with mode: 0644] blob