projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60cd158) | patch
package/libxml2: fix CVE-2020-24977
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Mon, 14 Sep 2020 21:06:44 +0000 (23:06 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sat, 19 Sep 2020 20:16:02 +0000 (22:16 +0200)
commita530ca6bd9039ae3d021e32e12ea5f3b3e23ff11
tree1bbf5873df4efbf04d6c40f4aee1481bd4c91b26tree
parent60cd158f0eb323c479f3d2b212261276410c5669commit | diff
package/libxml2: fix CVE-2020-24977

GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow
vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/libxml2/0003-Fix-out-of-bounds-read-with-xmllint--htmlout.patch [new file with mode: 0644] blob
package/libxml2/libxml2.mk diff | blob | history