From e5e63be86e247f1e243e4a8aa2be94e09df06c4c Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Tue, 2 Aug 2022 09:46:07 +0530
Subject: python3-lxml: CVE-2022-2309 NULL Pointer Dereference allows attackers
 to cause a denial of service

Source: https://github.com/lxml/lxml
MR: 119399
Type: Security Fix
Disposition: Backport from https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f
ChangeID: 0b1ef4ce4c901ef6574a83ecbe4c4b1d2ab24777
Description:
        CVE-2022-2309 libxml: NULL Pointer Dereference allows attackers to cause a denial of service.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 meta-python/recipes-devtools/python/python-lxml.inc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta-python/recipes-devtools/python/python-lxml.inc')

diff --git a/meta-python/recipes-devtools/python/python-lxml.inc b/meta-python/recipes-devtools/python/python-lxml.inc
index 05b5eae462..0276a3e81a 100644
--- a/meta-python/recipes-devtools/python/python-lxml.inc
+++ b/meta-python/recipes-devtools/python/python-lxml.inc
@@ -18,6 +18,8 @@ LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=e4c045ebad958ead4b48008f70838403 \
 
 DEPENDS += "libxml2 libxslt"
 
+SRC_URI += "file://CVE-2022-2309.patch"
+
 SRC_URI[md5sum] = "f088e452ed45b030b6f84269f1e84d11"
 SRC_URI[sha256sum] = "8620ce80f50d023d414183bf90cc2576c2837b88e00bea3f33ad2630133bbb60"
 
-- 
cgit v1.2.3-54-g00ecf