summaryrefslogtreecommitdiffstats
path: root/scripts/contrib/convert-srcuri.py
diff options
context:
space:
mode:
authorSteve Sakoman <steve@sakoman.com>2022-01-19 04:51:17 -1000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-01-25 12:06:55 +0000
commitb618e57f798148c3d032129cf1e60fd209730dfd (patch)
treeb48f83d0b338c67ef218ffa63a059430d84ef754 /scripts/contrib/convert-srcuri.py
parent95491a12eacdd84b113cf11cdc14489564e484d1 (diff)
downloadpoky-b618e57f798148c3d032129cf1e60fd209730dfd.tar.gz
expat: fix CVE-2021-45960
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). Backport patch from: https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea CVE: CVE-2021-45960 (From OE-Core rev: 22fe1dea3164a5cd4d5636376f3671641ada1da9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'scripts/contrib/convert-srcuri.py')
0 files changed, 0 insertions, 0 deletions