expat: fix CVE-2013-0340 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Jasper Orschulko <jasper@fancydomain.eu>	2021-06-16 19:16:40 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-07-02 07:44:59 +0100
commit	8a496e9eb9f0540cb5c319451413812b7c51caf9 (patch)
tree	2d8841e7c47b580e0bf65c9b3a41bb8b003e90b8 /scripts/lib/devtool/deploy.py
parent	11a44f8bbadae9d4b6e67a4291af0e10fa6b285b (diff)
download	poky-8a496e9eb9f0540cb5c319451413812b7c51caf9.tar.gz

expat: fix CVE-2013-0340

expat < 4.0 is vulnerable to billion laughs attacks (see [https://github.com/libexpat/libexpat/issues/34]). This patch backports the commits b1d039607d3d8a042bf0466bfcc1c0f104e353c8 and 60959f2b491876199879d97c8ed956eabb0c2e73 from upstream. Additionally, the SRC_URI had to be adjusted due to renaming of the source archive (From OE-Core rev: b0b843797321360693172c57f2400b9c56ca51cf) Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/deploy.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: