expat: fix CVE-2023-52425 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Meenali Gupta <meenali.gupta@windriver.com>	2024-03-29 11:12:02 +0000
committer	Steve Sakoman <steve@sakoman.com>	2024-04-05 07:23:59 -0700
commit	f9653f111864598e3659108ab2692c81f677954b (patch)
tree	0432eeda286e46e584a006379ad4c9fa0368c646 /scripts/lib/devtool/utilcmds.py
parent	65e2df59905f6501898a7a24659a024119712f1f (diff)
download	poky-f9653f111864598e3659108ab2692c81f677954b.tar.gz

expat: fix CVE-2023-52425

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. References: https://nvd.nist.gov/vuln/detail/CVE-2023-52425 Changes related to test directory are not included as most of the files are not present and are introduced in the later version. (From OE-Core rev: 1bdcd10930a2998f6bbe56b3ba4c9b6c91203b39) Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/utilcmds.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: