libxml2: fix CVE-2021-3516

Fixes use-after-free in xmlEncodeEntitiesInternal() in entities.c CVE: CVE-2021-3516 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539] Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Tony Tascioglu <tony.tascioglu@windriver.com> 2021-05-14 09:14:49 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-05-22 10:01:16 +0100
commit: 490cddd7baf1aacb814128b611aabf82fda3e77b (patch)
tree: 52fc1f7bc09905da45deaffec0bc744b57b332f7 /meta/recipes-core/libxml/libxml2_2.9.10.bb
parent: 16ad173ba0e8f88b23c62aa8357b8afca36c2161 (diff)
download: openembedded-core-490cddd7baf1aacb814128b611aabf82fda3e77b.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb
index ad612379b3..6f1229c2d0 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.10.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -25,6 +25,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
            file://CVE-2020-24977.patch \
            file://fix-python39.patch \
            file://CVE-2021-3517.patch \
+           file://CVE-2021-3516.patch \
            "
 
 SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5"
author	Tony Tascioglu <tony.tascioglu@windriver.com>	2021-05-14 09:14:49 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-05-22 10:01:16 +0100
commit	490cddd7baf1aacb814128b611aabf82fda3e77b (patch)
tree	52fc1f7bc09905da45deaffec0bc744b57b332f7 /meta/recipes-core/libxml/libxml2_2.9.10.bb
parent	16ad173ba0e8f88b23c62aa8357b8afca36c2161 (diff)
download	openembedded-core-490cddd7baf1aacb814128b611aabf82fda3e77b.tar.gz