[Buildroot] [PATCH] expat: security bump to version 2.2.1
Peter Korsgaard
peter at korsgaard.com
Mon Jun 26 07:49:35 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes:
> - CVE-2017-9233 - External entity infinite loop DoS. See:
> https://libexpat.github.io/doc/cve-2017-9233/
> - CVE-2016-9063 -- Detect integer overflow
> And further more:
> - Fix regression from fix to CVE-2016-0718 cutting off longer tag names.
> - Extend fix for CVE-2016-5300 (use getrandom() if available).
> - Extend fix for CVE-2012-0876 (Change hash algorithm to William Ahern's
> version of SipHash).
> Also add an upstream patch to fix detection of getrandom().
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed this + fixup patch to 2017.02.x and 2017.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list