[Buildroot] [PATCH] xerces: add upstream security fix
Peter Korsgaard
peter at korsgaard.com
Wed Apr 11 15:44:43 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> CVE-2017-12627: dereference of a NULL pointer while processing the path
> to the DTD.
> xerces 3.2.1 includes this patch. But this version also added
> AC_RUN_IFELSE to its configure script, making cross compilation harder.
> Switching to cmake is also problematic since the minimum required cmake
> version is 3.2.0. The host dependencies check currently allows minimum
> cmake version 3.1.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list