[Buildroot] [PATCHv2] package/libxml2: add upstream security fix for CVE-2019-20388
Peter Korsgaard
peter at korsgaard.com
Tue Feb 18 22:06:29 UTC 2020
>>>>> "Thomas" == Thomas De Schampheleire <patrickdepinguin at gmail.com> writes:
> From: Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>
> Fixes CVE-2019-20388: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10
> allows an xmlSchemaValidateStream memory leak.
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>
> ---
> v2: add sob line inside patch (ThomasP)
It would be great if we could start updating <pkg>_IGNORE_CVES for such
patches as well, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list