[Buildroot] [PATCH] xerces: add upstream security fix

Peter Korsgaard peter at korsgaard.com
Tue Mar 27 07:48:27 UTC 2018

>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > CVE-2017-12627: dereference of a NULL pointer while processing the path
 > to the DTD.

 > xerces 3.2.1 includes this patch. But this version also added
 > AC_RUN_IFELSE to its configure script, making cross compilation harder.

 > Switching to cmake is also problematic since the minimum required cmake
 > version is 3.2.0. The host dependencies check currently allows minimum
 > cmake version 3.1.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list