+++ /dev/null
-libxml2 CVE-2012-2871
-
-the patch come from:
-http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \
-/include/libxml/tree.h?r1=56276&r2=149930
-
-libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89,
-does not properly support a cast of an unspecified variable during handling
-of XSL transforms, which allows remote attackers to cause a denial of service
-or possibly have unknown other impact via a crafted document, related to the
-_xmlNs data structure in include/libxml/tree.h.
-
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- include/libxml/tree.h | 1 +
- 1 files changed, 1 insertions(+), 0 deletions(-)
-
-diff --git a/include/libxml/tree.h b/include/libxml/tree.h
-index b733589..5422dda 100644
---- a/include/libxml/tree.h
-+++ b/include/libxml/tree.h
-@@ -351,6 +351,7 @@ struct _xmlNs {
- struct _xmlNs *next; /* next Ns link for this node */
- xmlNsType type; /* global or local */
- const xmlChar *href; /* URL for the namespace */
-+ const char *dummy_children; /* lines up with node->children */
- const xmlChar *prefix; /* prefix for the namespace */
- void *_private; /* application data */
- struct _xmlDoc *context; /* normally an xmlDoc */
---
-1.7.0.5
-
require libxml2.inc
-SRC_URI += "file://libxml2-CVE-2012-2871.patch \
- http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
- "
+SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar"
SRC_URI[libtar.md5sum] = "9c0cfef285d5c4a5c80d00904ddab380"
SRC_URI[libtar.sha256sum] = "fd3c64cb66f2c4ea27e934d275904d92cec494a8e8405613780cbc8a71680fdb"
projects / scm / bb / tizen-distro.git / commitdiff