summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/expat/expat_2.2.9.bb
AgeCommit message (Collapse)Author
2021-07-02expat: fix CVE-2013-0340Jasper Orschulko
expat < 4.0 is vulnerable to billion laughs attacks (see [https://github.com/libexpat/libexpat/issues/34]). This patch backports the commits b1d039607d3d8a042bf0466bfcc1c0f104e353c8 and 60959f2b491876199879d97c8ed956eabb0c2e73 from upstream. Additionally, the SRC_URI had to be adjusted due to renaming of the source archive (From OE-Core rev: b0b843797321360693172c57f2400b9c56ca51cf) Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03expat: set CVE_PRODUCTSteve Sakoman
Upstream database uses both "expat" and "libexpat" to report CVEs (From OE-Core rev: f89b497800fb3a3ecd77b7a868a02800b6c86d92) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 706bdcaec5fd7c59d7877bbefa5ed4ce5b4f3da1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-10-15expat:upgrade 2.2.8 -> 2.2.9Zang Ruochen
(From OE-Core rev: 9650eefe45b6b5bec014245d89529b7f1b2ce172) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-11 13:38:39 +0000