poky/libxml at f16cffd030d21d12dd57bb95cfc310bda41f8a1f - poky

CaROS/poky

mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00

History

Daniel Turull 3318b5eb4d libxml2: ignore CVE-2025-8732 The code maintainer disputes the CVE as the issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. The issue triggers a crash if an invalid file is provided. Source: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958" (From OE-Core rev: 348ce728af1cea4f909de5c3597801b5612719e4) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-08-22 05:59:55 -07:00
..
libxml2	libxml2: patch CVE-2025-6170	2025-08-04 07:55:07 -07:00
libxml2_2.12.10.bb	libxml2: ignore CVE-2025-8732	2025-08-22 05:59:55 -07:00

Daniel Turull 3318b5eb4d libxml2: ignore CVE-2025-8732

The code maintainer disputes the CVE as the issue can only be triggered with
untrusted SGML catalogs and it makes absolutely no sense to use untrusted
catalogs.

The issue triggers a crash if an invalid file is provided.
Source: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958"

(From OE-Core rev: 348ce728af1cea4f909de5c3597801b5612719e4)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-08-22 05:59:55 -07:00

libxml2

libxml2: patch CVE-2025-6170

2025-08-04 07:55:07 -07:00

libxml2_2.12.10.bb

libxml2: ignore CVE-2025-8732

2025-08-22 05:59:55 -07:00