diff options
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch')
-rw-r--r-- | import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch new file mode 100644 index 000000000..f4113efba --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch @@ -0,0 +1,34 @@ +From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Thu, 29 Oct 2015 19:33:23 +0800 +Subject: Fix for type confusion in preprocessing attributes + +CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 +We need to check that the parent node is an element before dereferencing +its namespace + +Upstream-Status: Backport +CVE: CVE-2015-7995 + +https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + libxslt/preproc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: libxslt-1.1.28/libxslt/preproc.c +=================================================================== +--- libxslt-1.1.28.orig/libxslt/preproc.c ++++ libxslt-1.1.28/libxslt/preproc.c +@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr st + } else if (IS_XSLT_NAME(inst, "attribute")) { + xmlNodePtr parent = inst->parent; + +- if ((parent == NULL) || (parent->ns == NULL) || ++ if ((parent == NULL) || ++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || + ((parent->ns != inst->ns) && + (!xmlStrEqual(parent->ns->href, inst->ns->href))) || + (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { |