[OE-core] [PATCH v3] libxml2: 2.9.4 -> 2.9.6
Andrej Valek
andrej.valek at siemens.com
Fri Oct 6 13:19:02 UTC 2017
It is continue in discussion from thread
(http://lists.openembedded.org/pipermail/openembedded-core/2017-September/142891.html).
For the explanation CVE-* fx-* patches have been removed due to
backports. Ptest patch has been modified to adapt new changes in sources.
I have also updated a PR.
Andrej
On 10/06/2017 02:11 PM, Alexander Kanavin wrote:
> On 10/06/2017 10:27 AM, Andrej Valek wrote:
>> Signed-off-by: Andrej Valek <andrej.valek at siemens.com>
>> ---
>> .../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
>> .../libxml/libxml2/libxml2-CVE-2016-4658.patch | 269 ----------
>> .../libxml/libxml2/libxml2-CVE-2016-5131.patch | 180 -------
>> .../libxml/libxml2/libxml2-CVE-2017-0663.patch | 40 --
>> .../libxml/libxml2/libxml2-CVE-2017-5969.patch | 62 ---
>> .../libxml/libxml2/libxml2-CVE-2017-8872.patch | 37 --
>> .../libxml2-CVE-2017-9047_CVE-2017-9048.patch | 103 ----
>> .../libxml2-CVE-2017-9049_CVE-2017-9050.patch | 291 ----------
>> .../libxml2/libxml2-fix_NULL_pointer_derefs.patch | 45 --
>> ...ibxml2-fix_and_simplify_xmlParseStartTag2.patch | 590 ---------------------
>> .../libxml2/libxml2-fix_node_comparison.patch | 67 ---
>> meta/recipes-core/libxml/libxml2/runtest.patch | 34 +-
>> .../libxml/{libxml2_2.9.4.bb => libxml2_2.9.6.bb} | 18 +-
>
> You need to explain why patches are being removed or modified. CVE fixes
> are likely backports, but this should not be guessed.
>
> Alex
>
More information about the Openembedded-core
mailing list