On Thu, 2021-01-21 at 14:59 +0800, Wang Mingyu wrote: > References > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12825 > > Signed-off-by: Wang Mingyu <[email protected]> > --- > .../libcroco/libcroco/CVE-2020-12825.patch | 170 ++++++++++++++++++ > .../libcroco/libcroco_0.6.13.bb | 2 + > 2 files changed, 172 insertions(+) > create mode 100644 > meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > > diff --git a/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > b/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > new file mode 100644 > index 0000000000..cde0abd676 > --- /dev/null > +++ b/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > @@ -0,0 +1,170 @@ > +Subject: [PATCH] libcroco: Limit recursion in block and any productions > + > +Signed-off-by:Michael Catanzaro @mcatanzaro
Thanks for this, the patch has no Upstream-Status set though? Could you resend with one please? Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#147057): https://lists.openembedded.org/g/openembedded-core/message/147057 Mute This Topic: https://lists.openembedded.org/mt/79998594/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
