And a CVE: CVE-2020-12825 tag alongside that too would be good. Ross
On Thu, 21 Jan 2021 at 10:50, Richard Purdie <richard.pur...@linuxfoundation.org> wrote: > > On Thu, 2021-01-21 at 14:59 +0800, Wang Mingyu wrote: > > References > > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12825 > > > > Signed-off-by: Wang Mingyu <wan...@cn.fujitsu.com> > > --- > > .../libcroco/libcroco/CVE-2020-12825.patch | 170 ++++++++++++++++++ > > .../libcroco/libcroco_0.6.13.bb | 2 + > > 2 files changed, 172 insertions(+) > > create mode 100644 > > meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > > > > diff --git a/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > > b/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > > new file mode 100644 > > index 0000000000..cde0abd676 > > --- /dev/null > > +++ b/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch > > @@ -0,0 +1,170 @@ > > +Subject: [PATCH] libcroco: Limit recursion in block and any productions > > + > > +Signed-off-by:Michael Catanzaro @mcatanzaro > > Thanks for this, the patch has no Upstream-Status set though? Could you > resend with one please? > > Cheers, > > Richard > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#147058): https://lists.openembedded.org/g/openembedded-core/message/147058 Mute This Topic: https://lists.openembedded.org/mt/79998594/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
