diff mbox series

[hardknott,12/12] expat: add missing Upstream-status, CVE tag and sign-off to CVE-2021-46143.patch

Message ID a32cee6c9e1ff53e424b8386c36555e6cf3bf3af.1644224643.git.anuj.mittal@intel.com
State Accepted, archived
Commit a32cee6c9e1ff53e424b8386c36555e6cf3bf3af
Headers show
Series [hardknott,01/12] qemu: fix CVE-2021-3713 | expand

Commit Message

Mittal, Anuj Feb. 7, 2022, 9:07 a.m. UTC 
From: Steve Sakoman <steve@sakoman.com>

Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 7e33aa25acc0c29b8f5e78757c6557e614eb1434)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/expat/expat/CVE-2021-46143.patch | 6 ++++++
 1 file changed, 6 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
index d6bafba0ff..b1a726d9a8 100644
--- a/meta/recipes-core/expat/expat/CVE-2021-46143.patch
+++ b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
@@ -4,6 +4,12 @@  Date: Sat, 25 Dec 2021 20:52:08 +0100
 Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function
  doProlog (CVE-2021-46143)
 
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b
+
+CVE: CVE-2021-46143
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
 ---
  expat/lib/xmlparse.c | 15 +++++++++++++++
  1 file changed, 15 insertions(+)