Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4db9a46243eea0e7c4e3f852d57a6878ce01ce1a
rpi-buildroot/package/libxml2
History
Thomas Perale 5f11da8ca6 package/libxml2: add patch for CVE-2025-6170 
This fixes the following vulnerability:

- CVE-2025-6170

    A flaw was found in the interactive shell of the xmllint command-line
    tool, used for parsing XML files. When a user inputs an overly long
    command, the program does not check the input size properly, which can
    cause it to crash. This issue might allow attackers to run harmful
    code in rare configurations without modern protections.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-6170
  - c340e41950

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c68a14d73a)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
2025-08-07 12:19:04 +02:00
..
0001-tree-Fix-integer-overflow-in-xmlBuildQName.patch
package/libxml2: add patch for CVE-2025-6021
2025-07-15 18:36:54 +02:00
0002-schematron-Fix-memory-safety-issues-in-xmlSchematron.patch
package/libxml2: add patch for CVE-2025-49794 & CVE-2025-49796
2025-07-15 18:37:05 +02:00
0003-Schematron-Fix-null-pointer-dereference-leading-to-D.patch
package/libxml2: add patch for CVE-2025-49795
2025-07-15 18:37:12 +02:00
0004-fix-potential-buffer-overflows-of-interactive-shell.patch
package/libxml2: add patch for CVE-2025-6170
2025-08-07 12:19:04 +02:00
Config.in
libxml2.hash
libxml2.mk
package/libxml2: add patch for CVE-2025-6170
2025-08-07 12:19:04 +02:00