There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to
submit a crafted file to be processed by an application linked with libxml2
could trigger a use-after-free. The greatest impact from this flaw is to
confidentiality, integrity, and availability.
Upstream-Status: Bac
Sadly this patch won't apply.
Could you rebase it on the current head of dunfell? It seems you
generated this patch with an older version of dunfell that is missing
"libxml: fix CVE-2021-3517 CVE-2021-3537":
https://git.openembedded.org/openembedded-core-contrib/commit/?h=stable/dunfell-nut&id=f
Hi Steve,
sorry about that. Accidental checkout of dunfell-next. I sent a new patch.
Best regards,
Jasper
On 21 June 2021 17:26:14 CEST, Steve Sakoman wrote:
>Sadly this patch won't apply.
>
>Could you rebase it on the current head of dunfell? It seems you
>generated this patch with an older v
On Mon, Jun 21, 2021 at 5:38 AM Jasper Orschulko via
lists.openembedded.org
wrote:
>
> Hi Steve,
>
> sorry about that. Accidental checkout of dunfell-next. I sent a new patch.
No worries! V2 applied without issue.
Thanks,
Steve
>
> Best regards,
> Jasper
>
> On 21 June 2021 17:26:14 CEST, Ste