Add CVE-2015-1283 patch for fixing integer overflow bug in expat.
Details are at below link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
Patch comes from:
https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c
https://codereview.chromium.org/1224303003
Signed-off-by: Zhix
On 24 December 2015 at 02:59, Zhixiong Chi
wrote:
> +++ b/meta/recipes-core/expat/expat-2.1.0/expat-CVE-2015-1283.patch
> @@ -0,0 +1,58 @@
> +Multiple integer overflows in the XML_GetBuffer function in Expat
> +through 2.1.0, allow remote attackers to cause a denial of service
> +(heap-based buff
