[OE-core][kirkstone][PATCH] libxml2: mark patch as fixing CVE-2025-27113

Fri, 28 Feb 2025 09:18:07 -0800 

 From: Peter Marko <peter.ma...@siemens.com>

This vulnerability has now a CVE assigned.

Signed-off-by: Peter Marko <peter.ma...@siemens.com>
---
 ...lation-of-explicit-child-axis.patch => CVE-2025-27113.patch} | 1 +
 meta/recipes-core/libxml/libxml2_2.9.14.bb                      | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 rename 
meta/recipes-core/libxml/libxml2/{0001-pattern-Fix-compilation-of-explicit-child-axis.patch
 => CVE-2025-27113.patch} (98%)

diff --git 
a/meta/recipes-core/libxml/libxml2/0001-pattern-Fix-compilation-of-explicit-child-axis.patch
 b/meta/recipes-core/libxml/libxml2/CVE-2025-27113.patch
similarity index 98%
rename from 
meta/recipes-core/libxml/libxml2/0001-pattern-Fix-compilation-of-explicit-child-axis.patch
rename to meta/recipes-core/libxml/libxml2/CVE-2025-27113.patch
index 932c0ec422..92713375eb 100644
--- 
a/meta/recipes-core/libxml/libxml2/0001-pattern-Fix-compilation-of-explicit-child-axis.patch
+++ b/meta/recipes-core/libxml/libxml2/CVE-2025-27113.patch
@@ -6,6 +6,7 @@ Subject: [PATCH] pattern: Fix compilation of explicit child axis
 The child axis is the default axis and should generate XML_OP_ELEM like
 the case without an axis.
 
+CVE: CVE-2025-27113
 Upstream-Status: Backport 
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/503f788e84f1c1f1d769c2c7258d77faee94b5a3]
 Signed-off-by: Peter Marko <peter.ma...@siemens.com>
 ---
diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb 
b/meta/recipes-core/libxml/libxml2_2.9.14.bb
index 8f1d882505..1cbd620b34 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -34,7 +34,7 @@ SRC_URI += 
"http://www.w3.org/XML/Test/xmlts20080827.tar;subdir=${BP};name=testt
            file://CVE-2024-25062.patch \
            file://CVE-2024-34459.patch \
            file://CVE-2022-49043.patch \
-           file://0001-pattern-Fix-compilation-of-explicit-child-axis.patch \
+           file://CVE-2025-27113.patch \
            file://CVE-2024-56171.patch \
            file://CVE-2025-24928.patch \
            "

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#212072): 
https://lists.openembedded.org/g/openembedded-core/message/212072
Mute This Topic: https://lists.openembedded.org/mt/111438140/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to