expat: CVE-2018-20843: XML input leads to high RAM
Crafted XML input leads to high RAM and CPU. Fix is provided by Centos RPMs: expat-2.1.0-12.el7.x86_64.rpm expat-devel-2.1.0-12.el7.x86_64.rpm Test: Build. Deploy AIO-SX. Run reproducer. Closes-Bug: 1902997 Change-Id: Ia56722d7c0c71e22139f2b1b8c4d5174b04414fc Signed-off-by: Michel Thebeau <Michel.Thebeau@windriver.com>
This commit is contained in:
parent
ca0368edc0
commit
cfe9e78c0b
@ -1,3 +1,5 @@
|
||||
# expat-2.1.0-12.el7.x86_64.rpm provided by mock
|
||||
expat-devel-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-devel-2.1.0-12.el7.x86_64.rpm
|
||||
# glib2-2.56.1-7.el7.x86_64.rpm provided by mock
|
||||
kernel-headers-4.18.0-147.3.1.el8_1.x86_64.rpm#http://mirror.centos.org/centos/8.1.1911/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-147.3.1.el8_1.x86_64.rpm
|
||||
libpng-1.5.13-8.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/libpng-1.5.13-8.el7.x86_64.rpm
|
||||
|
@ -40,8 +40,6 @@ device-mapper-multipath-libs-0.4.9-119.el7.x86_64.rpm
|
||||
device-mapper-persistent-data-0.7.3-3.el7.x86_64.rpm
|
||||
# diffutils-3.3-4.el7.x86_64.rpm provided by mock
|
||||
# dracut-033-554.el7.x86_64.rpm provided by mock
|
||||
# expat-2.1.0-11.el7.x86_64.rpm provided by mock
|
||||
expat-devel-2.1.0-11.el7.x86_64.rpm
|
||||
file-devel-5.11-35.el7.x86_64.rpm
|
||||
# filesystem-3.2-25.el7.x86_64.rpm provided by mock
|
||||
# findutils-4.5.11-6.el7.x86_64.rpm provided by mock
|
||||
|
@ -1,3 +1,5 @@
|
||||
# expat-2.1.0-12.el7.x86_64.rpm provided by mock
|
||||
expat-devel-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-devel-2.1.0-12.el7.x86_64.rpm
|
||||
# glib2-2.56.1-7.el7.x86_64.rpm provided by mock
|
||||
glib2-devel-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-devel-2.56.1-7.el7.x86_64.rpm
|
||||
glib2-doc-2.56.1-7.el7.noarch.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-doc-2.56.1-7.el7.noarch.rpm
|
||||
|
@ -186,8 +186,6 @@ erlang-stdlib-18.3.4.4-2.el7.x86_64.rpm
|
||||
erlang-syntax_tools-18.3.4.4-2.el7.x86_64.rpm
|
||||
erlang-tools-18.3.4.4-2.el7.x86_64.rpm
|
||||
erlang-xmerl-18.3.4.4-2.el7.x86_64.rpm
|
||||
# expat-2.1.0-11.el7.x86_64.rpm provided by mock
|
||||
expat-devel-2.1.0-11.el7.x86_64.rpm
|
||||
expect-5.45-14.el7_1.x86_64.rpm
|
||||
# file-5.11-35.el7.x86_64.rpm provided by mock
|
||||
# file-libs-5.11-35.el7.x86_64.rpm provided by mock
|
||||
|
@ -1,4 +1,5 @@
|
||||
ansible-2.7.5-1.el7.ans.noarch.rpm#https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.7.5-1.el7.ans.noarch.rpm
|
||||
# expat-2.1.0-12.el7.x86_64.rpm provided by mock
|
||||
# glib2-2.56.1-7.el7.x86_64.rpm provided by mock
|
||||
glib2-devel-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-devel-2.56.1-7.el7.x86_64.rpm
|
||||
influxdb-0.9.5.1-1.x86_64.rpm#https://s3.amazonaws.com/influxdb/influxdb-0.9.5.1-1.x86_64.rpm
|
||||
|
@ -173,7 +173,6 @@ erlang-xmerl-18.3.4.4-2.el7.x86_64.rpm
|
||||
ethtool-4.8-9.el7.x86_64.rpm
|
||||
eventlog-0.2.13-4.el7.x86_64.rpm
|
||||
eventlog-devel-0.2.13-4.el7.x86_64.rpm
|
||||
# expat-2.1.0-11.el7.x86_64.rpm provided by mock
|
||||
expect-5.45-14.el7_1.x86_64.rpm
|
||||
fcgi-2.4.0-25.el7.x86_64.rpm
|
||||
fcgi-devel-2.4.0-25.el7.x86_64.rpm
|
||||
|
@ -1 +1,2 @@
|
||||
expat-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-2.1.0-12.el7.x86_64.rpm
|
||||
glib2-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-2.56.1-7.el7.x86_64.rpm
|
||||
|
@ -25,7 +25,6 @@ dracut-033-554.el7.x86_64.rpm
|
||||
dwz-0.11-3.el7.x86_64.rpm
|
||||
epel-release-7-11.noarch.rpm
|
||||
epel-rpm-macros-7-21.noarch.rpm
|
||||
expat-2.1.0-11.el7.x86_64.rpm
|
||||
file-5.11-35.el7.x86_64.rpm
|
||||
file-libs-5.11-35.el7.x86_64.rpm
|
||||
filesystem-3.2-25.el7.x86_64.rpm
|
||||
|
Loading…
Reference in New Issue
Block a user