starlingx
/
tools
Code Issues Proposed changes
tools/centos-mirror-tools
History
Michel Thebeau cfe9e78c0b expat: CVE-2018-20843: XML input leads to high RAM 
Crafted XML input leads to high RAM and CPU.

Fix is provided by Centos RPMs:
expat-2.1.0-12.el7.x86_64.rpm
expat-devel-2.1.0-12.el7.x86_64.rpm

Test:
Build. Deploy AIO-SX. Run reproducer.

Closes-Bug: 1902997
Change-Id: Ia56722d7c0c71e22139f2b1b8c4d5174b04414fc
Signed-off-by: Michel Thebeau <Michel.Thebeau@windriver.com>
 		2020-11-27 13:36:12 -05:00
..
config/centos expat: CVE-2018-20843: XML input leads to high RAM 2020-11-27 13:36:12 -05:00
rpm-gpg-keys Add EPEL 8 repos in support of CentOS 8 2020-05-29 04:24:57 +00:00
stx_mirror_scripts Auto update CENGN yum.repos.d 2019-03-22 12:07:08 -04:00
yum.repos.d centos-mirror-tools: add CentOS 7.8 repo 2020-06-10 16:31:06 -04:00
dl_lower_layer_rpms.sh Fixes for fast layer download 2020-04-15 00:34:44 -04:00
dl_other_from_centos_repo.sh Build layering, script and lst update 2020-02-10 10:45:40 -05:00
dl_rpms.sh Fast download of lower layer rpms 2020-04-14 16:14:01 -04:00
dl_rpms_from_url.sh Build layering, script and lst update 2020-02-10 10:45:40 -05:00
dl_tarball.sh Upversion Mellanox driver to ver 5.0 2020-07-21 18:33:59 -04:00
download_mirror.sh download_mirror: fix failure with custom yum.conf 2020-05-01 14:01:32 -07:00
make_stx_mirror_yum_conf.sh Build layering, script and lst update 2020-02-10 10:45:40 -05:00
mirror-check.sh Add notices on Intel authored files. 2019-03-20 10:21:32 -06:00
show_imported_rpm_gpg_keys.sh Add build tools 2018-06-08 17:01:43 -05:00
starlingx_add_pkgs.sh Fix starlingx_add_pkgs.sh for use in a layered environment. 2020-04-28 11:29:18 -04:00
url_utils.sh Auto update CENGN yum.repos.d 2019-03-22 12:07:08 -04:00
utils.sh Fast download of lower layer rpms 2020-04-14 16:14:01 -04:00
utils_tests.sh Add notices on Intel authored files. 2019-03-20 10:21:32 -06:00
yum.conf.sample download_mirror.sh fails with 404 errors 2019-03-13 14:32:03 +00:00