Debian Patches

Status for tinyxml/2.6.2-6.1

Patch Description Author Forwarded Bugs Origin Last update
enforce-use-stl.patch TinyXml is built with TIXML_USE_STL, so we have to enforce it when the library is used.

diff -Nur tinyxml-2.5.3/tinyxml.h tinyxml-2.5.3.patch/tinyxml.h
Felix Geyer <> no
entity-encoding.patch TinyXML incorrectly encodes text element containing an ampersand followed by either x or #.
diff -u -r1.105 tinyxml.cpp
CVE-2021-42260.patch In stamp always advance the pointer if *p= 0xef .
The current implementation only advanced if 0xef is followed
by two non-zero bytes. In case of malformed input (0xef should be
the start byte of a three byte character) this leads to an infinite
loop. (CVE-2021-42260)
no debian
CVE-2023-34194.patch Avoid reachable assertion via crafted XML document with a '\0' located after whitespace Guilhem Moulin <> yes debian upstream 2023-12-30

All known versions for source package 'tinyxml'