Skip to content

Commit

Permalink
expat: Update to version 2.6.3
Browse files Browse the repository at this point in the history 
- Update from version 2.6.2 to 2.6.3
- Update of rootfile
- 3 CVE Fixes in this release.
- Changelog
    2.6.3
	Security fixes:
	       #887 #890  CVE-2024-45490 -- Calling function XML_ParseBuffer with
	                    len < 0 without noticing and then calling XML_GetBuffer
	                    will have XML_ParseBuffer fail to recognize the problem
	                    and XML_GetBuffer corrupt memory.
	                    With the fix, XML_ParseBuffer now complains with error
	                    XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
	                    has been doing since Expat 2.2.1, and now documented.
	                    Impact is denial of service to potentially artitrary code
	                    execution.
	       #888 #891  CVE-2024-45491 -- Internal function dtdCopy can have an
	                    integer overflow for nDefaultAtts on 32-bit platforms
	                    (where UINT_MAX equals SIZE_MAX).
	                    Impact is denial of service to potentially artitrary code
	                    execution.
	       #889 #892  CVE-2024-45492 -- Internal function nextScaffoldPart can
	                    have an integer overflow for m_groupSize on 32-bit
	                    platforms (where UINT_MAX equals SIZE_MAX).
	                    Impact is denial of service to potentially artitrary code
	                    execution.
	Other changes:
	       #851 #879  Autotools: Sync CMake templates with CMake 3.28
	            #853  Autotools: Always provide path to find(1) for portability
	            #861  Autotools: Ensure that the m4 directory always exists.
	            #870  Autotools: Simplify handling of SIZEOF_VOID_P
	            #869  Autotools: Support non-GNU sed
	            #856  Autotools|CMake: Fix main() to main(void)
	            #865  Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
	            #863  Autotools|CMake: Stop requiring dos2unix
	       #854 #855  CMake: Fix check for symbols size_t and off_t
	            #864  docs|tests: Convert README to Markdown and update
	            #741  Windows: Drop support for Visual Studio <=15.0/2017
	            #886  Drop needless XML_DTD guards around is_param access
	            #885  Fix typo in a code comment
	       #894 #896  Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
	                    to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
	                    for what these numbers do
	Infrastructure:
	            #880  Readme: Promote the call for help
	            #868  CI: Fix various issues
	            #849  CI: Allow triggering GitHub Actions workflows manually
	    #851 #872 ..
	       #873 #879  CI: Adapt to breaking changes in GitHub Actions

Signed-off-by: Adolf Belka <[email protected]>
Signed-off-by: Michael Tremer <[email protected]>
  • Loading branch information
@mtremer
Adolf Belka authored and mtremer committed Sep 5, 2024
1 parent f91d2f4 commit dbaba25
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 13 deletions.
21 changes: 10 additions & 11 deletions config/rootfiles/common/expat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,22 +2,21 @@
#usr/include/expat.h
#usr/include/expat_config.h
#usr/include/expat_external.h
#usr/lib/cmake
#usr/lib/cmake/expat-2.6.2
#usr/lib/cmake/expat-2.6.2/expat-config-version.cmake
#usr/lib/cmake/expat-2.6.2/expat-config.cmake
#usr/lib/cmake/expat-2.6.2/expat-noconfig.cmake
#usr/lib/cmake/expat-2.6.2/expat.cmake
#usr/lib/cmake/expat-2.6.3
#usr/lib/cmake/expat-2.6.3/expat-config-version.cmake
#usr/lib/cmake/expat-2.6.3/expat-config.cmake
#usr/lib/cmake/expat-2.6.3/expat-noconfig.cmake
#usr/lib/cmake/expat-2.6.3/expat.cmake
#usr/lib/libexpat.la
#usr/lib/libexpat.so
usr/lib/libexpat.so.1
usr/lib/libexpat.so.1.9.2
usr/lib/libexpat.so.1.9.3
#usr/lib/pkgconfig/expat.pc
#usr/share/doc/expat
#usr/share/doc/expat-2.6.2
#usr/share/doc/expat-2.6.2/ok.min.css
#usr/share/doc/expat-2.6.2/reference.html
#usr/share/doc/expat-2.6.2/style.css
#usr/share/doc/expat-2.6.3
#usr/share/doc/expat-2.6.3/ok.min.css
#usr/share/doc/expat-2.6.3/reference.html
#usr/share/doc/expat-2.6.3/style.css
#usr/share/doc/expat/AUTHORS
#usr/share/doc/expat/changelog
#usr/share/man/man1/xmlwf.1
4 changes: 2 additions & 2 deletions lfs/expat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@

include Config

VER = 2.6.2
VER = 2.6.3

THISAPP = expat-$(VER)
DL_FILE = $(THISAPP).tar.xz
Expand All @@ -40,7 +40,7 @@ objects = $(DL_FILE)

$(DL_FILE) = $(DL_FROM)/$(DL_FILE)

$(DL_FILE)_BLAKE2 = aae019270e1ab233fe8480b7eaa77f648f23ef3383dc772dc946cb13163067431716dc5446862eb502315fd089f2f52f3d476589b74a97e462575cd54df44db4
$(DL_FILE)_BLAKE2 = b8e0a0e779f0f136eaca91115cbbcf5a5cca457cab1cca6f8d6141151d19f8ef2dccb41b0e9134459c1e7d99cb2e0b4ce3922d2bd9221002ec43fe9d53a0084a

install : $(TARGET)

Expand Down

0 comments on commit dbaba25

Please sign in to comment.