]> git.ipfire.org Git - people/stevee/ipfire-2.x.git/commit
projects / people / stevee / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9ea9c53) | patch
expat: Update to version 2.7.0
authorAdolf Belka <adolf.belka@ipfire.org>
Sat, 15 Mar 2025 12:29:26 +0000 (13:29 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 17 Mar 2025 10:24:15 +0000 (10:24 +0000)
commite02a2170e245fe5c8d01a5d93a11295278a03698
tree59f9d823c1c79b1c14fe3407d3ab90624f813550tree
parent9ea9c5354824324fd31be12873c2eb7287d39feacommit | diff
expat: Update to version 2.7.0

- Update from version 2.6.4 to 2.7.0
- Update of rootfile
- Fix for CVE-2024-8176
- Changelog
    2.7.0
        Security fixes:
       #893 #973  CVE-2024-8176 -- Fix crash from chaining a large number
                    of entities caused by stack overflow by resolving use of
                    recursion, for all three uses of entities:
                    - general entities in character data ("<e>&g1;</e>")
                    - general entities in attribute values ("<e k1='&g1;'/>")
                    - parameter entities ("%p1;")
                    Known impact is (reliable and easy) denial of service:
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
                    (Base Score: 7.5, Temporal Score: 7.2)
                    Please note that a layer of compression around XML can
                    significantly reduce the minimum attack payload size.
        Other changes:
       #935 #937  Autotools: Make generated CMake files look for
                    libexpat.@SO_MAJOR@.dylib on macOS
       #925  Autotools: Sync CMake templates with CMake 3.29
       #945 #962 #966  CMake: Drop support for CMake <3.13
               #942  CMake: Small fuzzing related improvements
               #921  docs: Add missing documentation of error code
                    XML_ERROR_NOT_STARTED that was introduced with 2.6.4
               #941  docs: Document need for C++11 compiler for use from C++
               #959  tests/benchmark: Fix a (harmless) TOCTTOU
               #944  Windows: Fix installer target location of file xmlwf.xml
                    for CMake
               #953  Windows: Address warning -Wunknown-warning-option
                    about -Wno-pedantic-ms-format from LLVM MinGW
               #971  Address Cppcheck warnings
               #969 #970  Mass-migrate links from http:// to https://
               #947 #958 ..
               #974 #975  Document changes since the previous release
               #974 #975  Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
                    to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
                    for what these numbers do
        Infrastructure:
               #926  tests: Increase robustness
               #927 #932 ..
               #930 #933  tests: Increase test coverage
               #617 #950 ..
               #951 #952 ..
               #954 #955 ..  Fuzzing: Add new fuzzer "xml_lpm_fuzzer" based on
               #961    Google's libprotobuf-mutator ("LPM")
               #957  Fuzzing|CI: Start producing fuzzing code coverage reports
               #936  CI: Pass -q -q for LCOV >=2.1 in coverage.sh
               #942  CI: Small fuzzing related improvements
               #139 #203 ..
               #791 #946  CI: Make GitHub Actions build using MSVC on Windows and
                      produce 32bit and 64bit Windows binaries
               #956  CI: Get off of about-to-be-removed Ubuntu 20.04
               #960 #964  CI: Start uploading to Coverity Scan for static analysis
               #972  CI: Stop loading DTD from the internet to address flaky CI
               #971  CI: Adapt to breaking changes in Cppcheck

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/rootfiles/common/expat diff | blob | blame | history
lfs/expat diff | blob | blame | history
Stefan's tree of IPFire 2.x.