expat: upgrade to 2.7.2

Primarily to fix CVE-2025-59375 (Disallow use of disproportional amounts
of dynamic memory from within an Expat parser) but the full list of
changes are available:

https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes

(From OE-Core rev: fbe5f76ba6af0983cd90a05d4077e453e2ebb475)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

diff --git a/meta/recipes-core/expat/expat_2.7.1.bb b/meta/recipes-core/expat/expat_2.7.2.bb
similarity index 92%
rename from meta/recipes-core/expat/expat_2.7.1.bb
rename to meta/recipes-core/expat/expat_2.7.2.bb
index 2da153292213c9fc352f5eed7eea5762cc5d466a..952235d7a04ff2a9cdaa483d3c0d3c11e54de1f8 100644 (file)
--- a/meta/recipes-core/expat/expat_2.7.1.bb
+++ b/meta/recipes-core/expat/expat_2.7.2.bb
@@ -15,7 +15,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2  \
 GITHUB_BASE_URI = "https://github.com/libexpat/libexpat/releases/"
 UPSTREAM_CHECK_REGEX = "releases/tag/R_(?P<pver>.+)"
 
-SRC_URI[sha256sum] = "45c98ae1e9b5127325d25186cf8c511fa814078e9efeae7987a574b482b79b3d"
+SRC_URI[sha256sum] = "976f6c2d358953c22398d64cd93790ba5abc62e02a1bbc204a3a264adea149b8"
 
 EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF"