From: Adolf Belka Date: Sat, 31 Jan 2026 20:40:13 +0000 (+0100) Subject: expat: Update to version 2.7.4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=adf2409b7a43d1e9083e2d90d33bd0a3404173f8;p=ipfire-2.x.git expat: Update to version 2.7.4 - Update from version 2.7.3 to 2.7.4 - Update of rootfile - 2 CVE fixes are in this release. - Changelog 2.7.4 Security fixes: #1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate failed to copy the encoding handler data passed to XML_SetUnknownEncodingHandler from the parent to the new subparser. This can cause a NULL dereference (CWE-476) from external entities that declare use of an unknown encoding. The expected impact is denial of service. It takes use of both functions XML_ExternalEntityParserCreate and XML_SetUnknownEncodingHandler for an application to be vulnerable. #1075 CVE-2026-25210 -- Add missing check for integer overflow related to buffer size determination in function doContent Bug fixes: #1073 lib: Fix missing undoing of group size expansion in doProlog failure cases #1107 xmlwf: Fix a memory leak #1104 WASI: Fix format specifiers for 32bit WASI SDK Other changes: #1105 lib: Fix strict aliasing #1106 lib: Leverage feature "flexible array member" of C99 #1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX #1109 lib|xmlwf: Return NULL instead of 0 for pointers #1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC #1112 lib: Remove unused import #1110 xmlwf: Warn about XXE in --help output (and man page) #1102 #1103 WASI: Stop using getpid #1113 #1130 Autotools: Drop file expat.m4 that provided obsolete Autoconf macro AM_WITH_EXPAT #1123 Autotools: Limit -Wno-pedantic-ms-format to MinGW #1129 #1134 .. #1087 Autotools|macOS: Sync CMake templates with CMake 4.0 #1139 #1140 Autotools|CMake: Introduce off-by-default symbol versioning The related build system flags are: - For Autotools, configure with --enable-symbol-versioning - For CMake, configure with -DEXPAT_SYMBOL_VERSIONING=ON Please double-check for consequences before activating this inside distro packaging. Bug reports welcome! #1117 Autotools|CMake: Remove libbsd support #1105 Autotools|CMake: Stop using -fno-strict-aliasing, and use -Wstrict-aliasing=3 instead #1124 Autotools|CMake: Prefer command gsed (GNU sed) over sed (e.g. for Solaris) inside fix-xmltest-log.sh #1067 CMake: Detect and warn about unusable check_c_compiler_flag #1137 CMake: Drop support for CMake <3.17 #1138 CMake|Windows: Fix libexpat.def.cmake version comments #1086 #1110 docs: Add warning about external reference handlers and XXE #1066 docs: Be explicit that parent parsers need to outlive subparsers #1089 .. #1090 #1091 .. #1092 #1093 .. #1094 #1098 .. #1115 #1116 docs: Misc non-content improvements to doc/reference.html #1132 #1133 Version info bumped from 12:1:11 (libexpat*.so.1.11.1) to 12:2:11 (libexpat*.so.1.11.2); see https://verbump.de/ for what these numbers do Infrastructure: #1119 #1121 Document guidelines for contributing to Expat #1120 Introduce a pull request template #1074 CI: Stop using about-to-be-removed image "macos-13" #1083 #1088 CI: Mitigate random Wine crashes #1104 CI: Cover compilation with WASI SDK #1116 CI: Enforce clean doc XML formatting #1124 .. #1135 #1136 CI: Cover Solaris 11.4 #1125 CI: Extend CI coverage of FreeBSD #1139 #1140 CI: Cover symbol versioning #1114 xmlwf: Reformat helpgen code (using Black 25.12.0) #1071 .gitignore: Add files CPackConfig.cmake and CPackSourceConfig.cmake Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer --- diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 000261ca9..0088ac732 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,21 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake/expat-2.7.3 -#usr/lib/cmake/expat-2.7.3/expat-config-version.cmake -#usr/lib/cmake/expat-2.7.3/expat-config.cmake -#usr/lib/cmake/expat-2.7.3/expat-noconfig.cmake -#usr/lib/cmake/expat-2.7.3/expat.cmake +#usr/lib/cmake/expat-2.7.4 +#usr/lib/cmake/expat-2.7.4/expat-config-version.cmake +#usr/lib/cmake/expat-2.7.4/expat-config.cmake +#usr/lib/cmake/expat-2.7.4/expat-noconfig.cmake +#usr/lib/cmake/expat-2.7.4/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.11.1 +usr/lib/libexpat.so.1.11.2 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.7.3 -#usr/share/doc/expat-2.7.3/ok.min.css -#usr/share/doc/expat-2.7.3/reference.html -#usr/share/doc/expat-2.7.3/style.css +#usr/share/doc/expat-2.7.4 +#usr/share/doc/expat-2.7.4/ok.min.css +#usr/share/doc/expat-2.7.4/reference.html +#usr/share/doc/expat-2.7.4/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/lfs/expat b/lfs/expat index c61a4e5bc..f0803961d 100644 --- a/lfs/expat +++ b/lfs/expat @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2025 IPFire Team # +# Copyright (C) 2007-2026 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.7.3 +VER = 2.7.4 THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 26d4c9cb2c9b2a5b9ca9a86e9ea754e832f397bdb8ef266587b146591ff1358b2f439153f2eadb584180be6aee85050f19987565bbedf215993061ce5c85c5c9 +$(DL_FILE)_BLAKE2 = 167518530b3e88f7ecb6aecc5eb54a41a740f7184732dd72fafe9bfdcda0b94c537331543744b8b0eaf918d5f0b82dbe311ee4192a592b74e5d65dc577ed8f6a install : $(TARGET)