From: Adolf Belka Date: Wed, 18 Mar 2026 14:14:01 +0000 (+0100) Subject: expat: Update to version 2.7.5 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=8245da6089292c1ae567a04bfa08cb5f0f4a63e8;p=ipfire-2.x.git expat: Update to version 2.7.5 - Update from version 2.7.4 to 2.7.5 - Update of rootfile - 3 CVE fixes applied. - Changelog 2.7.5 Security fixes: #1158 CVE-2026-32776 -- Fix NULL function pointer dereference for empty external parameter entities; it takes use of both functions XML_ExternalEntityParserCreate and XML_SetParamEntityParsing for an application to be vulnerable. #1161 #1162 CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START infinite loop in function entityValueProcessor; it takes use of both functions XML_ExternalEntityParserCreate and XML_SetParamEntityParsing for an application to be vulnerable. #1163 CVE-2026-32778 -- Fix NULL dereference in function setContext on retry after an earlier ouf-of-memory condition; it takes use of function XML_ParserCreateNS or XML_ParserCreate_MM for an application to be vulnerable. #1160 Three more unfixed vulnerabilities left Other changes: #1146 #1147 Autotools: Fix condition for symbol versioning check, in particular when compiling with slibtool (not libtool) #1156 Address Cppcheck >=2.20.0 warnings #1153 tests: Make test_buffer_can_grow_to_max work for MinGW on Ubuntu 24.04 #1157 #1159 Version info bumped from 12:2:11 (libexpat*.so.1.11.2) to 12:3:11 (libexpat*.so.1.11.3); see https://verbump.de/ for what these numbers do Infrastructure: #1148 CI: Fix FreeBSD and Solaris CI #1149 CI: Bump to WASI SDK 30 #1153 CI: Adapt to breaking changes with Ubuntu 22.04 #1156 CI: Adapt to breaking changes in Cppcheck Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer --- diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 0088ac732..93b23090b 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,21 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake/expat-2.7.4 -#usr/lib/cmake/expat-2.7.4/expat-config-version.cmake -#usr/lib/cmake/expat-2.7.4/expat-config.cmake -#usr/lib/cmake/expat-2.7.4/expat-noconfig.cmake -#usr/lib/cmake/expat-2.7.4/expat.cmake +#usr/lib/cmake/expat-2.7.5 +#usr/lib/cmake/expat-2.7.5/expat-config-version.cmake +#usr/lib/cmake/expat-2.7.5/expat-config.cmake +#usr/lib/cmake/expat-2.7.5/expat-noconfig.cmake +#usr/lib/cmake/expat-2.7.5/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.11.2 +usr/lib/libexpat.so.1.11.3 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.7.4 -#usr/share/doc/expat-2.7.4/ok.min.css -#usr/share/doc/expat-2.7.4/reference.html -#usr/share/doc/expat-2.7.4/style.css +#usr/share/doc/expat-2.7.5 +#usr/share/doc/expat-2.7.5/ok.min.css +#usr/share/doc/expat-2.7.5/reference.html +#usr/share/doc/expat-2.7.5/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/lfs/expat b/lfs/expat index f0803961d..3f00072bd 100644 --- a/lfs/expat +++ b/lfs/expat @@ -24,7 +24,7 @@ include Config -VER = 2.7.4 +VER = 2.7.5 THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 167518530b3e88f7ecb6aecc5eb54a41a740f7184732dd72fafe9bfdcda0b94c537331543744b8b0eaf918d5f0b82dbe311ee4192a592b74e5d65dc577ed8f6a +$(DL_FILE)_BLAKE2 = 97adfd7cb056066e3a3ec9ef1808d298bc935eb0d17ffca23bcf75810290c8ed8377b21d67b2e1b4a27773057f49f95da9a8f2e368d02d266c980bebbeb1b009 install : $(TARGET)