From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4cXgXR70z7z2y5k for ; Thu, 25 Sep 2025 17:23:03 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R13" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4cXgXN3qMmz2xSN for ; Thu, 25 Sep 2025 17:23:00 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4cXgXM1bxmz1Hn; Thu, 25 Sep 2025 17:22:59 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1758820979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=r0/9Aq6WMkM6H38RyNdkVkcrqIFyRr5nBa4mNKESVgI=; b=+SHPJD4VXTDdfzVRJA0GTAOH9XliyMAYq0Qy3CIkKOClS9O3/iDVOi0gNa1wVOYSGUf8Ml LGB2mieL/TgFS9Cg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1758820979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=r0/9Aq6WMkM6H38RyNdkVkcrqIFyRr5nBa4mNKESVgI=; b=MF8CbL1SsouXFtVmxXACJX7Q936gEskYJNNYJea4utQheBC5MX8eZgmEtTxkA0P3hetN/L IM6snATlxA+GdLVRDvZMVW+E6Gb3ipxdgULveHsHXeUOMfPtQqqQ0OSkIJwYkzx1c0rH5x GbowXSHJ0koa3S8pLRY+JfcMdF+USMZ61UalFEWq8THJVCuaX9Xm+wZv9BqrrF7ulyi4yn MPBl82DV7Xncl5UnZ11+ZQx2ZQX1w8p8ePpNrnyRIy4KwRtNctEyt+rADUBejCGXu/2zwA f/qeErrrf7z8PCfZvS4YjOVxyr/ysCZmkdbJtpg5IoYznfxKJaMDrBOSNYF/vg== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH 1/2] expat: Update to version 2.7.3 Date: Thu, 25 Sep 2025 19:22:53 +0200 Message-ID: <20250925172255.3408998-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit - Update from version 2.7.2 to 2.7.3 - Update of rootfile - Changelog 2.7.3 Security fixes: Fix alignment of internal allocations for some non-amd64 architectures (e.g. sparc32); fixes up on the fix to CVE-2025-59375 from #1034 (of Expat 2.7.2 and related backports) Fix a class of false positives where input should have been rejected with error XML_ERROR_ASYNC_ENTITY; regression from CVE-2024-8176 fix pull request #973 (of Expat 2.7.0 and related backports). Please check the added unit tests for example documents. Other changes: Prove and regression-proof absence of integer overflow from function expat_realloc Remove "harmless" cast that truncated a size_t to unsigned Autotools: Remove "ln -s" discovery docs: Be consistent with use of floating point around XML_SetAllocTrackerMaximumAmplification docs: Make it explicit that XML_GetCurrentColumnNumber starts at 0 docs: Better integrate the effect of the activation thresholds docs: Fix an in-comment typo in expat.h docs: Fix a typo in README.md docs: Improve change log of release 2.7.2 xmlwf: Resolve use of functions XML_GetErrorLineNumber and XML_GetErrorColumnNumber Windows: Normalize .bat files to CRLF line endings Version info bumped from 12:0:11 (libexpat*.so.1.11.0) to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/ for what these numbers do Infrastructure: CI: Cleanup UndefinedBehaviorSanitizer fatality CI|Linux: Stop aborting at first job failure CI|FreeBSD: Upgrade to FreeBSD 15.0 CI|FreeBSD: Do not install CMake meta-package Signed-off-by: Adolf Belka --- config/rootfiles/common/expat | 20 ++++++++++---------- lfs/expat | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 1ef7450df..000261ca9 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,21 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake/expat-2.7.2 -#usr/lib/cmake/expat-2.7.2/expat-config-version.cmake -#usr/lib/cmake/expat-2.7.2/expat-config.cmake -#usr/lib/cmake/expat-2.7.2/expat-noconfig.cmake -#usr/lib/cmake/expat-2.7.2/expat.cmake +#usr/lib/cmake/expat-2.7.3 +#usr/lib/cmake/expat-2.7.3/expat-config-version.cmake +#usr/lib/cmake/expat-2.7.3/expat-config.cmake +#usr/lib/cmake/expat-2.7.3/expat-noconfig.cmake +#usr/lib/cmake/expat-2.7.3/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.11.0 +usr/lib/libexpat.so.1.11.1 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.7.2 -#usr/share/doc/expat-2.7.2/ok.min.css -#usr/share/doc/expat-2.7.2/reference.html -#usr/share/doc/expat-2.7.2/style.css +#usr/share/doc/expat-2.7.3 +#usr/share/doc/expat-2.7.3/ok.min.css +#usr/share/doc/expat-2.7.3/reference.html +#usr/share/doc/expat-2.7.3/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/lfs/expat b/lfs/expat index 77fd84bfc..c61a4e5bc 100644 --- a/lfs/expat +++ b/lfs/expat @@ -24,7 +24,7 @@ include Config -VER = 2.7.2 +VER = 2.7.3 THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 35525274817dab4d6ae8698f5f83978e633a6e4afe7cf3b126c87d5aba4b64bcb9d26ec3e4a39b1ea82a7430e290950595bfa4150266ef3806026b423a870e33 +$(DL_FILE)_BLAKE2 = 26d4c9cb2c9b2a5b9ca9a86e9ea754e832f397bdb8ef266587b146591ff1358b2f439153f2eadb584180be6aee85050f19987565bbedf215993061ce5c85c5c9 install : $(TARGET) -- 2.51.0