pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/textproc/expat
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jan 31 17:39:43 UTC 2026
Modified Files:
pkgsrc/textproc/expat: Makefile distinfo
Log Message:
expat: update to 2.7.4.
Release 2.7.4 Sat January 31 2026
Security fixes:
#1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
failed to copy the encoding handler data passed to
XML_SetUnknownEncodingHandler from the parent to the new
subparser. This can cause a NULL dereference (CWE-476) from
external entities that declare use of an unknown encoding.
The expected impact is denial of service. It takes use of
both functions XML_ExternalEntityParserCreate and
XML_SetUnknownEncodingHandler for an application to be
vulnerable.
#1075 CVE-2026-25210 -- Add missing check for integer overflow
related to buffer size determination in function doContent
Bug fixes:
#1073 lib: Fix missing undoing of group size expansion in doProlog
failure cases
#1107 xmlwf: Fix a memory leak
#1104 WASI: Fix format specifiers for 32bit WASI SDK
Other changes:
#1105 lib: Fix strict aliasing
#1106 lib: Leverage feature "flexible array member" of C99
#1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX
#1109 lib|xmlwf: Return NULL instead of 0 for pointers
#1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC
#1112 lib: Remove unused import
#1110 xmlwf: Warn about XXE in --help output (and man page)
#1102 #1103 WASI: Stop using getpid
#1113 #1130 Autotools: Drop file expat.m4 that provided obsolete Autoconf
macro AM_WITH_EXPAT
#1123 Autotools: Limit -Wno-pedantic-ms-format to MinGW
#1129 #1134 ..
#1087 Autotools|macOS: Sync CMake templates with CMake 4.0
#1139 #1140 Autotools|CMake: Introduce off-by-default symbol versioning
The related build system flags are:
- For Autotools, configure with --enable-symbol-versioning
- For CMake, configure with -DEXPAT_SYMBOL_VERSIONING=ON
Please double-check for consequences before activating
this inside distro packaging. Bug reports welcome!
#1117 Autotools|CMake: Remove libbsd support
#1105 Autotools|CMake: Stop using -fno-strict-aliasing, and use
-Wstrict-aliasing=3 instead
#1124 Autotools|CMake: Prefer command gsed (GNU sed) over sed
(e.g. for Solaris) inside fix-xmltest-log.sh
#1067 CMake: Detect and warn about unusable check_c_compiler_flag
#1137 CMake: Drop support for CMake <3.17
#1138 CMake|Windows: Fix libexpat.def.cmake version comments
#1086 #1110 docs: Add warning about external reference handlers and XXE
#1066 docs: Be explicit that parent parsers need to outlive
subparsers
#1089 ..
#1090 #1091 ..
#1092 #1093 ..
#1094 #1098 ..
#1115 #1116 docs: Misc non-content improvements to doc/reference.html
#1132 #1133 Version info bumped from 12:1:11 (libexpat*.so.1.11.1)
to 12:2:11 (libexpat*.so.1.11.2); see https://verbump.de/
for what these numbers do
Infrastructure:
#1119 #1121 Document guidelines for contributing to Expat
#1120 Introduce a pull request template
#1074 CI: Stop using about-to-be-removed image "macos-13"
#1083 #1088 CI: Mitigate random Wine crashes
#1104 CI: Cover compilation with WASI SDK
#1116 CI: Enforce clean doc XML formatting
#1124 ..
#1135 #1136 CI: Cover Solaris 11.4
#1125 CI: Extend CI coverage of FreeBSD
#1139 #1140 CI: Cover symbol versioning
#1114 xmlwf: Reformat helpgen code (using Black 25.12.0)
#1071 .gitignore: Add files CPackConfig.cmake and
CPackSourceConfig.cmake
To generate a diff of this commit:
cvs rdiff -u -r1.61 -r1.62 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.55 -r1.56 pkgsrc/textproc/expat/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/textproc/expat/Makefile
diff -u pkgsrc/textproc/expat/Makefile:1.61 pkgsrc/textproc/expat/Makefile:1.62
--- pkgsrc/textproc/expat/Makefile:1.61 Thu Sep 25 07:03:33 2025
+++ pkgsrc/textproc/expat/Makefile Sat Jan 31 17:39:42 2026
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.61 2025/09/25 07:03:33 adam Exp $
+# $NetBSD: Makefile,v 1.62 2026/01/31 17:39:42 wiz Exp $
-DISTNAME= expat-2.7.3
+DISTNAME= expat-2.7.4
CATEGORIES= textproc
MASTER_SITES= ${MASTER_SITE_GITHUB:=libexpat/}
GITHUB_PROJECT= libexpat
Index: pkgsrc/textproc/expat/distinfo
diff -u pkgsrc/textproc/expat/distinfo:1.55 pkgsrc/textproc/expat/distinfo:1.56
--- pkgsrc/textproc/expat/distinfo:1.55 Thu Sep 25 07:03:33 2025
+++ pkgsrc/textproc/expat/distinfo Sat Jan 31 17:39:42 2026
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.55 2025/09/25 07:03:33 adam Exp $
+$NetBSD: distinfo,v 1.56 2026/01/31 17:39:42 wiz Exp $
-BLAKE2s (expat-2.7.3.tar.gz) = c92c4f8433c201577399c1b3151bbcf2c10e7ff790544f1890e1303ab52f78d0
-SHA512 (expat-2.7.3.tar.gz) = 274546c0755a7ad5db43a3b723274ba213482d68677ba3ff0f5ea1de63cdd66032214f6e8e167cc8482f7d056a31f3871c26329545d6565fee8661647e9877ce
-Size (expat-2.7.3.tar.gz) = 800387 bytes
+BLAKE2s (expat-2.7.4.tar.gz) = 27646dba84b1caf2c783051d7937bd00e1b8a8eb85c08f892bcfec8b60f4f8f2
+SHA512 (expat-2.7.4.tar.gz) = 3fa9d9092f85f585351ee3f9e46009e289faa1288401e59e93513e2661f70742dfc3daee8639d2db2d8dc8348c01846ad5040ad8baf56f964778b075c3296bdf
+Size (expat-2.7.4.tar.gz) = 804806 bytes
Home |
Main Index |
Thread Index |
Old Index