pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2022Q3]: pkgsrc/textproc/expat Pullup ticket #6696 - requested...
details: https://anonhg.NetBSD.org/pkgsrc/rev/3afc14c36e0a
branches: pkgsrc-2022Q3
changeset: 388918:3afc14c36e0a
user: spz <spz%pkgsrc.org@localhost>
date: Sat Nov 26 17:01:44 2022 +0000
description:
Pullup ticket #6696 - requested by bsiegert
textproc/expat: security update
Revisions pulled up:
- textproc/expat/Makefile 1.54
- textproc/expat/distinfo 1.47
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 26 10:37:47 UTC 2022
Modified Files:
pkgsrc/textproc/expat: Makefile distinfo
Log Message:
expat: update to 2.5.0.
Release 2.5.0 Tue October 25 2022
Security fixes:
#616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager
destruction of a shared DTD in function
XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially
arbitrary code execution.
Bug fixes:
#612 #645 Fix curruption from undefined entities
#613 #654 Fix case when parsing was suspended while processing nested
entities
#616 #652 #653 Stop leaking opening tag bindings after a closing tag
mismatch error where a parser is reset through
XML_ParserReset and then reused to parse
#656 CMake: Fix generation of pkg-config file
#658 MinGW|CMake: Fix static library name
Other changes:
#663 Protect header expat_config.h from multiple inclusion
#666 examples: Make use of XML_GetBuffer and be more
consistent across examples
#648 Address compiler warnings
#667 #668 Version info bumped from 9:9:8 to 9:10:8;
see https://verbump.de/ for what these numbers do
Special thanks to:
Jann Horn
Mark Brand
Osyotr
Rhodri James
and
Google Project Zero
To generate a diff of this commit:
cvs rdiff -u -r1.53 -r1.54 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.46 -r1.47 pkgsrc/textproc/expat/distinfo
diffstat:
textproc/expat/Makefile | 4 ++--
textproc/expat/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diffs (25 lines):
diff -r 87675459b8cb -r 3afc14c36e0a textproc/expat/Makefile
--- a/textproc/expat/Makefile Wed Nov 16 19:14:56 2022 +0000
+++ b/textproc/expat/Makefile Sat Nov 26 17:01:44 2022 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.53 2022/09/21 10:52:51 wiz Exp $
+# $NetBSD: Makefile,v 1.53.2.1 2022/11/26 17:01:44 spz Exp $
-DISTNAME= expat-2.4.9
+DISTNAME= expat-2.5.0
CATEGORIES= textproc
MASTER_SITES= ${MASTER_SITE_GITHUB:=libexpat/}
GITHUB_PROJECT= libexpat
diff -r 87675459b8cb -r 3afc14c36e0a textproc/expat/distinfo
--- a/textproc/expat/distinfo Wed Nov 16 19:14:56 2022 +0000
+++ b/textproc/expat/distinfo Sat Nov 26 17:01:44 2022 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.46 2022/09/21 10:52:51 wiz Exp $
+$NetBSD: distinfo,v 1.46.2.1 2022/11/26 17:01:44 spz Exp $
-BLAKE2s (expat-2.4.9.tar.gz) = c728e6b315553e54adc80a83ba188aeb785c85a9976f43cb5a4bbca676d778e1
-SHA512 (expat-2.4.9.tar.gz) = 1f30e4d363cc1753137d0f3f6b6267d91fc40412cabb463d06bff9268ee7d8f34c242f02948a3450d186c0502b5e5238894ff1990c4b9440c0f9398ccb29d066
-Size (expat-2.4.9.tar.gz) = 717049 bytes
+BLAKE2s (expat-2.5.0.tar.gz) = 2f284355b044c2f48b0066408c3333975e2748230afcfcd0c63cc872dc7f2c47
+SHA512 (expat-2.5.0.tar.gz) = f1ff7da5fafb47dcd6e0f0d892826aba6de76509c8497bc00382f1109ab8e2a93d396943dbb52216457044993a39d73728048adf650d8e83e28189edc7b78402
+Size (expat-2.5.0.tar.gz) = 719235 bytes
Home |
Main Index |
Thread Index |
Old Index