CVS commit: [pkgsrc-2025Q3] pkgsrc/textproc/expat

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2025Q3] pkgsrc/textproc/expat
From: "Maya Rashish" <maya%netbsd.org@localhost>
Date: Thu, 23 Oct 2025 01:25:55 +0000

Module Name:    pkgsrc
Committed By:   maya
Date:           Thu Oct 23 01:25:55 UTC 2025

Modified Files:
        pkgsrc/textproc/expat [pkgsrc-2025Q3]: Makefile builtin.mk distinfo

Log Message:
Pullup ticket #7018 - requested by taca
textproc/expat: Security fix

Revisions pulled up:
- textproc/expat/Makefile                                       1.61
- textproc/expat/builtin.mk                                     1.24
- textproc/expat/distinfo                                       1.55

---
   Module Name: pkgsrc
   Committed By:        adam
   Date:                Thu Sep 25 07:03:33 UTC 2025

   Modified Files:
        pkgsrc/textproc/expat: Makefile builtin.mk distinfo

   Log Message:
   expat: updated to 2.7.3

   Release 2.7.3 Wed September 24 2025

   Security fixes:
     Fix alignment of internal allocations for some non-amd64
     architectures (e.g. sparc32); fixes up on the fix to
     CVE-2025-59375 from 1034 (of Expat 2.7.2 and related
     backports)

     Fix a class of false positives where input should have been
     rejected with error XML_ERROR_ASYNC_ENTITY; regression from
     CVE-2024-8176 fix pull request 973 (of Expat 2.7.0 and
     related backports). Please check the added unit tests for
     example documents.

   Other changes:
     Prove and regression-proof absence of integer overflow
     from function expat_realloc
     Remove "harmless" cast that truncated a size_t to unsigned
     Autotools: Remove "ln -s" discovery
     docs: Be consistent with use of floating point around
     XML_SetAllocTrackerMaximumAmplification
     docs: Make it explicit that XML_GetCurrentColumnNumber
     starts at 0
     docs: Better integrate the effect of the activation
     thresholds
     docs: Fix an in-comment typo in expat.h
     docs: Fix a typo in README.md
     docs: Improve change log of release 2.7.2
     xmlwf: Resolve use of functions XML_GetErrorLineNumber
     and XML_GetErrorColumnNumber
     Windows: Normalize .bat files to CRLF line endings
     Version info bumped from 12:0:11 (libexpat*.so.1.11.0)
     to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/
     for what these numbers do


To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.60.2.1 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.23 -r1.23.14.1 pkgsrc/textproc/expat/builtin.mk
cvs rdiff -u -r1.54 -r1.54.2.1 pkgsrc/textproc/expat/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/textproc/expat/Makefile
diff -u pkgsrc/textproc/expat/Makefile:1.60 pkgsrc/textproc/expat/Makefile:1.60.2.1
--- pkgsrc/textproc/expat/Makefile:1.60 Tue Sep 16 21:33:17 2025
+++ pkgsrc/textproc/expat/Makefile      Thu Oct 23 01:25:55 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.60 2025/09/16 21:33:17 wiz Exp $
+# $NetBSD: Makefile,v 1.60.2.1 2025/10/23 01:25:55 maya Exp $
 
-DISTNAME=      expat-2.7.2
+DISTNAME=      expat-2.7.3
 CATEGORIES=    textproc
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=libexpat/}
 GITHUB_PROJECT=        libexpat
@@ -25,7 +25,6 @@ TEST_TARGET=  check
 REPLACE_BASH=  test-driver-wrapper.sh
 # we can't use cmake due to a cyclic dependency
 #USE_CMAKE=    yes
-#TEST_ENV+=    LD_LIBRARY_PATH=${WRKSRC}
 
 PKGCONFIG_OVERRIDE+=   expat.pc.in
 

Index: pkgsrc/textproc/expat/builtin.mk
diff -u pkgsrc/textproc/expat/builtin.mk:1.23 pkgsrc/textproc/expat/builtin.mk:1.23.14.1
--- pkgsrc/textproc/expat/builtin.mk:1.23       Wed Feb  7 13:19:26 2024
+++ pkgsrc/textproc/expat/builtin.mk    Thu Oct 23 01:25:55 2025
@@ -1,4 +1,4 @@
-# $NetBSD: builtin.mk,v 1.23 2024/02/07 13:19:26 adam Exp $
+# $NetBSD: builtin.mk,v 1.23.14.1 2025/10/23 01:25:55 maya Exp $
 
 BUILTIN_PKG:=  expat
 
@@ -102,7 +102,7 @@ override-expat-pkgconfig:
        ${RUN}                                          \
        ${MKDIR} ${BLKDIR_PKGCFG};                      \
        {                                               \
-       ${ECHO} "prefix=${BUILDLINK_PREFIX.expat}";             \
+       ${ECHO} "prefix=${BUILDLINK_PREFIX.expat}";     \
        ${ECHO} "exec_prefix=\$${prefix}";              \
        ${ECHO} "libdir=\$${exec_prefix}/lib";          \
        ${ECHO} "includedir=\$${prefix}/include";       \
@@ -112,6 +112,6 @@ override-expat-pkgconfig:
        ${ECHO} "Version: ${BUILTIN_VERSION.expat}";    \
        ${ECHO} "Libs: ${COMPILER_RPATH_FLAG}\$${libdir} -L\$${libdir} -lexpat";        \
        ${ECHO} "Cflags: -I\$${includedir}";            \
-       } >> ${BLKDIR_PKGCFG}/${EXPAT_PKGCFGF};
+       } >> ${BLKDIR_PKGCFG}/${EXPAT_PKGCFGF}
 .  endif
 .endif

Index: pkgsrc/textproc/expat/distinfo
diff -u pkgsrc/textproc/expat/distinfo:1.54 pkgsrc/textproc/expat/distinfo:1.54.2.1
--- pkgsrc/textproc/expat/distinfo:1.54 Tue Sep 16 21:33:17 2025
+++ pkgsrc/textproc/expat/distinfo      Thu Oct 23 01:25:55 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.54 2025/09/16 21:33:17 wiz Exp $
+$NetBSD: distinfo,v 1.54.2.1 2025/10/23 01:25:55 maya Exp $
 
-BLAKE2s (expat-2.7.2.tar.gz) = da5db4ce4d4ad9fb9b1c1c60a938047c7dd4448d0ffba17221e7aa07aa858d61
-SHA512 (expat-2.7.2.tar.gz) = 34a1601d2164809bf7db186b1608afb450025ebb2e802a3ae202979c5d76074526c731b5bb9a0c87db43da0a68ac986a1a346e27cf2abb0d3e2ee45ac6a24857
-Size (expat-2.7.2.tar.gz) = 798712 bytes
+BLAKE2s (expat-2.7.3.tar.gz) = c92c4f8433c201577399c1b3151bbcf2c10e7ff790544f1890e1303ab52f78d0
+SHA512 (expat-2.7.3.tar.gz) = 274546c0755a7ad5db43a3b723274ba213482d68677ba3ff0f5ea1de63cdd66032214f6e8e167cc8482f7d056a31f3871c26329545d6565fee8661647e9877ce
+Size (expat-2.7.3.tar.gz) = 800387 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/wm/afterstep
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/wm/afterstep
Indexes:

Home | Main Index | Thread Index | Old Index