From patchwork Wed Sep 4 21:49:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8078 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Wzbk624cpz3wkf for ; Wed, 4 Sep 2024 21:49:34 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Wzbk33glyz1rb; Wed, 4 Sep 2024 21:49:31 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Wzbk31Symz33Dm; Wed, 4 Sep 2024 21:49:31 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Wzbk11LJcz339m for ; Wed, 4 Sep 2024 21:49:29 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Wzbk01WKzz10m; Wed, 4 Sep 2024 21:49:28 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1725486568; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=C1uTqRWKQ1jXTfWMcaXFluu4JQXnh7dELW9bBpudUZk=; b=9asHU1kGLON6lCom+a/jMpMlMNNXXZzXmnB3QWrqbpacSpY3vi0AE0P5BZySnbWS/Pp/YB xERZwSqy673UkGAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1725486568; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=C1uTqRWKQ1jXTfWMcaXFluu4JQXnh7dELW9bBpudUZk=; b=ZwBze74hSXf1VrtUV6Bj2T/TMqmYm8qfDuLh9d851hl3YZG00BEZLQLs+b3YDWvJgUAnbd X/nwHCOvfBBCzvHk5M67vCEkeekhcr7KoKkW64h40vwYP9sEc4UT+HCNFDjViJK5Cederj 3Yg85nYRVQG0hqngHs51WqIprw+b/oCcp3T6I7EnKAIqy7pvZWsZCBrfbOoNGb6BFP8MHo MX25lfkeMyZDVJRv2MDYn7BHmq6LS7r+QjranhciPyQa3rxp4CueEf8NtTnLbZ3W5NYiFc ZiR4TXIxnRq7Zm8LcbtyXhlCN344lIvTeh5U/lgnyMaiIW9e0SuFvjqg5jQS/A== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] expat: Update to version 2.6.3 Date: Wed, 4 Sep 2024 23:49:24 +0200 Message-ID: <20240904214924.3945600-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: 3MZEVUH76SSQDXSFJDVE3E363AVWKCYG X-Message-ID-Hash: 3MZEVUH76SSQDXSFJDVE3E363AVWKCYG X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 2.6.2 to 2.6.3 - Update of rootfile - 3 CVE Fixes in this release. - Changelog 2.6.3 Security fixes: #887 #890 CVE-2024-45490 -- Calling function XML_ParseBuffer with len < 0 without noticing and then calling XML_GetBuffer will have XML_ParseBuffer fail to recognize the problem and XML_GetBuffer corrupt memory. With the fix, XML_ParseBuffer now complains with error XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse has been doing since Expat 2.2.1, and now documented. Impact is denial of service to potentially artitrary code execution. #888 #891 CVE-2024-45491 -- Internal function dtdCopy can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. #889 #892 CVE-2024-45492 -- Internal function nextScaffoldPart can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. Other changes: #851 #879 Autotools: Sync CMake templates with CMake 3.28 #853 Autotools: Always provide path to find(1) for portability #861 Autotools: Ensure that the m4 directory always exists. #870 Autotools: Simplify handling of SIZEOF_VOID_P #869 Autotools: Support non-GNU sed #856 Autotools|CMake: Fix main() to main(void) #865 Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM #863 Autotools|CMake: Stop requiring dos2unix #854 #855 CMake: Fix check for symbols size_t and off_t #864 docs|tests: Convert README to Markdown and update #741 Windows: Drop support for Visual Studio <=15.0/2017 #886 Drop needless XML_DTD guards around is_param access #885 Fix typo in a code comment #894 #896 Version info bumped from 10:2:9 (libexpat*.so.1.9.2) to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/ for what these numbers do Infrastructure: #880 Readme: Promote the call for help #868 CI: Fix various issues #849 CI: Allow triggering GitHub Actions workflows manually #851 #872 .. #873 #879 CI: Adapt to breaking changes in GitHub Actions Signed-off-by: Adolf Belka --- config/rootfiles/common/expat | 21 ++++++++++----------- lfs/expat | 4 ++-- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 2ab49e910..51a4de2f7 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,22 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake -#usr/lib/cmake/expat-2.6.2 -#usr/lib/cmake/expat-2.6.2/expat-config-version.cmake -#usr/lib/cmake/expat-2.6.2/expat-config.cmake -#usr/lib/cmake/expat-2.6.2/expat-noconfig.cmake -#usr/lib/cmake/expat-2.6.2/expat.cmake +#usr/lib/cmake/expat-2.6.3 +#usr/lib/cmake/expat-2.6.3/expat-config-version.cmake +#usr/lib/cmake/expat-2.6.3/expat-config.cmake +#usr/lib/cmake/expat-2.6.3/expat-noconfig.cmake +#usr/lib/cmake/expat-2.6.3/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.9.2 +usr/lib/libexpat.so.1.9.3 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.6.2 -#usr/share/doc/expat-2.6.2/ok.min.css -#usr/share/doc/expat-2.6.2/reference.html -#usr/share/doc/expat-2.6.2/style.css +#usr/share/doc/expat-2.6.3 +#usr/share/doc/expat-2.6.3/ok.min.css +#usr/share/doc/expat-2.6.3/reference.html +#usr/share/doc/expat-2.6.3/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/lfs/expat b/lfs/expat index 3a37bf2d2..91e4f32af 100644 --- a/lfs/expat +++ b/lfs/expat @@ -24,7 +24,7 @@ include Config -VER = 2.6.2 +VER = 2.6.3 THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = aae019270e1ab233fe8480b7eaa77f648f23ef3383dc772dc946cb13163067431716dc5446862eb502315fd089f2f52f3d476589b74a97e462575cd54df44db4 +$(DL_FILE)_BLAKE2 = b8e0a0e779f0f136eaca91115cbbcf5a5cca457cab1cca6f8d6141151d19f8ef2dccb41b0e9134459c1e7d99cb2e0b4ce3922d2bd9221002ec43fe9d53a0084a install : $(TARGET)