From patchwork Wed May 13 19:37:07 2026
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 9825
Return-Path: <development+bounces-2138-patchwork=ipfire.org@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4gG3d61f8Lz3x9j
	for <patchwork@web04.haj.ipfire.org>; Wed, 13 May 2026 19:37:14 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(Client CN "mail02.haj.ipfire.org", Issuer "E8" (not verified))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4gG3d41cTjz7Fj
	for <patchwork@ipfire.org>; Wed, 13 May 2026 19:37:12 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [IPv6:::1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4gG3d35sDlz33tk
	for <patchwork@ipfire.org>; Wed, 13 May 2026 19:37:11 +0000 (UTC)
X-Original-To: development@lists.ipfire.org
Received: from mail01.ipfire.org (mail01.haj.ipfire.org
 [IPv6:2001:678:b28::25])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature ECDSA (secp384r1 raw public key)
 server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4gG3d10w6Yz33d3
	for <development@lists.ipfire.org>; Wed, 13 May 2026 19:37:09 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4gG3cz2Z4Mz6qZ;
	Wed, 13 May 2026 19:37:07 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1778701027;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=6Ce2JHv9rnym/8WIQlJzzgtxm6X548ZIYx2phHaZNAA=;
	b=CRrJoxq9oDCd08pGVSDtbCdezPtZZ6tXvEFGGIpVWQ/yMSHljuXXSzXP1YTpnSLxzO8ZjS
	zT2a3R9SAlDQaACg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1778701027;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=6Ce2JHv9rnym/8WIQlJzzgtxm6X548ZIYx2phHaZNAA=;
	b=Z+rm5UNMx8mb9xwY3h5URfNv74VHszJy+oSzEQTkB0rP8TFKDQSicAbNQshwy6HO10ONlO
	vXxtGnRfCL0c/s4Pwfw5cHb7n0dAXlxaFE42wSu8427VU9FHAC0giqcaEx1gpirEYwIreO
	iOkcxcGzllqBSLwxOmTg4m5spATKlv1NYVdMioVEkJfrG3o1e8YcwC4zlDOFPploehf9K+
	q5yLGvRm7+J1sQKNoLN1z5jKu6a2K5L/nOiHhTI0jeci6dfAnMqiRk7YmV/enVmF0ts38F
	DRBS6feuM+uB7qSpJ41k6ZyBty4sc8KSd5RXcKiwpzdpzrvFlMjatGqIm5Esjg==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH] expat: Update to version 2.8.1
Date: Wed, 13 May 2026 21:37:07 +0200
Message-ID: <20260513193708.3682369-3-adolf.belka@ipfire.org>
In-Reply-To: <20260513193708.3682369-1-adolf.belka@ipfire.org>
References: <20260513193708.3682369-1-adolf.belka@ipfire.org>
Precedence: list
List-Id: <development.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
 <mailto:development+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
 <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development+help@lists.ipfire.org?subject=help>
Sender: <development@lists.ipfire.org>
Mail-Followup-To: <development@lists.ipfire.org>
MIME-Version: 1.0

- Update from version 2.8.0 to 2.8.1
- Update of rootfile
- 1 CVE fix
- Changelog
2.8.1
        Security fixes:
           #1216  CVE-2026-45186 -- Fix quadratic runtime from attribute name
                    collision checks that allowed denial of service attacks
                    through moderately sized crafted XML input (CWE-407).
                    Please note that a layer of compression around XML can
                    significantly reduce the minimum attack payload size.
        Other changes:
     #1209 #1213  Drop more casts related to `void *` that C99 does not need
           #1213  xmlwf: Streamline use of `mmap`
     #1214 #1217  Version info bumped from 13:0:12 (libexpat*.so.1.12.0)
                    to 13:1:12 (libexpat*.so.1.12.1); see https://verbump.de/
                    for what these numbers do
        Infrastructure:
           #1210  CI: Cover compilation with Visual Studio 18 2026 on Windows
           #1215  CI: Cover compilation for ARM64 on Windows
           #1212  CI: Bump WASI SDK from 32 to 33

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/expat | 20 ++++++++++----------
 lfs/expat                     |  4 ++--
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat
index 611c2a203..b13257ddb 100644
--- a/config/rootfiles/common/expat
+++ b/config/rootfiles/common/expat
@@ -2,21 +2,21 @@
 #usr/include/expat.h
 #usr/include/expat_config.h
 #usr/include/expat_external.h
-#usr/lib/cmake/expat-2.8.0
-#usr/lib/cmake/expat-2.8.0/expat-config-version.cmake
-#usr/lib/cmake/expat-2.8.0/expat-config.cmake
-#usr/lib/cmake/expat-2.8.0/expat-noconfig.cmake
-#usr/lib/cmake/expat-2.8.0/expat.cmake
+#usr/lib/cmake/expat-2.8.1
+#usr/lib/cmake/expat-2.8.1/expat-config-version.cmake
+#usr/lib/cmake/expat-2.8.1/expat-config.cmake
+#usr/lib/cmake/expat-2.8.1/expat-noconfig.cmake
+#usr/lib/cmake/expat-2.8.1/expat.cmake
 #usr/lib/libexpat.la
 #usr/lib/libexpat.so
 usr/lib/libexpat.so.1
-usr/lib/libexpat.so.1.12.0
+usr/lib/libexpat.so.1.12.1
 #usr/lib/pkgconfig/expat.pc
 #usr/share/doc/expat
-#usr/share/doc/expat-2.8.0
-#usr/share/doc/expat-2.8.0/ok.min.css
-#usr/share/doc/expat-2.8.0/reference.html
-#usr/share/doc/expat-2.8.0/style.css
+#usr/share/doc/expat-2.8.1
+#usr/share/doc/expat-2.8.1/ok.min.css
+#usr/share/doc/expat-2.8.1/reference.html
+#usr/share/doc/expat-2.8.1/style.css
 #usr/share/doc/expat/AUTHORS
 #usr/share/doc/expat/changelog
 #usr/share/man/man1/xmlwf.1
diff --git a/lfs/expat b/lfs/expat
index f14e48ab5..2ba04ca09 100644
--- a/lfs/expat
+++ b/lfs/expat
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.8.0
+VER        = 2.8.1
 
 THISAPP    = expat-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = e7b5f20e9960085d2bcfd88ac590e70a9aaebcc4b1411064d008af638bdf4189730d6fd9772d518dc4c38c3cefc649ed31c1e3ad7de64125377dba8c6d2e01b8
+$(DL_FILE)_BLAKE2 = 529551f960a1e611be6a0e9ff579e136ccad676d7e99ef8183bbee83969bf4cd37177444759ccbccc48c1bd49d2b0c3bd8f1f91862f272b54a23ad1b932d2f9d
 
 install : $(TARGET)