diff options
| author |   Ross Burton <ross.burton@arm.com> | 2022-10-31 15:19:10 +0000 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2022-11-17 07:23:06 -1000 |
| commit | 8dda30a9c64a4ad1f8eee11deb2e5143ba5fd719 (patch) | |
| tree | c2c072c27b0de761d4ded2b6bac17bc3c182af34 /meta/recipes-core/expat | |
| parent | b633c648da57079c8a3b64127e5ed11643fb5438 (diff) | |
| download | openembedded-core-contrib-8dda30a9c64a4ad1f8eee11deb2e5143ba5fd719.tar.gz | |
expat: upgrade to 2.5.0
Release 2.5.0 Tue October 25 2022
Security fixes:
#616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager
destruction of a shared DTD in function
XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially
arbitrary code execution.
Bug fixes:
#612 #645 Fix curruption from undefined entities
#613 #654 Fix case when parsing was suspended while processing nested
entities
#616 #652 #653 Stop leaking opening tag bindings after a closing tag
mismatch error where a parser is reset through
XML_ParserReset and then reused to parse
#656 CMake: Fix generation of pkg-config file
#658 MinGW|CMake: Fix static library name
Other changes:
#663 Protect header expat_config.h from multiple inclusion
#666 examples: Make use of XML_GetBuffer and be more
consistent across examples
#648 Address compiler warnings
#667 #668 Version info bumped from 9:9:8 to 9:10:8;
see https://verbump.de/ for what these numbers do
Includes a fix for CVE-2022-43680.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a257a674272dc638f09167e9b9202adfb477ef1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-core/expat')
| -rw-r--r-- | meta/recipes-core/expat/expat_2.5.0.bb (renamed from meta/recipes-core/expat/expat_2.4.9.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/expat/expat_2.4.9.bb b/meta/recipes-core/expat/expat_2.5.0.bb index cb007708c7..7080f934d1 100644 --- a/meta/recipes-core/expat/expat_2.4.9.bb +++ b/meta/recipes-core/expat/expat_2.5.0.bb @@ -14,7 +14,7 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -SRC_URI[sha256sum] = "7f44d1469b110773a94b0d5abeeeffaef79f8bd6406b07e52394bcf48126437a" +SRC_URI[sha256sum] = "6f0e6e01f7b30025fa05c85fdad1e5d0ec7fd35d9f61b22f34998de11969ff67" EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" |