1 files changed, 37 insertions, 0 deletions

diff --git a/meta/recipes-core/expat/expat/CVE-2023-52426-008.patch b/meta/recipes-core/expat/expat/CVE-2023-52426-008.patch
new file mode 100644
index 0000000000..d07c62ccf0
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2023-52426-008.patch
@@ -0,0 +1,37 @@
+From 2848dc4e7067de503934b388717e7a3d8d0c5bca Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Fri, 27 Oct 2023 18:45:50 +0200
+Subject: [PATCH] Simplify "! defined(XML_DTD) && XML_GE == 0" to "XML_GE == 0"
+
+CVE: CVE-2023-52426
+Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2848dc4e7067de503934b388717e7a3d8d0c5bca]
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ xmlwf/xmlwf.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/xmlwf/xmlwf.c b/xmlwf/xmlwf.c
+index be23f5a..04ca759 100644
+--- a/xmlwf/xmlwf.c
++++ b/xmlwf/xmlwf.c
+@@ -1062,7 +1062,7 @@ tmain(int argc, XML_Char **argv) {
+             " (needs a floating point number greater or equal than 1.0)"));
+         exit(XMLWF_EXIT_USAGE_ERROR);
+       }
+-#if ! defined(XML_DTD) && XML_GE == 0
++#if XML_GE == 0
+       ftprintf(stderr,
+                T("Warning: Given amplification limit ignored")
+                    T(", xmlwf has been compiled without DTD/GE support.\n"));
+@@ -1084,7 +1084,7 @@ tmain(int argc, XML_Char **argv) {
+         exit(XMLWF_EXIT_USAGE_ERROR);
+       }
+       attackThresholdGiven = XML_TRUE;
+-#if ! defined(XML_DTD) && XML_GE == 0
++#if XML_GE == 0
+       ftprintf(stderr,
+                T("Warning: Given attack threshold ignored")
+                    T(", xmlwf has been compiled without DTD/GE support.\n"));
+--
+2.40.0