c_cpp/expat
SHA256
8
0
Fork 0
forked from pool/expat
Code Pull Requests Activity

Compare commits

base: c_cpp:main
Branches Tags
c_cpp:main c_cpp:factory c_cpp:devel pool:factory pool:slfo-main pool:slfo-1.2
..
compare: pool:slfo-1.2
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2 c_cpp:main c_cpp:factory c_cpp:devel

1 Commits
main ... slfo-1.2

Author SHA256 Message Date
Petr Gajdos
c70f70b8b5 CVE-2025-59375 2025-10-01 12:34:52 +02:00
3 changed files with 3554 additions and 1 deletions
Expand all files Collapse all files

3545
CVE-2025-59375.patch Normal file
View File

File diff suppressed because it is too large Load Diff

9
expat.changes
View File

@@ -1,3 +1,10 @@
-------------------------------------------------------------------
Mon Sep 29 13:38:51 UTC 2025 - Martin Schreiner <martin.schreiner@suse.com>
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
* CVE-2025-59375.patch
-------------------------------------------------------------------
Fri Mar 28 10:22:44 UTC 2025 - pgajdos@suse.com
@@ -186,7 +193,7 @@ Mon Feb 12 20:44:14 UTC 2024 - David Anes <david.anes@suse.com>
- Update to 2.6.0:
* Security fixes:
- CVE-2023-52425 (boo#1219559, bsc#1221563)
- CVE-2023-52425 (boo#1219559)
-- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications

1
expat.spec
View File

@@ -33,6 +33,7 @@ Source3: %{name}faq.html
# https://www.gentoo.org/inside-gentoo/developers/index.html#sping
# https://github.com/libexpat/libexpat/issues/537#issuecomment-1003796884
Source4: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3176ef7db2367f1fca4f306b1f9b0e909af37285#/expat.keyring
Patch0: CVE-2025-59375.patch
BuildRequires: c++_compiler
BuildRequires: pkgconfig