Accepting request 1269185 from devel:libraries:c_c++

Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/1269185 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=81
checkin
2025-04-14 14:08:06 +00:00 · 2025-04-07 08:35:18 +00:00
3 changed files with 1 additions and 3554 deletions
--- a/CVE-2025-59375.patch
+++ b/CVE-2025-59375.patch
--- a/expat.changes
+++ b/expat.changes
@@ -1,10 +1,3 @@
-------------------------------------------------------------------
-Mon Sep 29 13:38:51 UTC 2025 - Martin Schreiner <martin.schreiner@suse.com>
-
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
-  * CVE-2025-59375.patch
-
 -------------------------------------------------------------------
 Fri Mar 28 10:22:44 UTC 2025 - pgajdos@suse.com

@@ -193,7 +186,7 @@ Mon Feb 12 20:44:14 UTC 2024 - David Anes <david.anes@suse.com>

 - Update to 2.6.0: 
  * Security fixes:
-    - CVE-2023-52425 (boo#1219559)  
+    - CVE-2023-52425 (boo#1219559, bsc#1221563)  
      -- Fix quadratic runtime issues with big tokens
      that can cause denial of service, in partial where
      dealing with compressed XML input.  Applications
--- a/expat.spec
+++ b/expat.spec
@@ -33,7 +33,6 @@ Source3:        %{name}faq.html
 # https://www.gentoo.org/inside-gentoo/developers/index.html#sping
 # https://github.com/libexpat/libexpat/issues/537#issuecomment-1003796884
 Source4:        https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3176ef7db2367f1fca4f306b1f9b0e909af37285#/expat.keyring
-Patch0:         CVE-2025-59375.patch
 BuildRequires:  c++_compiler
 BuildRequires:  pkgconfig