pool/expat
SHA256
17
0
Fork 4
Code Issues Pull Requests Activity

Compare commits

base: pool:slfo-main
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2
..
compare: pool:factory
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2

11 Commits
slfo-main ... factory

Author SHA256 Message Date
Ana Guerrero
146d562490 Accepting request 1330687 from devel:libraries:c_c++ 
- version update to 2.7.4
  * CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
            failed to copy the encoding handler data passed to
            XML_SetUnknownEncodingHandler from the parent to the new
            subparser. This can cause a NULL dereference (CWE-476) from
            external entities that declare use of an unknown encoding.
            The expected impact is denial of service. It takes use of
            both functions XML_ExternalEntityParserCreate and
            XML_SetUnknownEncodingHandler for an application to be
            vulnerable.
  * CVE-2026-25210 -- Add missing check for integer overflow
            related to buffer size determination in function doContent
  * lib: Fix missing undoing of group size expansion in doProlog
            failure cases
  * xmlwf: Fix a memory leak
  * WASI: Fix format specifiers for 32bit WASI SDK
- fixes [bsc#1257144] and [bsc#1257496]

OBS-URL: https://build.opensuse.org/request/show/1330687
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=84
 2026-02-04 20:06:08 +00:00
Petr Gajdos
e74251336f checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=134
 2026-02-03 08:36:48 +00:00
Petr Gajdos
5d66fb39fb checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=133
 2026-02-03 08:21:34 +00:00
Petr Gajdos
ee7e9f0d0a checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=132
 2026-02-03 08:18:49 +00:00
Ana Guerrero
94738a2d79 Accepting request 1307863 from devel:libraries:c_c++ 
- version update to 2.7.3
  * Fix alignment of internal allocations for some non-amd64
    architectures (e.g. sparc32); fixes up on the fix to
    CVE-2025-59375 (of Expat 2.7.2)
  * Fix a class of false positives where input should have been
    rejected with error XML_ERROR_ASYNC_ENTITY; regression from
    CVE-2024-8176 (of Expat 2.7.0)
  * Prove and regression-proof absence of integer overflow
    from function expat_realloc
  * Remove "harmless" cast that truncated a size_t to unsigned
  * xmlwf: Resolve use of functions XML_GetErrorLineNumber
    and XML_GetErrorColumnNumber (forwarded request 1307469 from mathletic)

OBS-URL: https://build.opensuse.org/request/show/1307863
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=83
 2025-09-30 15:34:20 +00:00
Petr Gajdos
43e00776e0 - version update to 2.7.3 
* Fix alignment of internal allocations for some non-amd64
    architectures (e.g. sparc32); fixes up on the fix to
    CVE-2025-59375 (of Expat 2.7.2)
  * Fix a class of false positives where input should have been
    rejected with error XML_ERROR_ASYNC_ENTITY; regression from
    CVE-2024-8176 (of Expat 2.7.0)
  * Prove and regression-proof absence of integer overflow
    from function expat_realloc
  * Remove "harmless" cast that truncated a size_t to unsigned
  * xmlwf: Resolve use of functions XML_GetErrorLineNumber
    and XML_GetErrorColumnNumber

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=130
 2025-09-29 12:57:58 +00:00
Ana Guerrero
147c8e1034 Accepting request 1306571 from devel:libraries:c_c++ 
- version update to 2.7.2 [bsc#1249584]
  * CVE-2025-59375 -- Disallow use of disproportional amounts of
    dynamic memory from within an Expat parser
  * xmlwf: Fix (internal) help generator
  * xmlwf: Mention supported environment variables in
    --help output
  * see Changes for details

OBS-URL: https://build.opensuse.org/request/show/1306571
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=82
 2025-09-23 14:05:27 +00:00
Petr Gajdos
912b3146fd checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=128
 2025-09-22 15:04:14 +00:00
Petr Gajdos
0f7763175e checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=127
 2025-09-22 15:01:17 +00:00
Ana Guerrero
ea1c613089 Accepting request 1269185 from devel:libraries:c_c++ 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1269185
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=81
 2025-04-14 14:08:06 +00:00
Petr Gajdos
17bd2e5f6e checkin 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=125
 2025-04-07 08:35:18 +00:00
1 changed files with 0 additions and 1 deletions
Expand all files Collapse all files

1
expat.changes
View File

@@ -18,7 +18,6 @@ Tue Feb 3 08:17:21 UTC 2026 - Petr Gajdos <pgajdos@suse.com>
* xmlwf: Fix a memory leak
* WASI: Fix format specifiers for 32bit WASI SDK
- fixes [bsc#1257144] and [bsc#1257496]
- obsolete CVE-2025-59375.patch
-------------------------------------------------------------------
Sat Sep 27 09:21:33 UTC 2025 - Christoph G <foss@grueninger.de>