SHA256
1
0
forked from pool/expat

Accepting request 956174 from home:david.anes:branches:devel:libraries:c_c++

- update to 2.4.6 (bsc#1196168, CVE-2022-25313):
  * Bug fixes:
    - Fix a regression introduced by the fix for CVE-2022-25313
      in release 2.4.5 that affects applications that (1)
      call function XML_SetElementDeclHandler and (2) are
      parsing XML that contains nested element declarations
      (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
    - Version info bumped from 9:5:8 to 9:6:8;
      see https://verbump.de/ for what these numbers do.

OBS-URL: https://build.opensuse.org/request/show/956174
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=94
This commit is contained in:
Pedro Monreal Gonzalez 2022-02-21 08:59:54 +00:00 committed by Git OBS Bridge
parent 4587d04dec
commit aadd52c635
4 changed files with 34 additions and 2 deletions

3
expat-2.4.6.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:de55794b7a9bc214852fdc075beaaecd854efe1361597e6268ee87946951289b
size 452468

16
expat-2.4.6.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEy43nCpDPv2w79cxWliYqz/vTrsYFAmISdL8ACgkQliYqz/vT
rsaPBhAAlALWvVoxvGj5Sko6xbOBVXfal/c40pbAN4yFVKYW1YBNaswB6cjQDuUI
VBLqQwtZicNWHxPCLF0bldJFbNiiR3w6cm08e4C+YKHtEH4FRsLDxzWYF1n7nd0t
Yez7BozXwafD2HDgx86bJOnVhSkn2fAHPKUGLErHLvpFg7aLvIOPtWPJ+9YeGeDa
B8SrQB7YLu9EpkUmwGUCB5zZremoX8vC3+2N8RR2HLQ0dq1VPaBJrJkinGP8j/W5
bxi/eADCIt09cD6WEinFdE6M3LBSb1K8aKdnGxpQ8A3bs+XoBy6MTXCmdtnsa07y
whUEcWvu/npxgNAsZoW3LW2DPn0B8Ym/DW1K4GrtYVhZZGo7/mvazr2+LPo1xhUZ
x5iT4m+4COk0QwEb8rXVMIQAvlObdk8vR7AzPmetLiRrC1Ht2RQ5NCPGLoAUC/9t
Lw0X34MJ9xU1tSY7bWJzTa7RCaAjo36amnINsupw83PxOnFreshnIMvCULG9u99Y
lmF3XiyARjCbzYsJTGChldtQZ1tA4A+4aKO71HM/Ajo8CGBnB3q2W/88ORclOfpe
WJ0ubUUHp/63l6uZPg4hESdSS2ID6PY9WbrS91rNBSEr8ZOrra5VWbEif2fN+mDC
sy61OGEXvgNmGK06ygr8o8T32DLc+dh/ST6BMTpUo7PXKcA4/qg=
=gI+p
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Sun Feb 20 19:48:53 UTC 2022 - David Anes <david.anes@suse.com>
- update to 2.4.6 (bsc#1196168, CVE-2022-25313):
* Bug fixes:
- Fix a regression introduced by the fix for CVE-2022-25313
in release 2.4.5 that affects applications that (1)
call function XML_SetElementDeclHandler and (2) are
parsing XML that contains nested element declarations
(e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
- Version info bumped from 9:5:8 to 9:6:8;
see https://verbump.de/ for what these numbers do.
-------------------------------------------------------------------
Sat Feb 19 09:21:21 UTC 2022 - David Anes <david.anes@suse.com>

View File

@ -16,9 +16,9 @@
#
%global unversion 2_4_5
%global unversion 2_4_6
Name: expat
Version: 2.4.5
Version: 2.4.6
Release: 0
Summary: XML Parser Toolkit
License: MIT