testing/expat
SHA256
7
0
Fork 0
forked from pool/expat
Code Pull Requests Activity

Factory #1

Merged
dgarcia merged 14 commits from factory into main 2025-10-08 12:55:42 +02:00
Conversation 0 Commits 14 Files Changed 7 +325 -359
dgarcia commented 2025-10-06 14:26:45 +02:00
Owner
Copy Link
No description provided.
dgarcia added 14 commits 2025-10-06 14:26:46 +02:00
checkin 328b5dc541 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=116
Accepting request 1203777 from devel:libraries:c_c++ 1a5e6ac868 
- updated keyring [https://build.suse.de/request/show/345282]
- modified sources
  % expat.keyring

OBS-URL: https://build.opensuse.org/request/show/1203777
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=77
- version update to 2.6.4 fff2a6793d 
* Security fixes: [bsc#1232601]
        #915  CVE-2024-50602 -- Fix crash within function XML_ResumeParser
                from a NULL pointer dereference by disallowing function
                XML_StopParser to (stop or) suspend an unstarted parser.
                A new error code XML_ERROR_NOT_STARTED was introduced to
                properly communicate this situation.  // CWE-476 CWE-754
  * Other changes:
        #903  CMake: Add alias target "expat::expat"
        #905  docs: Document use via CMake >=3.18 with FetchContent
                and SOURCE_SUBDIR and its consequences
        #902  tests: Reduce use of global parser instance
        #904  tests: Resolve duplicate handler
   #317 #918  tests: Improve tests on doctype closing (ex CVE-2019-15903)
        #914  Fix signedness of format strings
   #919 #920  Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
                to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
                for what these numbers do

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=118
Accepting request 1222170 from devel:libraries:c_c++ dc62179049 
- version update to 2.6.4 
  * Security fixes: [bsc#1232601]
        #915  CVE-2024-50602 -- Fix crash within function XML_ResumeParser
                from a NULL pointer dereference by disallowing function
                XML_StopParser to (stop or) suspend an unstarted parser.
                A new error code XML_ERROR_NOT_STARTED was introduced to
                properly communicate this situation.  // CWE-476 CWE-754
  * Other changes:
        #903  CMake: Add alias target "expat::expat"
        #905  docs: Document use via CMake >=3.18 with FetchContent
                and SOURCE_SUBDIR and its consequences
        #902  tests: Reduce use of global parser instance
        #904  tests: Resolve duplicate handler
   #317 #918  tests: Improve tests on doctype closing (ex CVE-2019-15903)
        #914  Fix signedness of format strings
   #919 #920  Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
                to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
                for what these numbers do (forwarded request 1222166 from pgajdos)

OBS-URL: https://build.opensuse.org/request/show/1222170
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=78
checkin 48082ed3b0 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=120
Accepting request 1223742 from devel:libraries:c_c++ afa56748f7 
- no source changes, just adding jira reference: jsc#SLE-21253

OBS-URL: https://build.opensuse.org/request/show/1223742
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=79
checkin c1a94d21bf 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=122
checkin c868bf6904 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=123
Accepting request 1265155 from devel:libraries:c_c++ 0c4add0552 
- version update to 2.7.1
     Bug fixes:
       #980 #989  Restore event pointer behavior from Expat 2.6.4
                    (that the fix to CVE-2024-8176 changed in 2.7.0);
                    affected API functions are:
                    - XML_GetCurrentByteCount
                    - XML_GetCurrentByteIndex
                    - XML_GetCurrentColumnNumber
                    - XML_GetCurrentLineNumber
                    - XML_GetInputContext
     Other changes:
       #976 #977  Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
                    with Automake that were missing from 2.7.0 release tarballs
       #983 #984  Fix printf format specifiers for 32bit Emscripten
            #992  docs: Promote OpenSSF Best Practices self-certification
            #978  tests/benchmark: Resolve mistaken double close
            #986  Address compiler warnings
       #990 #993  Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
                    to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
                    for what these numbers do
        Infrastructure:
            #982  CI: Start running Perl XML::Parser integration tests
            #987  CI: Enforce Clang Static Analyzer clean code
            #991  CI: Re-enable warning clang-analyzer-valist.Uninitialized
                    for clang-tidy
            #981  CI: Cover compilation with musl
       #983 #984  CI: Cover compilation with 32bit Emscripten
       #976 #977  CI: Protect against fuzzer files missing from future
                    release archives

OBS-URL: https://build.opensuse.org/request/show/1265155
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=80
checkin 17bd2e5f6e 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=125
Accepting request 1269185 from devel:libraries:c_c++ ea1c613089 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1269185
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=81
checkin 0f7763175e 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=127
checkin 912b3146fd 
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=128
Accepting request 1306571 from devel:libraries:c_c++ 147c8e1034 
- version update to 2.7.2 [bsc#1249584]
  * CVE-2025-59375 -- Disallow use of disproportional amounts of
    dynamic memory from within an Expat parser
  * xmlwf: Fix (internal) help generator
  * xmlwf: Mention supported environment variables in
    --help output
  * see Changes for details

OBS-URL: https://build.opensuse.org/request/show/1306571
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=82
dgarcia merged commit 7a44b5404d into main 2025-10-08 12:55:42 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
adamm adrianSuSE autogits-devel dgarcia dirkmueller gitea_test yudaike
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: testing/expat#1
Delete Branch "factory"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?