Mainly security fixes. https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes
Plugs CVEs: CVE-2024-45490 - An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. CVE-2024-45491 - Internal function dtdCopy can have an integer overflow for nDefaultAtts on 32-bit platforms. CVE-2024-45492 - Internal function nextScaffoldPart can have an integer overflow for m_groupSize on 32-bit platforms. Signed-off-by: Christian Melki <[email protected]> --- rules/expat.make | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules/expat.make b/rules/expat.make index 03f9ac6b4..31afb8604 100644 --- a/rules/expat.make +++ b/rules/expat.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_EXPAT) += expat # # Paths and names # -EXPAT_VERSION := 2.6.2 -EXPAT_MD5 := b246f58b25a7629fca6cbd1429400cdf +EXPAT_VERSION := 2.6.3 +EXPAT_MD5 := c70040a3f2743d9645cb029d3c9a7c89 EXPAT := expat-$(EXPAT_VERSION) EXPAT_SUFFIX := tar.bz2 EXPAT_RELEASE := R_$(subst .,_,$(EXPAT_VERSION)) -- 2.34.1
