https://github.com/libexpat/libexpat/blob/R_2_7_4/expat/Changes
Plugs CVEs: CVE-2026-24515: NULL dereference in XML_SetUnknownEncodingHandler CVE-2026-25210: Integer overflow in function doContent * Fix options, libbsd support was removed. Signed-off-by: Christian Melki <[email protected]> --- rules/expat.make | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/rules/expat.make b/rules/expat.make index 3f5979155..1043bb232 100644 --- a/rules/expat.make +++ b/rules/expat.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_EXPAT) += expat # # Paths and names # -EXPAT_VERSION := 2.7.3 -EXPAT_MD5 := 3f1a65112ae997f8350de931b1e73df0 +EXPAT_VERSION := 2.7.4 +EXPAT_MD5 := d8c3327b7e10e75582873a0d97e7a538 EXPAT := expat-$(EXPAT_VERSION) EXPAT_SUFFIX := tar.bz2 EXPAT_RELEASE := R_$(subst .,_,$(EXPAT_VERSION)) @@ -45,7 +45,6 @@ EXPAT_CONF_OPT := \ --without-xmlwf \ --without-examples \ --without-tests \ - --without-libbsd \ --with-getrandom \ --without-sys-getrandom \ --without-docbook -- 2.43.0
