[ptxdist] [PATCH] expat: Version bump. 2.8.0 -> 2.8.1

Christian Melki Fri, 15 May 2026 00:05:03 -0700

Minor fix release.
https://github.com/libexpat/libexpat/blob/R_2_8_1/expat/Changes


Plugs CVE:
CVE-2026-45186: Fix quadratic runtime from attribute name
collision checks that allowed denial of service attacks

Signed-off-by: Christian Melki <[email protected]>
---
 rules/expat.make | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/expat.make b/rules/expat.make
index 5819279aa..411afc4eb 100644
--- a/rules/expat.make
+++ b/rules/expat.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_EXPAT) += expat
 #
 # Paths and names
 #
-EXPAT_VERSION          := 2.8.0
-EXPAT_SHA256           := 
586494499ac3ad46d87f3beda7b1f770c1c8026a9b60e151593f8b29089a52ca
+EXPAT_VERSION          := 2.8.1
+EXPAT_SHA256           := 
f5833dd2e1cd7739ec9182804a1a29c4f0cc7c2f26b633d3a2188b7766a88ecb
 EXPAT                  := expat-$(EXPAT_VERSION)
 EXPAT_SUFFIX           := tar.bz2
 EXPAT_RELEASE          := R_$(subst .,_,$(EXPAT_VERSION))
-- 
2.43.0

[ptxdist] [PATCH] expat: Version bump. 2.8.0 -> 2.8.1

Reply via email to