buildroot/package/expat
Fabrice Fontaine 26ec7c4d02 package/expat: security bump to version 2.5.0
Expat 2.5.0 has been released earlier today. Most importantly, this
release fixes CVE-2022-43680: a heap use-after-free vulnerability after
overeager destruction of a shared DTD in function
XML_ExternalEntityParserCreate in out-of-memory situations, with
expected impact of denial of service or potentially arbitrary code
execution.

https://blog.hartwork.org/posts/expat-2-5-0-released
https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-10-26 21:49:56 +02:00
..
Config.in
expat.hash package/expat: security bump to version 2.5.0 2022-10-26 21:49:56 +02:00
expat.mk package/expat: security bump to version 2.5.0 2022-10-26 21:49:56 +02:00