[3.13] gh-131261: Update libexpat to 2.7.0 (CVE-2024-8176) · python/cpython@6af54d2 (original) (raw)

5 files changed

lines changed

Original file line number	Diff line number	Diff line change
@@ -0,0 +1 @@
	1	+Upgrade to libexpat 2.7.0

Original file line number	Diff line number	Diff line change
@@ -11,7 +11,7 @@
11	11	Copyright (c) 2000-2005 Fred L. Drake, Jr. fdrake@users.sourceforge.net
12	12	Copyright (c) 2001-2002 Greg Stein gstein@users.sourceforge.net
13	13	Copyright (c) 2002-2016 Karl Waclawek karl@waclawek.net
14		- Copyright (c) 2016-2024 Sebastian Pipping sebastian@pipping.org
	14	+ Copyright (c) 2016-2025 Sebastian Pipping sebastian@pipping.org
15	15	Copyright (c) 2016 Cristian Rodríguez crrodriguez@opensuse.org
16	16	Copyright (c) 2016 Thomas Beutlich tc@tbeu.de
17	17	Copyright (c) 2017 Rhodri James rhodri@wildebeest.org.uk
@@ -1067,8 +1067,8 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
1067	1067	See https://semver.org
1068	1068	*/
1069	1069	#define XML_MAJOR_VERSION 2
1070		-#define XML_MINOR_VERSION 6
1071		-#define XML_MICRO_VERSION 4
	1070	+#define XML_MINOR_VERSION 7
	1071	+#define XML_MICRO_VERSION 0
1072	1072
1073	1073	#ifdef __cplusplus
1074	1074	}

Original file line number	Diff line number	Diff line change
@@ -12,9 +12,9 @@ fi
12	12
13	13	# Update this when updating to a new version after verifying that the changes
14	14	# the update brings in are good. These values are used for verifying the SBOM, too.
15		-expected_libexpat_tag="R_2_6_4"
16		-expected_libexpat_version="2.6.4"
17		-expected_libexpat_sha256="fd03b7172b3bd7427a3e7a812063f74754f24542429b634e0db6511b53fb2278"
	15	+expected_libexpat_tag="R_2_7_0"
	16	+expected_libexpat_version="2.7.0"
	17	+expected_libexpat_sha256="362e89ca6b8a0d46fc5740a917eb2a8b4d6356edbe016eee09f49c0781215844"
18	18
19	19	expat_dir="$(realpath "$(dirname -- "${BASH_SOURCE[0]}")")"
20	20	cd ${expat_dir}