From efc539226865529cad106807fbf8cfaaba0fa18f Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Mon, 11 Nov 2024 20:04:36 +0100 Subject: expat: upgrade 2.6.3 -> 2.6.4 Handle CVE-2024-50602 (From OE-Core rev: 690874991ca51b37bc0af262ba6c366ff72af13f) Signed-off-by: Peter Marko Signed-off-by: Richard Purdie (cherry picked from commit 5dc22afe3d2ea767f084b7c6e3625cb6edd66522) Signed-off-by: Steve Sakoman --- meta/recipes-core/expat/expat_2.6.3.bb | 33 --------------------------------- meta/recipes-core/expat/expat_2.6.4.bb | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 33 deletions(-) delete mode 100644 meta/recipes-core/expat/expat_2.6.3.bb create mode 100644 meta/recipes-core/expat/expat_2.6.4.bb diff --git a/meta/recipes-core/expat/expat_2.6.3.bb b/meta/recipes-core/expat/expat_2.6.3.bb deleted file mode 100644 index 5ae694a004..0000000000 --- a/meta/recipes-core/expat/expat_2.6.3.bb +++ /dev/null @@ -1,33 +0,0 @@ -SUMMARY = "A stream-oriented XML parser library" -DESCRIPTION = "Expat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags)" -HOMEPAGE = "https://github.com/libexpat/libexpat" -SECTION = "libs" -LICENSE = "MIT" - -LIC_FILES_CHKSUM = "file://COPYING;md5=7b3b078238d0901d3b339289117cb7fb" - -VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" - -SRC_URI = "${GITHUB_BASE_URI}/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ - file://run-ptest \ - " - -GITHUB_BASE_URI = "https://github.com/libexpat/libexpat/releases/" -UPSTREAM_CHECK_REGEX = "releases/tag/R_(?P.+)" - -SRC_URI[sha256sum] = "b8baef92f328eebcf731f4d18103951c61fa8c8ec21d5ff4202fb6f2198aeb2d" - -EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" - -RDEPENDS:${PN}-ptest += "bash" - -inherit cmake lib_package ptest github-releases - -do_install_ptest:class-target() { - install -m 755 ${B}/tests/runtests* ${D}${PTEST_PATH} - install -m 755 ${B}/tests/benchmark/benchmark ${D}${PTEST_PATH} -} - -BBCLASSEXTEND += "native nativesdk" - -CVE_PRODUCT = "expat libexpat" diff --git a/meta/recipes-core/expat/expat_2.6.4.bb b/meta/recipes-core/expat/expat_2.6.4.bb new file mode 100644 index 0000000000..f383792793 --- /dev/null +++ b/meta/recipes-core/expat/expat_2.6.4.bb @@ -0,0 +1,33 @@ +SUMMARY = "A stream-oriented XML parser library" +DESCRIPTION = "Expat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags)" +HOMEPAGE = "https://github.com/libexpat/libexpat" +SECTION = "libs" +LICENSE = "MIT" + +LIC_FILES_CHKSUM = "file://COPYING;md5=7b3b078238d0901d3b339289117cb7fb" + +VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" + +SRC_URI = "${GITHUB_BASE_URI}/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ + file://run-ptest \ + " + +GITHUB_BASE_URI = "https://github.com/libexpat/libexpat/releases/" +UPSTREAM_CHECK_REGEX = "releases/tag/R_(?P.+)" + +SRC_URI[sha256sum] = "8dc480b796163d4436e6f1352e71800a774f73dbae213f1860b60607d2a83ada" + +EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" + +RDEPENDS:${PN}-ptest += "bash" + +inherit cmake lib_package ptest github-releases + +do_install_ptest:class-target() { + install -m 755 ${B}/tests/runtests* ${D}${PTEST_PATH} + install -m 755 ${B}/tests/benchmark/benchmark ${D}${PTEST_PATH} +} + +BBCLASSEXTEND += "native nativesdk" + +CVE_PRODUCT = "expat libexpat" -- cgit v1.2.3-54-g00ecf