From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Sun, 10 Nov 2024 15:54:34 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tA9Kk-000F8C-2V for lore@lore.pengutronix.de; Sun, 10 Nov 2024 15:54:34 +0100 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1tA9Kk-0002rn-Bn; Sun, 10 Nov 2024 15:54:34 +0100 Received: from mail-db8eur05on2072e.outbound.protection.outlook.com ([2a01:111:f403:2614::72e] helo=EUR05-DB8-obe.outbound.protection.outlook.com) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tA9KQ-0002qq-CJ for ptxdist@pengutronix.de; Sun, 10 Nov 2024 15:54:15 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dlzlD0kDwNxu9d0BnihH70czu0mtnlpko5/h7LkAfRJNsa4TnzwCNvcPpkg28EdAbi16EDvV3EeNgsyLRi3kzmmyE1UtPgb6HlDjdrDCPE4H7V2uLz3S8D2SBS6fhvwiUL7XcawQDXKMepv8Bi8dALQBPnqjJRPmcWmKlnLolF5pS4zL0zDIICn8korZj4dLV31W+xVNz+ubjChj+kfJ3oED9zTyWB1b3hhejvNVoFmVIYEgmSJJTnO06Hc1a8Bw8MMFaMR6Y4ityini0lJdH3jsjvBGs6gid3h5H0v7Orxgfk1mzeGhSzpKyI9v6YkMpZPrORr9dKin66InjMbrcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NRdzBK3J0GfVIz9suMz6g7z+iPvkT6xbLWtQ+iFbYB0=; b=VPIx+6jXstHaR1i5SnCiWOcXYrUoXqUiOk429izzGORqJ2EKTkY06DYzAAh/liO5FeDF4ySPC7Auu41UM2/euNG/YMGP6nNjgavUEHvGdvQr9y+jcqcI/SVYuHxUkdEn4OVQEACojnIjbwiKzz+HWgjDPkYdnWd0aFgmUt6+STCX6akL0vN9ggPNqxn9xLq5fWHnwPEJKB0vjln+u2MUnTvZv9g7aKsO12uieP02IwXazi/BzViqkaY1vP7Brf7AM2dweqD8yiLzuRV0INtSCFAQiExM5qzvmAgVFx5Gbix3l2MMLBqzlONVtVjIOxL4mTkVzOJF63F9LfJ9CXAc8Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NRdzBK3J0GfVIz9suMz6g7z+iPvkT6xbLWtQ+iFbYB0=; b=OY0TCijF4WR9R6w23TyDVKp3IcphbYvOP6Sn/VCM0u7JjtGhSeeqFeGu/76ETXk8EvRfR76bCJIe45oCeFW8ke+VaJd9OWksC6sfAqeMJFKsyD7bN00d6O0fbMHtVKtRxmQYED7gr1mjNhYCOHJok4EPS2w2UTRhMf0/vTL0J4U= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by DB4P251MB0903.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:378::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8137.25; Sun, 10 Nov 2024 14:54:11 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::fe8d:f825:5b29:2903]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::fe8d:f825:5b29:2903%7]) with mapi id 15.20.8137.019; Sun, 10 Nov 2024 14:54:10 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Sun, 10 Nov 2024 15:53:56 +0100 Message-Id: <20241110145356.496832-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.34.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: GV3P280CA0059.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::12) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB9P251MB0618:EE_|DB4P251MB0903:EE_ X-MS-Office365-Filtering-Correlation-Id: df946673-9c17-446a-2e33-08dd01978902 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|376014|366016|1800799024|52116014|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?H07Go0St1rwySTYmGZkuJftTB/1fTo6tbtuwALokO80lce3OOKNqCDATohPr?= =?us-ascii?Q?Wr4weXCqw76Xsu/8/En+0fjr1Vx4dxX486j9JeCTu4XwVI7TLef2l7cQ/umL?= =?us-ascii?Q?d/Jb4iGVItr0VP0hi96RVchq2CaWM4CnfvS1n18I4Q0BR/VfVUqdrT1rK0YC?= =?us-ascii?Q?CwlgfrciLVvktNfoNaWmQ76yi7SyVff6e1WuvDGoAEPRzsCeAxd3UhM++Zzq?= =?us-ascii?Q?Jt53paayYjVnTuEdCPi5b7kzp31F+IRvxa2Xk4HrdY2C5PN1aQYOaQIG/ZtX?= =?us-ascii?Q?fbxYhLYGHOLiLvc4TzlBForfZqaldMXmz9KNZwEZlfGrP0n19g1WEmuoVp6h?= =?us-ascii?Q?l3ov2bRBNdyW5FkNrxLs34wdwN+XhiZmL0X2CfXj4qSze30QjPVeTCJ6Agj9?= =?us-ascii?Q?Lgamlr6c53hWfnrfNCOn/o2YiL/ECdERcN/Ks19gDVIVSwodkw+Hso87RHMm?= =?us-ascii?Q?x/kpoCIPSHdNXonpkBXIFG5hhD8plNCGrftRx4x+iiKzfp1zX0wzBhTbFW+n?= =?us-ascii?Q?73aP5VjmubjMdi/rSEsAtO3CvYgzJZkjJj3uJYCERoYzDXLqUQVk44P3C2po?= =?us-ascii?Q?BIk5rQWSmwuPYxPjWsvqcNJhMON2lLbSClvuwvYC9/CAP6pCM4NAR/e58boe?= =?us-ascii?Q?IBzTsBBQREqTHjKukW5ThlZgQIcxhnUWh5byX6MZDLiwasNSlYCDJCuyJUTm?= =?us-ascii?Q?ghzlpjNHXokGww/0JxmBOvv8wX2z5/nqxswLmeviyvOO1dEn/Pa9tOuHgRMy?= =?us-ascii?Q?pFDF6UoqU087LL05PUIvOfh09RyoN78qPFEwa37lIsSQGGndLIdELtTlZpNJ?= =?us-ascii?Q?CtGOJ20nspU1bvtZn231vUUP/rj1aGVxtl3ujp79FU5Go0+BYU052XyRCdyX?= =?us-ascii?Q?tl5Fr6oxDv0r1fQxgb5h/xJguxHhXzA/wzp3QPFq5OsH69txgYfIJI93q6rI?= =?us-ascii?Q?OsZ62zVMmRtmiaD6xP3Eq3Et82cr+dSU+oOXx0EoGSsHqzUtyPUQuRJdTkPv?= =?us-ascii?Q?mTv9qF7mm4TJakiNoTZ0rbKasCmnqZXONOj/aQ3TVPY4VJZsyXeNwAl4vjjY?= =?us-ascii?Q?hAaMiHRv3xyCVB8Oaf7VZQVmh0idQRYGfBDi7y92Q/Uh7MXOJnNTOZVALGWG?= =?us-ascii?Q?lJImcFDoW+barw6DWtoa3O9XCzS64xl/bl4AnL6QoV+4t/2oQrsO1kwOrXG7?= =?us-ascii?Q?4kjKnLxhbLEQImE00RisAf8LD34h/CibUEhfJzNYx3HDrR4LqlV7rfVwsa/b?= =?us-ascii?Q?z4jxf8XX6wTKdRZ3nRLtF0iTTRLpiwpd05BWeqniYjWc7bXSg87E3I88ZNIZ?= =?us-ascii?Q?zOcNcO4qp2b7hMwCv/07+n7wLVhY+04tIWlXEwN1kVTSdYzREVAwOEQDQM1k?= =?us-ascii?Q?14E9Uu/cNuGUQ/mCnWYLSPwL0/fK?= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230040)(376014)(366016)(1800799024)(52116014)(38350700014); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?4F9459xtf0DhWl9Xq6BNyWmukAoClrfN3VSeRAz6eyzwQL5XmMiVw+xrcWGu?= =?us-ascii?Q?EXqmRBXvt/f1WXKTClp03602XbKy2oXO6+ivjzI1yKuHjuZZUE8fbCGctugh?= =?us-ascii?Q?QyFF1if9aknSqOSuYkit6By3kKB7PeaxWqWfh8YSPC3SRdwkhnP/B1SICeM6?= =?us-ascii?Q?Oh4f/L3sPoyqj9KJTw0YiF03fkhBNhEA8xsiQzi7orGZgORFHa+1MR0Np35G?= =?us-ascii?Q?9o4/E7gbSbrp+NNWZ6+S6MtClWYWDtbdt4Z/IyuxP+z7XtvzhzKJ9vvj8Jwl?= =?us-ascii?Q?K6Du07FXYatN4L/rgtNNzjLbOJ5RP13tnUt8pT9HJNfsboWJz0p1xsA5x8SJ?= =?us-ascii?Q?P1Gdx7Y2UQhyxyfatVAe14X8Hj0WR/pTcu2QqoUpUcHVRklVoLbPLKVSdPo7?= =?us-ascii?Q?ADeE/h8YHnDGjkKNqspQzKuiMbUPFvAcxeBTgU9i9MXzp1DWylKBY70Sc/vt?= =?us-ascii?Q?P7ZsxP04qOWzUMiFA5kgf2ERv4RieA74Lh1PxwQ+r4HJNcqn4XoTzsVuqokm?= =?us-ascii?Q?cX/cXqQKhwyynIfp3ifrc4xE9NhCIZCIudAFpOc/pxYo7wppwzwh01a2qVoX?= =?us-ascii?Q?n4zsi68Bb71FGzCJ3PFteRmcWnUNxexKKP44n8TjOmiErv4HWBLbvD/DSaaY?= =?us-ascii?Q?m2P68w+WKk9Qjw7RgTdit4mASn7A36EI9PE8GMTN8r7xRvvAq6/tA7N0WcQK?= =?us-ascii?Q?UwatwqKTUYxACn5f6WYHpFJOco9wPuFZAEUHpwB59MTWXRGzxhKHyrmN9RTo?= =?us-ascii?Q?bjBpiQNJX5+aQKvKaV+aZD8FfqbuaHJX0KjsTB+gCivTqSFtXWDYN8CHeaX0?= =?us-ascii?Q?1DA5HRsje1tWNjqU7FIAnq19lhuJ//VadpzaAgCvSwDq0D4R0yDiS1/qDyAt?= =?us-ascii?Q?+9zCIIj6NB4DIs9mb56wvQgyHeOKSCGgCIIJS1hT0br+oD/o31TDcvlzvKDw?= =?us-ascii?Q?qrHJnZamCoSOpp0Tu5BBOXbNv2FSmIAKw+cd2oWrn1A1cAXVCQBTRvS+SJb1?= =?us-ascii?Q?ohCSeiGX7X7TE2L+L9R6ReevF/+zti8KP/qMMx/bZk+ETxOsKiHNVy+wZwGG?= =?us-ascii?Q?OBhXp+hdR6TEanMSuiGB4PpK3Sc+99l62zCx0MFKaBH5B0RKgB1NLPOKG2OP?= =?us-ascii?Q?07rUjkuJwUCbrD4gSkOdTF8hu5QeHR4/AD1qsN0krRbjYDD5IxJWb6X7CE8t?= =?us-ascii?Q?YF5BArl81E7C7FYmFEvUPqdnYJTfevbUzdbGiIkrbyY4G/qbDtvE4vwS8Ruq?= =?us-ascii?Q?i9BDsWK93g3KITSWIFt9Uh7qflp4kxU43OOWOsMW1wKZJ6i2Q5WdkTP28+//?= =?us-ascii?Q?c2LxWKXfjDnIAQzJNn9iR3BEXKG/a87bnmhX+jTw2DdSTj2/U3aUt5MWPmgH?= =?us-ascii?Q?noAJ0uYoT5fBGNktxi4zRjMB2rr0YeeFVkZEOezoM5ur5tdz1/ISB3T1Uk9U?= =?us-ascii?Q?gtYryfLyFxpn8GRABule0NiU5dmZn4PXE62nymSW5mpuNvIbC+MY4QJCrbZ6?= =?us-ascii?Q?4n7/Ogrh/ja7euXCc9WwIyUgxRH2+gtDgjYdu1ed/PceeMds6CFkHWIKx30Y?= =?us-ascii?Q?zf+KGqB9Uv/rIodNJqeqwGcNHbBNjhdQofFbNexwNPEZ56ZfJLKKyQgvC2+4?= =?us-ascii?Q?tA=3D=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: df946673-9c17-446a-2e33-08dd01978902 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Nov 2024 14:54:10.8821 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 9/qKgjr8p0LeU2afuvtCsAhy4t2BgLelqwa5nSMpQLrlIgKcYOkDTk59LE8Y+XXsScgVtKlawmtSYTkHREobqXhmt0j8x+yAyF6zB2kmKJ8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4P251MB0903 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH] expat: Version bump. 2.6.3 -> 2.6.4 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Minor changes. https://github.com/libexpat/libexpat/blob/R_2_6_4/expat/Changes Plugs CVE: CVE-2024-50602 - NULL pointer dereference in function XML_ResumeParser Signed-off-by: Christian Melki --- rules/expat.make | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules/expat.make b/rules/expat.make index 31afb8604..59fdd297f 100644 --- a/rules/expat.make +++ b/rules/expat.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_EXPAT) += expat # # Paths and names # -EXPAT_VERSION := 2.6.3 -EXPAT_MD5 := c70040a3f2743d9645cb029d3c9a7c89 +EXPAT_VERSION := 2.6.4 +EXPAT_MD5 := f1acfb75967648230d37629e02afbadc EXPAT := expat-$(EXPAT_VERSION) EXPAT_SUFFIX := tar.bz2 EXPAT_RELEASE := R_$(subst .,_,$(EXPAT_VERSION)) -- 2.34.1