From: Michael Olbrich <m.olbrich@pengutronix.de>
To: Christian Melki <christian.melki@t2data.com>
Cc: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH] expat: Version bump. 2.8.1 -> 2.8.2
Date: Fri, 3 Jul 2026 08:05:29 +0200 [thread overview]
Message-ID: <akdRKePwNpo1Bje1@pengutronix.de> (raw)
In-Reply-To: <20260630175907.3445622-1-christian.melki@t2data.com>
On Tue, Jun 30, 2026 at 07:59:07PM +0200, Christian Melki wrote:
> Security release.
> https://github.com/libexpat/libexpat/blob/R_2_8_2/expat/Changes
I already did this update myself.
Michael
>
> Plugs CVEs:
> CVE-2026-50219: Disallow calls to functions `XML_GetBuffer`, `XML_Parse`,
> `XML_ParseBuffer`, `XML_ParserFree`, `XML_ParserReset` to guard
> Expat bindings from memory corruption.
> CVE-2026-56131: Protect XML_ResumeParser from being called from a handler,
> plugging a hole in the fix to CVE-2026-50219
> CVE-2026-56132: Fix out-of-bound scaffolding index store in `doProlog`
> CVE-2026-56403: Integer overflow in `storeAtts`
> CVE-2026-56404: Integer overflow in `addBinding`
> CVE-2026-56405: Integer overflow in `getAttributeId`
> CVE-2026-56406: Integer overflow in `XML_ParseBuffer`
> CVE-2026-56407: Integer overflow in `textLen` handling
> CVE-2026-56408: Integer overflow in `copyString`
> CVE-2026-56409: xmlwf: Integer overflow in output path join
> CVE-2026-56410: xmlwf: Integer overflow in `resolveSystemId`
> CVE-2026-56411: xmlwf: Integer overflow in notation list allocation
> CVE-2026-56412: Guard XML_TOK_DATA_CHARS handler calls in `doCdataSection`,
> plugging a hole in the fix to CVE-2026-50219
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> ---
> rules/expat.make | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/rules/expat.make b/rules/expat.make
> index 411afc4eb..acf88b4d8 100644
> --- a/rules/expat.make
> +++ b/rules/expat.make
> @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_EXPAT) += expat
> #
> # Paths and names
> #
> -EXPAT_VERSION := 2.8.1
> -EXPAT_SHA256 := f5833dd2e1cd7739ec9182804a1a29c4f0cc7c2f26b633d3a2188b7766a88ecb
> +EXPAT_VERSION := 2.8.2
> +EXPAT_SHA256 := 69e7f52417d85b1c2b7fe855e176eec55d0b2d7d92d691372d833a1c7df7923b
> EXPAT := expat-$(EXPAT_VERSION)
> EXPAT_SUFFIX := tar.bz2
> EXPAT_RELEASE := R_$(subst .,_,$(EXPAT_VERSION))
> --
> 2.43.0
>
>
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
prev parent reply other threads:[~2026-07-03 6:05 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-30 17:59 Christian Melki
2026-07-03 6:05 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akdRKePwNpo1Bje1@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=christian.melki@t2data.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox