git: 1454ab40206b - main - textprox/expat2: update to 2.4.1 -- fixes CVE-2013-0340/CWE-776
Tobias C. Berner
tcberner at FreeBSD.org
Thu May 27 08:57:05 UTC 2021
The branch main has been updated by tcberner:
URL: https://cgit.FreeBSD.org/ports/commit/?id=1454ab40206b85f94edb6390e0d96c9716a07399
commit 1454ab40206b85f94edb6390e0d96c9716a07399
Author: Tobias C. Berner <tcberner at FreeBSD.org>
AuthorDate: 2021-05-24 14:38:28 +0000
Commit: Tobias C. Berner <tcberner at FreeBSD.org>
CommitDate: 2021-05-27 08:56:26 +0000
textprox/expat2: update to 2.4.1 -- fixes CVE-2013-0340/CWE-776
See [1] for details:
Expat 2.4.0 and follow-up release 2.4.1 have both been released earlier
today (21-05-23). Release 2.4.0 fixes long known security issue CVE-2013-0340 by
adding protection against so-called Billion Laughs Attacks, a form of
denial of service against applications accepting XML input, in all known
variations, including recent flavor Parameter Laughs.
[1] https://blog.hartwork.org/posts/cve-2013-0340-billion-laughs-fixed-in-expat-2-4-0
PR: 256121
Exp-run by: antoine
---
textproc/expat2/Makefile | 4 +++-
textproc/expat2/distinfo | 6 +++---
textproc/expat2/pkg-plist | 10 +++++-----
3 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/textproc/expat2/Makefile b/textproc/expat2/Makefile
index 69d0c38f232c..f24d6a60a027 100644
--- a/textproc/expat2/Makefile
+++ b/textproc/expat2/Makefile
@@ -1,7 +1,7 @@
# Created by: Dirk Froemberg <dirk at FreeBSD.org>
PORTNAME= expat
-DISTVERSION= 2.3.0
+DISTVERSION= 2.4.1
CATEGORIES= textproc
MASTER_SITES= https://github.com/libexpat/libexpat/releases/download/R_${DISTVERSION:S|.|_|g}/
@@ -30,6 +30,8 @@ SHEBANG_FILES= test-driver-wrapper.sh tests/udiffer.py tests/xmltest.sh
TEST_CONFIGURE_WITH= tests
TEST_TARGET= check
+PLIST_SUB= EXPAT_VERSION=${DISTVERSION}
+
post-install:
${INSTALL_MAN} ${WRKSRC}/doc/xmlwf.1 ${STAGEDIR}${MANPREFIX}/man/man1/
diff --git a/textproc/expat2/distinfo b/textproc/expat2/distinfo
index 96d40c66930f..5c679b618856 100644
--- a/textproc/expat2/distinfo
+++ b/textproc/expat2/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1616672812
-SHA256 (expat-2.3.0.tar.xz) = caa34f99b6e3bcea8502507eb6549a0a84510b244a748dfb287271b2d47467a9
-SIZE (expat-2.3.0.tar.xz) = 433508
+TIMESTAMP = 1621866901
+SHA256 (expat-2.4.1.tar.xz) = cf032d0dba9b928636548e32b327a2d66b1aab63c4f4a13dd132c2d1d2f2fb6a
+SIZE (expat-2.4.1.tar.xz) = 445024
diff --git a/textproc/expat2/pkg-plist b/textproc/expat2/pkg-plist
index 23469f8fae33..2e7b447c5e0f 100644
--- a/textproc/expat2/pkg-plist
+++ b/textproc/expat2/pkg-plist
@@ -2,14 +2,14 @@ bin/xmlwf
include/expat.h
include/expat_config.h
include/expat_external.h
-lib/cmake/expat-2.3.0/expat-config-version.cmake
-lib/cmake/expat-2.3.0/expat-config.cmake
-lib/cmake/expat-2.3.0/expat-noconfig.cmake
-lib/cmake/expat-2.3.0/expat.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-config-version.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-config.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-noconfig.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat.cmake
%%STATIC%%lib/libexpat.a
lib/libexpat.so
lib/libexpat.so.1
-lib/libexpat.so.1.7.0
+lib/libexpat.so.1.8.1
libdata/pkgconfig/expat.pc
man/man1/xmlwf.1.gz
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
More information about the dev-commits-ports-all
mailing list