From: "Yoann Congal" <yoann.congal@smile.fr>
To: <peter.marko@siemens.com>, <openembedded-core@lists.openembedded.org>
Subject: Re: [OE-core][PATCH] expat: upgrade 2.7.3 -> 2.7.4
Date: Wed, 04 Feb 2026 15:01:11 +0100 [thread overview]
Message-ID: <DG68DI3DMUCL.11DNWKJV5TK6S@smile.fr> (raw)
In-Reply-To: <20260131145306.3770983-1-peter.marko@siemens.com>
On Sat Jan 31, 2026 at 3:53 PM CET, Peter Marko via lists.openembedded.org wrote:
> From: Peter Marko <peter.marko@siemens.com>
>
> Changelog [1]:
> Security fixes:
> #1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
> failed to copy the encoding handler data passed to
> XML_SetUnknownEncodingHandler from the parent to the new
> subparser. This can cause a NULL dereference (CWE-476) from
> external entities that declare use of an unknown encoding.
> The expected impact is denial of service. It takes use of
> both functions XML_ExternalEntityParserCreate and
> XML_SetUnknownEncodingHandler for an application to be
> vulnerable.
> #1075 CVE-2026-25210 -- Add missing check for integer overflow
> related to buffer size determination in function doContent
>
> Bug fixes:
> #1073 lib: Fix missing undoing of group size expansion in doProlog
> failure cases
> #1107 xmlwf: Fix a memory leak
> #1104 WASI: Fix format specifiers for 32bit WASI SDK
>
> Other changes:
> #1105 lib: Fix strict aliasing
> #1106 lib: Leverage feature "flexible array member" of C99
> #1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX
> #1109 lib|xmlwf: Return NULL instead of 0 for pointers
> #1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC
> #1112 lib: Remove unused import
> #1110 xmlwf: Warn about XXE in --help output (and man page)
> #1102 #1103 WASI: Stop using getpid
>
> ... and additional docs/autotools/cmake/infrastructure changes
>
> [1] https://github.com/libexpat/libexpat/blob/R_2_7_4/expat/Changes
>
> Signed-off-by: Peter Marko <peter.marko@siemens.com>
> ---
> meta/recipes-core/expat/{expat_2.7.3.bb => expat_2.7.4.bb} | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> rename meta/recipes-core/expat/{expat_2.7.3.bb => expat_2.7.4.bb} (92%)
Note to the master review team: I have related CVE fixing patches queued
for whinlatter and scarthgap.
This patch is currently in contrib/mathieu/master-next-success.
--
Yoann Congal
Smile ECS
prev parent reply other threads:[~2026-02-04 14:01 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-31 14:53 [OE-core][PATCH] expat: upgrade 2.7.3 -> 2.7.4 Peter Marko
2026-02-04 14:01 ` Yoann Congal [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DG68DI3DMUCL.11DNWKJV5TK6S@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
--cc=peter.marko@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox