Received: by mail.netbsd.org (Postfix, from userid 605)
	id 375C484E7B; Wed, 26 Oct 2022 10:37:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 64A0E84E64
	for <pkgsrc-changes@NetBSD.org>; Wed, 26 Oct 2022 10:37:48 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1])
	by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025)
	with ESMTP id 3BRjqJHZI2Oa for <pkgsrc-changes@netbsd.org>;
	Wed, 26 Oct 2022 10:37:47 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id BBA0684E61
	for <pkgsrc-changes@NetBSD.org>; Wed, 26 Oct 2022 10:37:47 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id AADD9FA90; Wed, 26 Oct 2022 10:37:47 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1666780667244590"
MIME-Version: 1.0
Date: Wed, 26 Oct 2022 10:37:47 +0000
From: "Thomas Klausner" <wiz@netbsd.org>
Subject: CVS commit: pkgsrc/textproc/expat
To: pkgsrc-changes@NetBSD.org
Reply-To: wiz@netbsd.org
X-Mailer: log_accum
Message-Id: <20221026103747.AADD9FA90@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1666780667244590
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	wiz
Date:		Wed Oct 26 10:37:47 UTC 2022

Modified Files:
	pkgsrc/textproc/expat: Makefile distinfo

Log Message:
expat: update to 2.5.0.

Release 2.5.0 Tue October 25 2022
        Security fixes:
  #616 #649 #650  CVE-2022-43680 -- Fix heap use-after-free after overeager
                    destruction of a shared DTD in function
                    XML_ExternalEntityParserCreate in out-of-memory situations.
                    Expected impact is denial of service or potentially
                    arbitrary code execution.

        Bug fixes:
       #612 #645  Fix curruption from undefined entities
       #613 #654  Fix case when parsing was suspended while processing nested
                    entities
  #616 #652 #653  Stop leaking opening tag bindings after a closing tag
                    mismatch error where a parser is reset through
                    XML_ParserReset and then reused to parse
            #656  CMake: Fix generation of pkg-config file
            #658  MinGW|CMake: Fix static library name

        Other changes:
            #663  Protect header expat_config.h from multiple inclusion
            #666  examples: Make use of XML_GetBuffer and be more
                    consistent across examples
            #648  Address compiler warnings
       #667 #668  Version info bumped from 9:9:8 to 9:10:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Jann Horn
            Mark Brand
            Osyotr
            Rhodri James
                 and
            Google Project Zero


To generate a diff of this commit:
cvs rdiff -u -r1.53 -r1.54 pkgsrc/textproc/expat/Makefile
cvs rdiff -u -r1.46 -r1.47 pkgsrc/textproc/expat/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1666780667244590
Content-Disposition: inline
Content-Length: 1509
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/textproc/expat/Makefile
diff -u pkgsrc/textproc/expat/Makefile:1.53 pkgsrc/textproc/expat/Makefile:1.54
--- pkgsrc/textproc/expat/Makefile:1.53	Wed Sep 21 10:52:51 2022
+++ pkgsrc/textproc/expat/Makefile	Wed Oct 26 10:37:47 2022
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.53 2022/09/21 10:52:51 wiz Exp $
+# $NetBSD: Makefile,v 1.54 2022/10/26 10:37:47 wiz Exp $
 
-DISTNAME=	expat-2.4.9
+DISTNAME=	expat-2.5.0
 CATEGORIES=	textproc
 MASTER_SITES=	${MASTER_SITE_GITHUB:=libexpat/}
 GITHUB_PROJECT=	libexpat

Index: pkgsrc/textproc/expat/distinfo
diff -u pkgsrc/textproc/expat/distinfo:1.46 pkgsrc/textproc/expat/distinfo:1.47
--- pkgsrc/textproc/expat/distinfo:1.46	Wed Sep 21 10:52:51 2022
+++ pkgsrc/textproc/expat/distinfo	Wed Oct 26 10:37:47 2022
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.46 2022/09/21 10:52:51 wiz Exp $
+$NetBSD: distinfo,v 1.47 2022/10/26 10:37:47 wiz Exp $
 
-BLAKE2s (expat-2.4.9.tar.gz) = c728e6b315553e54adc80a83ba188aeb785c85a9976f43cb5a4bbca676d778e1
-SHA512 (expat-2.4.9.tar.gz) = 1f30e4d363cc1753137d0f3f6b6267d91fc40412cabb463d06bff9268ee7d8f34c242f02948a3450d186c0502b5e5238894ff1990c4b9440c0f9398ccb29d066
-Size (expat-2.4.9.tar.gz) = 717049 bytes
+BLAKE2s (expat-2.5.0.tar.gz) = 2f284355b044c2f48b0066408c3333975e2748230afcfcd0c63cc872dc7f2c47
+SHA512 (expat-2.5.0.tar.gz) = f1ff7da5fafb47dcd6e0f0d892826aba6de76509c8497bc00382f1109ab8e2a93d396943dbb52216457044993a39d73728048adf650d8e83e28189edc7b78402
+Size (expat-2.5.0.tar.gz) = 719235 bytes


--_----------=_1666780667244590--