Bug 285424 - textproc/expat2: Update to 2.7.0
Summary: textproc/expat2: Update to 2.7.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Daniel Engberg
URL: https://github.com/libexpat/libexpat/...
Keywords:
Depends on:
Blocks:
 
Reported: 2025-03-15 07:41 UTC by Daniel Engberg
Modified: 2025-03-24 19:54 UTC (History)
2 users (show)

See Also:
fluffy: maintainer-feedback+
antoine: exp-run+

Attachments
Patch for expat2 (1.26 KB, patch)
2025-03-15 07:41 UTC, Daniel Engberg 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Engberg freebsd_committer freebsd_triage 2025-03-15 07:41:46 UTC 
Created attachment 258681 [details]
Patch for expat2

Fixes CVE-2024-8176

Compile and runtime tested on FreeBSD 14.2-RELEASE (amd64) (make, make check-plist, make test)

Poudriere testport OK 13.4-RELEASE (amd64)
Poudriere testport OK 13.4-RELEASE (i386)
Poudriere testport OK 14.2-RELEASE (amd64)

Mini exp-run also looks fine on my end (14.2-RELEASE (amd64)
Comment 1 Daniel Engberg freebsd_committer freebsd_triage 2025-03-15 07:42:46 UTC 
Hi,

I'd like to request an exp-run

Best regards,
Daniel
Comment 2 Daniel Engberg freebsd_committer freebsd_triage 2025-03-22 07:09:48 UTC 
Friendly ping
Comment 3 Antoine Brodin freebsd_committer freebsd_triage 2025-03-23 08:24:04 UTC 
Exp-run looks fine
Comment 4 Dima Panov freebsd_committer freebsd_triage 2025-03-23 22:13:14 UTC 
LGTM
Comment 5 commit-hook freebsd_committer freebsd_triage 2025-03-24 19:46:13 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a627ba49b6691cb8baf545c0d9b841458fb00859

commit a627ba49b6691cb8baf545c0d9b841458fb00859
Author:     Daniel Engberg <diizzy@FreeBSD.org>
AuthorDate: 2025-03-23 22:41:39 +0000
Commit:     Daniel Engberg <diizzy@FreeBSD.org>
CommitDate: 2025-03-24 19:33:04 +0000

    textproc/expat2: Update to 2.7.0

    Fixes CVE-2024-8176

    Changelog:
    https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes

    PR:             285424
    Reviewed by:    desktop (fluffy)
    Exp-run by:     antoine

 textproc/expat2/Makefile  | 2 +-
 textproc/expat2/distinfo  | 6 +++---
 textproc/expat2/pkg-plist | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)
Comment 6 Daniel Engberg freebsd_committer freebsd_triage 2025-03-24 19:54:39 UTC 
Thanks!