From e2d43320ce28949dcb91841c3e16f2b6fb4a2271 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Thu, 17 Feb 2022 01:28:53 +0100 Subject: Changes: Document #558 #559 #560 --- expat/Changes | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/expat/Changes b/expat/Changes index 2a898778..4b951a07 100644 --- a/expat/Changes +++ b/expat/Changes @@ -19,11 +19,27 @@ Release X.X.X XXX XXXXXXX XX XXXX on such unexpectable cases are handled inside the XML processor; validation was not their job but Expat's. Exploits with code execution are known to exist. + #558 CVE-2022-25313 -- Fix stack exhaustion in doctype parsing + that could be triggered by e.g. a 2 megabytes + file with a large number of opening braces. + Expected impact is denial of service or potentially + arbitrary code execution. + #560 CVE-2022-25314 -- Fix integer overflow in function copyString; + only affects the encoding name parameter at parser creation + time which is often hardcoded (rather than user input), + takes a value in the gigabytes to trigger, and a 64-bit + machine. Expected impact is denial of service. + #559 CVE-2022-25315 -- Fix integer overflow in function storeRawNames; + needs input in the gigabytes and a 64-bit machine. + Expected impact is denial of service or potentially + arbitrary code execution. Special thanks to: Ivan Fratric + Samanta Navarro and Google Project Zero + JetBrains Release 2.4.4 Sun January 30 2022 Security fixes: -- cgit v1.2.1 From 748c618f7222f130b2ba39c3473460bbf6894b3a Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Fri, 18 Feb 2022 19:01:25 +0100 Subject: Bump version info from 9:4:8 to 9:5:8 See https://verbump.de/ for what these numbers do --- expat/CMakeLists.txt | 2 +- expat/Changes | 4 ++++ expat/configure.ac | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/expat/CMakeLists.txt b/expat/CMakeLists.txt index 23a8bb0f..68121fb8 100644 --- a/expat/CMakeLists.txt +++ b/expat/CMakeLists.txt @@ -408,7 +408,7 @@ if(EXPAT_WITH_LIBBSD) endif() set(LIBCURRENT 9) # sync -set(LIBREVISION 4) # with +set(LIBREVISION 5) # with set(LIBAGE 8) # configure.ac! math(EXPR LIBCURRENT_MINUS_AGE "${LIBCURRENT} - ${LIBAGE}") diff --git a/expat/Changes b/expat/Changes index 4b951a07..5f58cfae 100644 --- a/expat/Changes +++ b/expat/Changes @@ -34,6 +34,10 @@ Release X.X.X XXX XXXXXXX XX XXXX Expected impact is denial of service or potentially arbitrary code execution. + Other changes: + #557 #564 Version info bumped from 9:4:8 to 9:5:8; + see https://verbump.de/ for what these numbers do + Special thanks to: Ivan Fratric Samanta Navarro diff --git a/expat/configure.ac b/expat/configure.ac index a6573e81..2ccab028 100644 --- a/expat/configure.ac +++ b/expat/configure.ac @@ -82,7 +82,7 @@ dnl If the API changes incompatibly set LIBAGE back to 0 dnl LIBCURRENT=9 # sync -LIBREVISION=4 # with +LIBREVISION=5 # with LIBAGE=8 # CMakeLists.txt! AC_CONFIG_HEADERS([expat_config.h]) -- cgit v1.2.1 From fa379d65dd152b215819249e4eb550b5202e6ebc Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Fri, 18 Feb 2022 19:01:54 +0100 Subject: Bump version to 2.4.5 --- expat/CMake.README | 12 ++++++------ expat/CMakeLists.txt | 2 +- expat/README.md | 2 +- expat/doc/reference.html | 2 +- expat/lib/expat.h | 2 +- expat/lib/xmlparse.c | 2 +- expat/tests/runtests.c | 2 +- expat/win32/expat.iss | 2 +- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/expat/CMake.README b/expat/CMake.README index 586f5874..e61aed1c 100644 --- a/expat/CMake.README +++ b/expat/CMake.README @@ -3,25 +3,25 @@ The cmake based buildsystem for expat works on Windows (cygwin, mingw, Visual Studio) and should work on all other platform cmake supports. -Assuming ~/expat-2.4.4 is the source directory of expat, add a subdirectory +Assuming ~/expat-2.4.5 is the source directory of expat, add a subdirectory build and change into that directory: -~/expat-2.4.4$ mkdir build && cd build -~/expat-2.4.4/build$ +~/expat-2.4.5$ mkdir build && cd build +~/expat-2.4.5/build$ From that directory, call cmake first, then call make, make test and make install in the usual way: -~/expat-2.4.4/build$ cmake .. +~/expat-2.4.5/build$ cmake .. -- The C compiler identification is GNU -- The CXX compiler identification is GNU .... -- Configuring done -- Generating done --- Build files have been written to: /home/patrick/expat-2.4.4/build +-- Build files have been written to: /home/patrick/expat-2.4.5/build If you want to specify the install location for your files, append -DCMAKE_INSTALL_PREFIX=/your/install/path to the cmake call. -~/expat-2.4.4/build$ make && make test && make install +~/expat-2.4.5/build$ make && make test && make install Scanning dependencies of target expat [ 5%] Building C object CMakeFiles/expat.dir/lib/xmlparse.c.o [ 11%] Building C object CMakeFiles/expat.dir/lib/xmlrole.c.o diff --git a/expat/CMakeLists.txt b/expat/CMakeLists.txt index 68121fb8..5e339f99 100644 --- a/expat/CMakeLists.txt +++ b/expat/CMakeLists.txt @@ -64,7 +64,7 @@ endif() project(expat VERSION - 2.4.4 + 2.4.5 LANGUAGES C ) diff --git a/expat/README.md b/expat/README.md index 00e6cca2..469b1dd8 100644 --- a/expat/README.md +++ b/expat/README.md @@ -5,7 +5,7 @@ [![Downloads GitHub](https://img.shields.io/github/downloads/libexpat/libexpat/total?label=Downloads%20GitHub)](https://github.com/libexpat/libexpat/releases) -# Expat, Release 2.4.4 +# Expat, Release 2.4.5 This is Expat, a C library for parsing XML, started by [James Clark](https://en.wikipedia.org/wiki/James_Clark_%28programmer%29) in 1997. diff --git a/expat/doc/reference.html b/expat/doc/reference.html index fe09db32..ea8f7106 100644 --- a/expat/doc/reference.html +++ b/expat/doc/reference.html @@ -49,7 +49,7 @@

The Expat XML Parser - Release 2.4.4 + Release 2.4.5

diff --git a/expat/lib/expat.h b/expat/lib/expat.h index 4c5704fd..55e5131b 100644 --- a/expat/lib/expat.h +++ b/expat/lib/expat.h @@ -1041,7 +1041,7 @@ XML_SetBillionLaughsAttackProtectionActivationThreshold( */ #define XML_MAJOR_VERSION 2 #define XML_MINOR_VERSION 4 -#define XML_MICRO_VERSION 4 +#define XML_MICRO_VERSION 5 #ifdef __cplusplus } diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c index c98e2e9f..c479a258 100644 --- a/expat/lib/xmlparse.c +++ b/expat/lib/xmlparse.c @@ -1,4 +1,4 @@ -/* 2e2c8ce5f11a473d65ec313ab20ceee6afefb355f5405afc06e7204e2e41c8c0 (2.4.4+) +/* 042615face2b8727e23bb27cf4f56baa292a1f91df47c1bca8f09dff49067888 (2.4.5+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| diff --git a/expat/tests/runtests.c b/expat/tests/runtests.c index 9b155b82..2cd4acbe 100644 --- a/expat/tests/runtests.c +++ b/expat/tests/runtests.c @@ -7512,7 +7512,7 @@ START_TEST(test_misc_version) { fail("Version mismatch"); #if ! defined(XML_UNICODE) || defined(XML_UNICODE_WCHAR_T) - if (xcstrcmp(version_text, XCS("expat_2.4.4"))) /* needs bump on releases */ + if (xcstrcmp(version_text, XCS("expat_2.4.5"))) /* needs bump on releases */ fail("XML_*_VERSION in expat.h out of sync?\n"); #else /* If we have XML_UNICODE defined but not XML_UNICODE_WCHAR_T diff --git a/expat/win32/expat.iss b/expat/win32/expat.iss index e5e945b7..e04eaa52 100644 --- a/expat/win32/expat.iss +++ b/expat/win32/expat.iss @@ -36,7 +36,7 @@ ; OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE ; USE OR OTHER DEALINGS IN THE SOFTWARE. -#define expatVer "2.4.4" +#define expatVer "2.4.5" [Setup] AppName=Expat -- cgit v1.2.1 From fdbd69b12c60cd52a00db36288245a675aac4db3 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Fri, 18 Feb 2022 19:06:24 +0100 Subject: Sync file headers --- expat/doc/Makefile.am | 2 +- expat/lib/xmltok.c | 2 +- expat/lib/xmltok_impl.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/expat/doc/Makefile.am b/expat/doc/Makefile.am index dbcb0919..c3a3ce59 100644 --- a/expat/doc/Makefile.am +++ b/expat/doc/Makefile.am @@ -6,7 +6,7 @@ # \___/_/\_\ .__/ \__,_|\__| # |_| XML parser # -# Copyright (c) 2017-2021 Sebastian Pipping +# Copyright (c) 2017-2022 Sebastian Pipping # Copyright (c) 2017 Stephen Groat # Copyright (c) 2017 Joe Orton # Licensed under the MIT license: diff --git a/expat/lib/xmltok.c b/expat/lib/xmltok.c index 3bddf125..c659983b 100644 --- a/expat/lib/xmltok.c +++ b/expat/lib/xmltok.c @@ -12,7 +12,7 @@ Copyright (c) 2002 Greg Stein Copyright (c) 2002-2016 Karl Waclawek Copyright (c) 2005-2009 Steven Solie - Copyright (c) 2016-2021 Sebastian Pipping + Copyright (c) 2016-2022 Sebastian Pipping Copyright (c) 2016 Pascal Cuoq Copyright (c) 2016 Don Lewis Copyright (c) 2017 Rhodri James diff --git a/expat/lib/xmltok_impl.c b/expat/lib/xmltok_impl.c index 84ff35f9..4072b064 100644 --- a/expat/lib/xmltok_impl.c +++ b/expat/lib/xmltok_impl.c @@ -10,7 +10,7 @@ Copyright (c) 2000 Clark Cooper Copyright (c) 2002 Fred L. Drake, Jr. Copyright (c) 2002-2016 Karl Waclawek - Copyright (c) 2016-2021 Sebastian Pipping + Copyright (c) 2016-2022 Sebastian Pipping Copyright (c) 2017 Rhodri James Copyright (c) 2018 Benjamin Peterson Copyright (c) 2018 Anton Maklakov -- cgit v1.2.1 From bacd815ed0ce37225f894f75836e0dad8d5204c3 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Fri, 18 Feb 2022 19:07:55 +0100 Subject: Set expected release date for 2.4.5 --- expat/Changes | 2 +- expat/doc/xmlwf.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/expat/Changes b/expat/Changes index 5f58cfae..d122ac49 100644 --- a/expat/Changes +++ b/expat/Changes @@ -2,7 +2,7 @@ NOTE: We are looking for help with a few things: https://github.com/libexpat/libexpat/labels/help%20wanted If you can help, please get in touch. Thanks! -Release X.X.X XXX XXXXXXX XX XXXX +Release 2.4.5 Fri February 18 2022 Security fixes: #562 CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 sequences (e.g. from start tag names) to the XML diff --git a/expat/doc/xmlwf.xml b/expat/doc/xmlwf.xml index c68aa1d8..7772bc8b 100644 --- a/expat/doc/xmlwf.xml +++ b/expat/doc/xmlwf.xml @@ -21,7 +21,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ Scott"> Bronson"> - January 30, 2022"> + February 18, 2022"> 1"> bronson@rinspin.com"> -- cgit v1.2.1