npm - @cpp.js/package-expat - Versions diffs - 1.0.0-beta.20 → 1.0.0-beta.22 - Mend

@cpp.js/package-expat 1.0.0-beta.20 → 1.0.0-beta.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/README.md CHANGED Viewed

@@ -4,6 +4,9 @@
 <a href="https://www.npmjs.com/package/@cpp.js/package-expat">
     <img alt="NPM version" src="https://img.shields.io/npm/v/@cpp.js/package-expat?style=for-the-badge" />
 </a>
+<a href="https://github.com/libexpat/libexpat">
+    <img src="https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Funpkg.com%2F%40cpp.js%2Fpackage-expat%2Fpackage.json&query=%24.nativeVersion&style=for-the-badge&label=Expat" />
+</a>
 <a href="https://github.com/libexpat/libexpat/blob/master/COPYING">
     <img alt="License" src="https://img.shields.io/npm/l/%40cpp.js%2Fpackage-expat?style=for-the-badge" />
 </a>

package/cppjs-package-expat.podspec CHANGED Viewed

@@ -3,7 +3,7 @@ package = JSON.parse(File.read(File.join(__dir__, "package.json")))
 Pod::Spec.new do |s|
   s.module_name  = "expat"
-  s.name         = package["name"]
+  s.name         = "cppjs-package-expat"
   s.version      = package["nativeVersion"]
   s.summary      = "Fast streaming XML parser"
   s.homepage     = "https://github.com/libexpat/libexpat"

package/dist/prebuilt/Android-arm64-v8a/include/expat.h CHANGED Viewed

@@ -130,7 +130,9 @@ enum XML_Error {
   /* Added in 2.3.0. */
   XML_ERROR_NO_BUFFER,
   /* Added in 2.4.0. */
-  XML_ERROR_AMPLIFICATION_LIMIT_BREACH
+  XML_ERROR_AMPLIFICATION_LIMIT_BREACH,
+  /* Added in 2.6.4. */
+  XML_ERROR_NOT_STARTED,
 };
 enum XML_Content_Type {
@@ -1066,7 +1068,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 */
 #define XML_MAJOR_VERSION 2
 #define XML_MINOR_VERSION 6
-#define XML_MICRO_VERSION 2
+#define XML_MICRO_VERSION 4
 #ifdef __cplusplus
 }

package/dist/prebuilt/Android-arm64-v8a/include/expat_config.h CHANGED Viewed

@@ -83,7 +83,7 @@
 #define PACKAGE_NAME "expat"
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "expat 2.6.2"
+#define PACKAGE_STRING "expat 2.6.4"
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "expat"
@@ -92,7 +92,7 @@
 #define PACKAGE_URL ""
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "2.6.2"
+#define PACKAGE_VERSION "2.6.4"
 /* Define to 1 if all of the C90 standard headers exist (not just the ones
    required in a freestanding environment). This macro is provided for
@@ -100,7 +100,7 @@
 #define STDC_HEADERS 1
 /* Version number of package */
-#define VERSION "2.6.2"
+#define VERSION "2.6.4"
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
@@ -140,7 +140,4 @@
 /* Define to `long int' if <sys/types.h> does not define. */
 /* #undef off_t */
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
 #endif // ndef EXPAT_CONFIG_H

package/dist/prebuilt/Android-arm64-v8a/lib/cmake/{expat-2.6.2 → expat-2.6.4}/expat-config-version.cmake RENAMED Viewed

@@ -9,19 +9,19 @@
 # The variable CVF_VERSION must be set before calling configure_file().
-set(PACKAGE_VERSION "2.6.2")
+set(PACKAGE_VERSION "2.6.4")
 if(PACKAGE_VERSION VERSION_LESS PACKAGE_FIND_VERSION)
   set(PACKAGE_VERSION_COMPATIBLE FALSE)
 else()
-  if("2.6.2" MATCHES "^([0-9]+)\\.")
+  if("2.6.4" MATCHES "^([0-9]+)\\.")
     set(CVF_VERSION_MAJOR "${CMAKE_MATCH_1}")
     if(NOT CVF_VERSION_MAJOR VERSION_EQUAL 0)
       string(REGEX REPLACE "^0+" "" CVF_VERSION_MAJOR "${CVF_VERSION_MAJOR}")
     endif()
   else()
-    set(CVF_VERSION_MAJOR "2.6.2")
+    set(CVF_VERSION_MAJOR "2.6.4")
   endif()
   if(PACKAGE_FIND_VERSION_RANGE)

package/dist/prebuilt/{Emscripten-x86_64/lib/cmake/expat-2.6.2 → Android-arm64-v8a/lib/cmake/expat-2.6.4}/expat-noconfig.cmake RENAMED Viewed

@@ -8,12 +8,12 @@ set(CMAKE_IMPORT_FILE_VERSION 1)
 # Import target "expat::expat" for configuration "NoConfig"
 set_property(TARGET expat::expat APPEND PROPERTY IMPORTED_CONFIGURATIONS NOCONFIG)
 set_target_properties(expat::expat PROPERTIES
-  IMPORTED_LOCATION_NOCONFIG "${_IMPORT_PREFIX}/lib/libexpat.so.1.9.2"
+  IMPORTED_LOCATION_NOCONFIG "${_IMPORT_PREFIX}/lib/libexpat.so.1.10.0"
   IMPORTED_SONAME_NOCONFIG "libexpat.so.1"
   )
 list(APPEND _cmake_import_check_targets expat::expat )
-list(APPEND _cmake_import_check_files_for_expat::expat "${_IMPORT_PREFIX}/lib/libexpat.so.1.9.2" )
+list(APPEND _cmake_import_check_files_for_expat::expat "${_IMPORT_PREFIX}/lib/libexpat.so.1.10.0" )
 # Commands beyond this point should not need to know the version.
 set(CMAKE_IMPORT_FILE_VERSION)

package/dist/prebuilt/{iOS-iphoneos/lib/cmake/expat-2.6.2 → Android-arm64-v8a/lib/cmake/expat-2.6.4}/expat.cmake RENAMED Viewed

@@ -3,11 +3,11 @@
 if("${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION}" LESS 2.8)
    message(FATAL_ERROR "CMake >= 2.8.0 required")
 endif()
-if(CMAKE_VERSION VERSION_LESS "2.8.3")
-   message(FATAL_ERROR "CMake >= 2.8.3 required")
+if(CMAKE_VERSION VERSION_LESS "2.8.12")
+   message(FATAL_ERROR "CMake >= 2.8.12 required")
 endif()
 cmake_policy(PUSH)
-cmake_policy(VERSION 2.8.3...3.26)
+cmake_policy(VERSION 2.8.12...3.28)
 #----------------------------------------------------------------
 # Generated CMake target import file.
 #----------------------------------------------------------------
@@ -63,10 +63,6 @@ set_target_properties(expat::expat PROPERTIES
   INTERFACE_LINK_LIBRARIES "m"
 )
-if(CMAKE_VERSION VERSION_LESS 2.8.12)
-  message(FATAL_ERROR "This file relies on consumers using CMake 2.8.12 or greater.")
-endif()
 # Load information for each installed configuration.
 file(GLOB _cmake_config_files "${CMAKE_CURRENT_LIST_DIR}/expat-*.cmake")
 foreach(_cmake_config_file IN LISTS _cmake_config_files)
@@ -80,9 +76,12 @@ set(_IMPORT_PREFIX)
 # Loop over all imported files and verify that they actually exist
 foreach(_cmake_target IN LISTS _cmake_import_check_targets)
-  foreach(_cmake_file IN LISTS "_cmake_import_check_files_for_${_cmake_target}")
-    if(NOT EXISTS "${_cmake_file}")
-      message(FATAL_ERROR "The imported target \"${_cmake_target}\" references the file
+  if(CMAKE_VERSION VERSION_LESS "3.28"
+      OR NOT DEFINED _cmake_import_check_xcframework_for_${_cmake_target}
+      OR NOT IS_DIRECTORY "${_cmake_import_check_xcframework_for_${_cmake_target}}")
+    foreach(_cmake_file IN LISTS "_cmake_import_check_files_for_${_cmake_target}")
+      if(NOT EXISTS "${_cmake_file}")
+        message(FATAL_ERROR "The imported target \"${_cmake_target}\" references the file
    \"${_cmake_file}\"
 but this file does not exist.  Possible reasons include:
 * The file was deleted, renamed, or moved to another location.
@@ -91,8 +90,9 @@ but this file does not exist.  Possible reasons include:
    \"${CMAKE_CURRENT_LIST_FILE}\"
 but not all the files it references.
 ")
-    endif()
-  endforeach()
+      endif()
+    endforeach()
+  endif()
   unset(_cmake_file)
   unset("_cmake_import_check_files_for_${_cmake_target}")
 endforeach()

package/dist/prebuilt/Android-arm64-v8a/lib/libexpat.la CHANGED Viewed

@@ -1,5 +1,5 @@
 # libexpat.la - a libtool library file
-# Generated by libtool (GNU libtool) 2.4.7
+# Generated by libtool (GNU libtool) 2.5.3
 #
 # Please DO NOT delete this file!
 # It is necessary for linking the library.
@@ -8,7 +8,7 @@
 dlname='libexpat.so'
 # Names of this library.
-library_names='libexpat.so'
+library_names='libexpat.so libexpat.so'
 # The name of the static archive.
 old_library=''
@@ -23,9 +23,9 @@ dependency_libs=' -lm'
 weak_library_names=''
 # Version information for libexpat.
-current=10
-age=9
-revision=2
+current=11
+age=10
+revision=0
 # Is this an already installed library?
 installed=yes

package/dist/prebuilt/Android-arm64-v8a/lib/libexpat.so CHANGED Viewed

Binary file

package/dist/prebuilt/Android-arm64-v8a/lib/pkgconfig/expat.pc CHANGED Viewed

@@ -4,7 +4,7 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 Name: expat
-Version: 2.6.2
+Version: 2.6.4
 Description: expat XML parser
 URL: https://libexpat.github.io/
 Libs: -L${libdir} -lexpat

package/dist/prebuilt/Android-arm64-v8a/share/doc/expat/changelog CHANGED Viewed

@@ -30,6 +30,91 @@
 !! THANK YOU!                        Sebastian Pipping -- Berlin, 2024-03-09 !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+Release 2.6.4 Wed November 6 2024
+        Security fixes:
+            #915  CVE-2024-50602 -- Fix crash within function XML_ResumeParser
+                    from a NULL pointer dereference by disallowing function
+                    XML_StopParser to (stop or) suspend an unstarted parser.
+                    A new error code XML_ERROR_NOT_STARTED was introduced to
+                    properly communicate this situation.  // CWE-476 CWE-754
+        Other changes:
+            #903  CMake: Add alias target "expat::expat"
+            #905  docs: Document use via CMake >=3.18 with FetchContent
+                    and SOURCE_SUBDIR and its consequences
+            #902  tests: Reduce use of global parser instance
+            #904  tests: Resolve duplicate handler
+       #317 #918  tests: Improve tests on doctype closing (ex CVE-2019-15903)
+            #914  Fix signedness of format strings
+       #919 #920  Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
+                    to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
+                    for what these numbers do
+        Infrastructure:
+            #907  CI: Upgrade Clang from 18 to 19
+            #913  CI: Drop macos-12 and add macos-15
+            #910  CI: Adapt to breaking changes in GitHub Actions
+            #898  Add missing entries to .gitignore
+        Special thanks to:
+            Hanno Böck
+            José Eduardo Gutiérrez Conejo
+            José Ricardo Cardona Quesada
+Release 2.6.3 Wed September 4 2024
+        Security fixes:
+       #887 #890  CVE-2024-45490 -- Calling function XML_ParseBuffer with
+                    len < 0 without noticing and then calling XML_GetBuffer
+                    will have XML_ParseBuffer fail to recognize the problem
+                    and XML_GetBuffer corrupt memory.
+                    With the fix, XML_ParseBuffer now complains with error
+                    XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
+                    has been doing since Expat 2.2.1, and now documented.
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+       #888 #891  CVE-2024-45491 -- Internal function dtdCopy can have an
+                    integer overflow for nDefaultAtts on 32-bit platforms
+                    (where UINT_MAX equals SIZE_MAX).
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+       #889 #892  CVE-2024-45492 -- Internal function nextScaffoldPart can
+                    have an integer overflow for m_groupSize on 32-bit
+                    platforms (where UINT_MAX equals SIZE_MAX).
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+        Other changes:
+       #851 #879  Autotools: Sync CMake templates with CMake 3.28
+            #853  Autotools: Always provide path to find(1) for portability
+            #861  Autotools: Ensure that the m4 directory always exists.
+            #870  Autotools: Simplify handling of SIZEOF_VOID_P
+            #869  Autotools: Support non-GNU sed
+            #856  Autotools|CMake: Fix main() to main(void)
+            #865  Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
+            #863  Autotools|CMake: Stop requiring dos2unix
+       #854 #855  CMake: Fix check for symbols size_t and off_t
+            #864  docs|tests: Convert README to Markdown and update
+            #741  Windows: Drop support for Visual Studio <=15.0/2017
+            #886  Drop needless XML_DTD guards around is_param access
+            #885  Fix typo in a code comment
+       #894 #896  Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
+                    to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
+                    for what these numbers do
+        Infrastructure:
+            #880  Readme: Promote the call for help
+            #868  CI: Fix various issues
+            #849  CI: Allow triggering GitHub Actions workflows manually
+    #851 #872 ..
+       #873 #879  CI: Adapt to breaking changes in GitHub Actions
+        Special thanks to:
+            Alexander Bluhm
+            Berkay Eren Ürün
+            Dag-Erling Smørgrav
+            Ferenc Géczi
+            TaiYou
 Release 2.6.2 Wed March 13 2024
         Security fixes:
        #839 #842  CVE-2024-28757 -- Prevent billion laughs attacks with

package/dist/prebuilt/CMakeLists.txt CHANGED Viewed

@@ -9,7 +9,7 @@ if(ANDROID)
     set(PACKAGE_DIR "${PROJECT_SOURCE_DIR}/${PACKAGE_HOST}/lib")
 elseif(APPLE)
     if (CMAKE_SYSTEM_NAME STREQUAL "iOS")
-        set(PACKAGE_DIR "${PROJECT_SOURCE_DIR}")
+        set(PACKAGE_DIR "${PROJECT_SOURCE_DIR}/../..")
     else()
         set(PACKAGE_HOST "${CMAKE_SYSTEM_NAME}-${CMAKE_HOST_SYSTEM_PROCESSOR}")
         set(PACKAGE_DIR "${PROJECT_SOURCE_DIR}/${PACKAGE_HOST}/lib")

package/dist/prebuilt/Emscripten-x86_64/include/expat.h CHANGED Viewed

@@ -130,7 +130,9 @@ enum XML_Error {
   /* Added in 2.3.0. */
   XML_ERROR_NO_BUFFER,
   /* Added in 2.4.0. */
-  XML_ERROR_AMPLIFICATION_LIMIT_BREACH
+  XML_ERROR_AMPLIFICATION_LIMIT_BREACH,
+  /* Added in 2.6.4. */
+  XML_ERROR_NOT_STARTED,
 };
 enum XML_Content_Type {
@@ -1066,7 +1068,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 */
 #define XML_MAJOR_VERSION 2
 #define XML_MINOR_VERSION 6
-#define XML_MICRO_VERSION 2
+#define XML_MICRO_VERSION 4
 #ifdef __cplusplus
 }

package/dist/prebuilt/Emscripten-x86_64/include/expat_config.h CHANGED Viewed

@@ -83,7 +83,7 @@
 #define PACKAGE_NAME "expat"
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "expat 2.6.2"
+#define PACKAGE_STRING "expat 2.6.4"
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "expat"
@@ -92,7 +92,7 @@
 #define PACKAGE_URL ""
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "2.6.2"
+#define PACKAGE_VERSION "2.6.4"
 /* Define to 1 if all of the C90 standard headers exist (not just the ones
    required in a freestanding environment). This macro is provided for
@@ -100,7 +100,7 @@
 #define STDC_HEADERS 1
 /* Version number of package */
-#define VERSION "2.6.2"
+#define VERSION "2.6.4"
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
@@ -140,7 +140,4 @@
 /* Define to `long int' if <sys/types.h> does not define. */
 /* #undef off_t */
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
 #endif // ndef EXPAT_CONFIG_H

package/dist/prebuilt/Emscripten-x86_64/lib/cmake/{expat-2.6.2 → expat-2.6.4}/expat-config-version.cmake RENAMED Viewed

@@ -9,19 +9,19 @@
 # The variable CVF_VERSION must be set before calling configure_file().
-set(PACKAGE_VERSION "2.6.2")
+set(PACKAGE_VERSION "2.6.4")
 if(PACKAGE_VERSION VERSION_LESS PACKAGE_FIND_VERSION)
   set(PACKAGE_VERSION_COMPATIBLE FALSE)
 else()
-  if("2.6.2" MATCHES "^([0-9]+)\\.")
+  if("2.6.4" MATCHES "^([0-9]+)\\.")
     set(CVF_VERSION_MAJOR "${CMAKE_MATCH_1}")
     if(NOT CVF_VERSION_MAJOR VERSION_EQUAL 0)
       string(REGEX REPLACE "^0+" "" CVF_VERSION_MAJOR "${CVF_VERSION_MAJOR}")
     endif()
   else()
-    set(CVF_VERSION_MAJOR "2.6.2")
+    set(CVF_VERSION_MAJOR "2.6.4")
   endif()
   if(PACKAGE_FIND_VERSION_RANGE)

package/dist/prebuilt/{Android-arm64-v8a/lib/cmake/expat-2.6.2 → Emscripten-x86_64/lib/cmake/expat-2.6.4}/expat-noconfig.cmake RENAMED Viewed

@@ -8,12 +8,12 @@ set(CMAKE_IMPORT_FILE_VERSION 1)
 # Import target "expat::expat" for configuration "NoConfig"
 set_property(TARGET expat::expat APPEND PROPERTY IMPORTED_CONFIGURATIONS NOCONFIG)
 set_target_properties(expat::expat PROPERTIES
-  IMPORTED_LOCATION_NOCONFIG "${_IMPORT_PREFIX}/lib/libexpat.so.1.9.2"
+  IMPORTED_LOCATION_NOCONFIG "${_IMPORT_PREFIX}/lib/libexpat.so.1.10.0"
   IMPORTED_SONAME_NOCONFIG "libexpat.so.1"
   )
 list(APPEND _cmake_import_check_targets expat::expat )
-list(APPEND _cmake_import_check_files_for_expat::expat "${_IMPORT_PREFIX}/lib/libexpat.so.1.9.2" )
+list(APPEND _cmake_import_check_files_for_expat::expat "${_IMPORT_PREFIX}/lib/libexpat.so.1.10.0" )
 # Commands beyond this point should not need to know the version.
 set(CMAKE_IMPORT_FILE_VERSION)

package/dist/prebuilt/Emscripten-x86_64/lib/cmake/{expat-2.6.2 → expat-2.6.4}/expat.cmake RENAMED Viewed

@@ -3,11 +3,11 @@
 if("${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION}" LESS 2.8)
    message(FATAL_ERROR "CMake >= 2.8.0 required")
 endif()
-if(CMAKE_VERSION VERSION_LESS "2.8.3")
-   message(FATAL_ERROR "CMake >= 2.8.3 required")
+if(CMAKE_VERSION VERSION_LESS "2.8.12")
+   message(FATAL_ERROR "CMake >= 2.8.12 required")
 endif()
 cmake_policy(PUSH)
-cmake_policy(VERSION 2.8.3...3.26)
+cmake_policy(VERSION 2.8.12...3.28)
 #----------------------------------------------------------------
 # Generated CMake target import file.
 #----------------------------------------------------------------
@@ -63,10 +63,6 @@ set_target_properties(expat::expat PROPERTIES
   INTERFACE_LINK_LIBRARIES "m"
 )
-if(CMAKE_VERSION VERSION_LESS 2.8.12)
-  message(FATAL_ERROR "This file relies on consumers using CMake 2.8.12 or greater.")
-endif()
 # Load information for each installed configuration.
 file(GLOB _cmake_config_files "${CMAKE_CURRENT_LIST_DIR}/expat-*.cmake")
 foreach(_cmake_config_file IN LISTS _cmake_config_files)
@@ -80,9 +76,12 @@ set(_IMPORT_PREFIX)
 # Loop over all imported files and verify that they actually exist
 foreach(_cmake_target IN LISTS _cmake_import_check_targets)
-  foreach(_cmake_file IN LISTS "_cmake_import_check_files_for_${_cmake_target}")
-    if(NOT EXISTS "${_cmake_file}")
-      message(FATAL_ERROR "The imported target \"${_cmake_target}\" references the file
+  if(CMAKE_VERSION VERSION_LESS "3.28"
+      OR NOT DEFINED _cmake_import_check_xcframework_for_${_cmake_target}
+      OR NOT IS_DIRECTORY "${_cmake_import_check_xcframework_for_${_cmake_target}}")
+    foreach(_cmake_file IN LISTS "_cmake_import_check_files_for_${_cmake_target}")
+      if(NOT EXISTS "${_cmake_file}")
+        message(FATAL_ERROR "The imported target \"${_cmake_target}\" references the file
    \"${_cmake_file}\"
 but this file does not exist.  Possible reasons include:
 * The file was deleted, renamed, or moved to another location.
@@ -91,8 +90,9 @@ but this file does not exist.  Possible reasons include:
    \"${CMAKE_CURRENT_LIST_FILE}\"
 but not all the files it references.
 ")
-    endif()
-  endforeach()
+      endif()
+    endforeach()
+  endif()
   unset(_cmake_file)
   unset("_cmake_import_check_files_for_${_cmake_target}")
 endforeach()

package/dist/prebuilt/Emscripten-x86_64/lib/libexpat.a CHANGED Viewed

Binary file

package/dist/prebuilt/Emscripten-x86_64/lib/libexpat.la CHANGED Viewed

@@ -1,5 +1,5 @@
 # libexpat.la - a libtool library file
-# Generated by libtool (GNU libtool) 2.4.7
+# Generated by libtool (GNU libtool) 2.5.3
 #
 # Please DO NOT delete this file!
 # It is necessary for linking the library.
@@ -23,9 +23,9 @@ dependency_libs=' -lm'
 weak_library_names=''
 # Version information for libexpat.
-current=10
-age=9
-revision=2
+current=11
+age=10
+revision=0
 # Is this an already installed library?
 installed=yes

package/dist/prebuilt/Emscripten-x86_64/lib/pkgconfig/expat.pc CHANGED Viewed

@@ -4,7 +4,7 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 Name: expat
-Version: 2.6.2
+Version: 2.6.4
 Description: expat XML parser
 URL: https://libexpat.github.io/
 Libs: -L${libdir} -lexpat

package/dist/prebuilt/Emscripten-x86_64/share/doc/expat/changelog CHANGED Viewed

@@ -30,6 +30,91 @@
 !! THANK YOU!                        Sebastian Pipping -- Berlin, 2024-03-09 !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+Release 2.6.4 Wed November 6 2024
+        Security fixes:
+            #915  CVE-2024-50602 -- Fix crash within function XML_ResumeParser
+                    from a NULL pointer dereference by disallowing function
+                    XML_StopParser to (stop or) suspend an unstarted parser.
+                    A new error code XML_ERROR_NOT_STARTED was introduced to
+                    properly communicate this situation.  // CWE-476 CWE-754
+        Other changes:
+            #903  CMake: Add alias target "expat::expat"
+            #905  docs: Document use via CMake >=3.18 with FetchContent
+                    and SOURCE_SUBDIR and its consequences
+            #902  tests: Reduce use of global parser instance
+            #904  tests: Resolve duplicate handler
+       #317 #918  tests: Improve tests on doctype closing (ex CVE-2019-15903)
+            #914  Fix signedness of format strings
+       #919 #920  Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
+                    to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
+                    for what these numbers do
+        Infrastructure:
+            #907  CI: Upgrade Clang from 18 to 19
+            #913  CI: Drop macos-12 and add macos-15
+            #910  CI: Adapt to breaking changes in GitHub Actions
+            #898  Add missing entries to .gitignore
+        Special thanks to:
+            Hanno Böck
+            José Eduardo Gutiérrez Conejo
+            José Ricardo Cardona Quesada
+Release 2.6.3 Wed September 4 2024
+        Security fixes:
+       #887 #890  CVE-2024-45490 -- Calling function XML_ParseBuffer with
+                    len < 0 without noticing and then calling XML_GetBuffer
+                    will have XML_ParseBuffer fail to recognize the problem
+                    and XML_GetBuffer corrupt memory.
+                    With the fix, XML_ParseBuffer now complains with error
+                    XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
+                    has been doing since Expat 2.2.1, and now documented.
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+       #888 #891  CVE-2024-45491 -- Internal function dtdCopy can have an
+                    integer overflow for nDefaultAtts on 32-bit platforms
+                    (where UINT_MAX equals SIZE_MAX).
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+       #889 #892  CVE-2024-45492 -- Internal function nextScaffoldPart can
+                    have an integer overflow for m_groupSize on 32-bit
+                    platforms (where UINT_MAX equals SIZE_MAX).
+                    Impact is denial of service to potentially artitrary code
+                    execution.
+        Other changes:
+       #851 #879  Autotools: Sync CMake templates with CMake 3.28
+            #853  Autotools: Always provide path to find(1) for portability
+            #861  Autotools: Ensure that the m4 directory always exists.
+            #870  Autotools: Simplify handling of SIZEOF_VOID_P
+            #869  Autotools: Support non-GNU sed
+            #856  Autotools|CMake: Fix main() to main(void)
+            #865  Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
+            #863  Autotools|CMake: Stop requiring dos2unix
+       #854 #855  CMake: Fix check for symbols size_t and off_t
+            #864  docs|tests: Convert README to Markdown and update
+            #741  Windows: Drop support for Visual Studio <=15.0/2017
+            #886  Drop needless XML_DTD guards around is_param access
+            #885  Fix typo in a code comment
+       #894 #896  Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
+                    to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
+                    for what these numbers do
+        Infrastructure:
+            #880  Readme: Promote the call for help
+            #868  CI: Fix various issues
+            #849  CI: Allow triggering GitHub Actions workflows manually
+    #851 #872 ..
+       #873 #879  CI: Adapt to breaking changes in GitHub Actions
+        Special thanks to:
+            Alexander Bluhm
+            Berkay Eren Ürün
+            Dag-Erling Smørgrav
+            Ferenc Géczi
+            TaiYou
 Release 2.6.2 Wed March 13 2024
         Security fixes:
        #839 #842  CVE-2024-28757 -- Prevent billion laughs attacks with

package/dist/prebuilt/iOS-iphoneos/include/expat.h CHANGED Viewed

@@ -130,7 +130,9 @@ enum XML_Error {
   /* Added in 2.3.0. */
   XML_ERROR_NO_BUFFER,
   /* Added in 2.4.0. */
-  XML_ERROR_AMPLIFICATION_LIMIT_BREACH
+  XML_ERROR_AMPLIFICATION_LIMIT_BREACH,
+  /* Added in 2.6.4. */
+  XML_ERROR_NOT_STARTED,
 };
 enum XML_Content_Type {
@@ -1066,7 +1068,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 */
 #define XML_MAJOR_VERSION 2
 #define XML_MINOR_VERSION 6
-#define XML_MICRO_VERSION 2
+#define XML_MICRO_VERSION 4
 #ifdef __cplusplus
 }

package/dist/prebuilt/iOS-iphoneos/include/expat_config.h CHANGED Viewed

@@ -83,7 +83,7 @@
 #define PACKAGE_NAME "expat"
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "expat 2.6.2"
+#define PACKAGE_STRING "expat 2.6.4"
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "expat"
@@ -92,7 +92,7 @@
 #define PACKAGE_URL ""
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "2.6.2"
+#define PACKAGE_VERSION "2.6.4"
 /* Define to 1 if all of the C90 standard headers exist (not just the ones
    required in a freestanding environment). This macro is provided for
@@ -100,7 +100,7 @@
 #define STDC_HEADERS 1
 /* Version number of package */
-#define VERSION "2.6.2"
+#define VERSION "2.6.4"
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
@@ -140,7 +140,4 @@
 /* Define to `long int' if <sys/types.h> does not define. */
 /* #undef off_t */
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
 #endif // ndef EXPAT_CONFIG_H