![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libexpat
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.26 / (download) - annotate - [select for diffs], Mon Apr 1 13:30:41 2024 UTC (2 months, 1 week ago) by bluhm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.25: +73 -3 lines
Diff to previous 1.25 (colored)
Update libexpat to version 2.6.2. The fix for CVE-2024-28757 has been applied earlier. Relevant for OpenBSD are bug fixes #839 #841, and other change #829. No library bump is necessary. OK deraadt@
Revision 1.23.4.1 / (download) - annotate - [select for diffs], Mon Mar 18 11:03:04 2024 UTC (2 months, 3 weeks ago) by bluhm
Branch: OPENBSD_7_3
Changes since 1.23: +6 -0 lines
Diff to previous 1.23 (colored) next main 1.24 (colored)
Cherry-pick fix for CVE-2024-28757 from libexpat. Detect billion laughs attack with isolated external parser. github commit 1d50b80cf31de87750103656f6eb693746854aa8 OK deraadt@ this is errata/7.3/027_expat.patch.sig
Revision 1.23.2.1 / (download) - annotate - [select for diffs], Mon Mar 18 11:02:25 2024 UTC (2 months, 3 weeks ago) by bluhm
Branch: OPENBSD_7_4
Changes since 1.23: +6 -0 lines
Diff to previous 1.23 (colored) next main 1.24 (colored)
Cherry-pick fix for CVE-2024-28757 from libexpat. Detect billion laughs attack with isolated external parser. github commit 1d50b80cf31de87750103656f6eb693746854aa8 OK deraadt@ this is errata/7.4/015_expat.patch.sig
Revision 1.25 / (download) - annotate - [select for diffs], Thu Mar 14 19:37:40 2024 UTC (2 months, 3 weeks ago) by bluhm
Branch: MAIN
Changes since 1.24: +6 -0 lines
Diff to previous 1.24 (colored)
Change log and regress test for expat billion laughs attack.
Revision 1.24 / (download) - annotate - [select for diffs], Sun Feb 11 00:56:28 2024 UTC (3 months, 4 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.23: +116 -2 lines
Diff to previous 1.23 (colored)
Update libexpat to version 2.6.0. This fixes CVE-2023-52425. OpenBSD is not affected by CVE-2023-52426. Relevant for OpenBSD are security fixes #789 #814, bug fixes #753 #812 #813, other changes #771 #788 #764 #765, and examples, docs, compiler warnings, clang-tidy, tests. Only a minor library bump is necessary, this has been discussed with tb@ guenther@ kettenis@. OK deraadt@
Revision 1.21.2.2 / (download) - annotate - [select for diffs], Thu Oct 27 16:23:23 2022 UTC (19 months, 1 week ago) by bluhm
Branch: OPENBSD_7_1
Changes since 1.21.2.1: +34 -0 lines
Diff to previous 1.21.2.1 (colored) to branchpoint 1.21 (colored) next main 1.22 (colored)
Update libexpat to 2.5.0. This fixes CVE-2022-43680. Relevant for OpenBSD are security fixes #616 #649 #650 and bug fixes #612 #645 #613 #654 #616 #652 #653. No library bump necessary. OK tb@ this is errata/7.1/012_expat.patch.sig
Revision 1.22.2.1 / (download) - annotate - [select for diffs], Thu Oct 27 16:22:40 2022 UTC (19 months, 1 week ago) by bluhm
Branch: OPENBSD_7_2
Changes since 1.22: +34 -0 lines
Diff to previous 1.22 (colored) next main 1.23 (colored)
Update libexpat to 2.5.0. This fixes CVE-2022-43680. Relevant for OpenBSD are security fixes #616 #649 #650 and bug fixes #612 #645 #613 #654 #616 #652 #653. No library bump necessary. OK tb@ this is errata/7.2/004_expat.patch.sig
Revision 1.23 / (download) - annotate - [select for diffs], Thu Oct 27 12:58:37 2022 UTC (19 months, 1 week ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_3_BASE
Branch point for: OPENBSD_7_4,
OPENBSD_7_3
Changes since 1.22: +34 -0 lines
Diff to previous 1.22 (colored)
Update libexpat to 2.5.0. This fixes CVE-2022-43680. Relevant for OpenBSD are security fixes #616 #649 #650 and bug fixes #612 #645 #613 #654 #616 #652 #653. No library bump necessary. OK tb@
Revision 1.17.2.4 / (download) - annotate - [select for diffs], Thu Sep 22 19:16:35 2022 UTC (20 months, 2 weeks ago) by bluhm
Branch: OPENBSD_7_0
Changes since 1.17.2.3: +118 -1 lines
Diff to previous 1.17.2.3 (colored) to branchpoint 1.17 (colored) next main 1.18 (colored)
Update libexpat to 2.4.9. This fixes CVE-2022-40674. Relevant for OpenBSD are security fixes #629 #640 and other changes #610 #643. No library bump necessary. OK deraadt@ Update libexpat to 2.4.7. Relevant for OpenBSD are bug fixes #572 #577 and other changes #577 #579 #575 #574 #569 #571. No library bump necessary. tested and OK tb@ this is errata/7.0/025_expat.patch.sig
Revision 1.21.2.1 / (download) - annotate - [select for diffs], Thu Sep 22 19:13:06 2022 UTC (20 months, 2 weeks ago) by bluhm
Branch: OPENBSD_7_1
Changes since 1.21: +84 -1 lines
Diff to previous 1.21 (colored)
Update libexpat to 2.4.9. This fixes CVE-2022-40674. Relevant for OpenBSD are security fixes #629 #640 and other changes #610 #643. No library bump necessary. OK deraadt@ this is errata/7.1/010_expat.patch.sig
Revision 1.22 / (download) - annotate - [select for diffs], Tue Sep 20 23:00:53 2022 UTC (20 months, 2 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE
Branch point for: OPENBSD_7_2
Changes since 1.21: +84 -1 lines
Diff to previous 1.21 (colored)
Update libexpat to 2.4.9. This fixes CVE-2022-40674. Relevant for OpenBSD are security fixes #629 #640 and other changes #610 #643. No library bump necessary. OK deraadt@
Revision 1.21 / (download) - annotate - [select for diffs], Wed Mar 9 19:22:19 2022 UTC (2 years, 3 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE
Branch point for: OPENBSD_7_1
Changes since 1.20: +34 -0 lines
Diff to previous 1.20 (colored)
Update libexpat to 2.4.7. Relevant for OpenBSD are bug fixes #572 #577 and other changes #577 #579 #575 #574 #569 #571. No library bump necessary. tested and OK tb@
Revision 1.15.2.3 / (download) - annotate - [select for diffs], Tue Feb 22 18:08:20 2022 UTC (2 years, 3 months ago) by bluhm
Branch: OPENBSD_6_9
Changes since 1.15.2.2: +53 -0 lines
Diff to previous 1.15.2.2 (colored) to branchpoint 1.15 (colored) next main 1.16 (colored)
Backport security fixes from libexpat 2.4.5 and 2.4.6 to 2.2.10. This fixes CVE-2022-25235, CVE-2022-25236 CVE-2022-25313, CVE-2022-25314, and CVE-2022-25315. Relevant for OpenBSD are security fixes #558 #559 #560 #561 #562 and bug fixes #566. this is errata/6.9/031_expat.patch.sig
Revision 1.17.2.3 / (download) - annotate - [select for diffs], Tue Feb 22 18:02:41 2022 UTC (2 years, 3 months ago) by bluhm
Branch: OPENBSD_7_0
Changes since 1.17.2.2: +63 -0 lines
Diff to previous 1.17.2.2 (colored) to branchpoint 1.17 (colored)
Update libexpat to 2.4.6. This fixes CVE-2022-25235, CVE-2022-25236 CVE-2022-25313, CVE-2022-25314, and CVE-2022-25315. Relevant for OpenBSD are security fixes #558 #559 #560 #561 #562 and bug fixes #566. No library bump necessary. Revert XML_MICRO_VERSION to the value of OpenBSD 7.0 release. this is errata/7.0/015_expat.patch.sig
Revision 1.20 / (download) - annotate - [select for diffs], Tue Feb 22 10:53:10 2022 UTC (2 years, 3 months ago) by bluhm
Branch: MAIN
Changes since 1.19: +63 -0 lines
Diff to previous 1.19 (colored)
Update libexpat to 2.4.6. This fixes CVE-2022-25235, CVE-2022-25236 CVE-2022-25313, CVE-2022-25314, and CVE-2022-25315. Relevant for OpenBSD are security fixes #558 #559 #560 #561 #562 and bug fixes #566. No library bump necessary. OK tb@
Revision 1.15.2.2 / (download) - annotate - [select for diffs], Tue Feb 1 10:53:25 2022 UTC (2 years, 4 months ago) by bluhm
Branch: OPENBSD_6_9
Changes since 1.15.2.1: +13 -0 lines
Diff to previous 1.15.2.1 (colored) to branchpoint 1.15 (colored)
Backport security fixes from libexpat 2.4.4 to 2.2.10. This fixes CVE-2022-23852 and CVE-2022-23990. Relevant for OpenBSD are security fixes #550 #551. this is errata/6.9/029_expat.patch.sig
Revision 1.17.2.2 / (download) - annotate - [select for diffs], Tue Feb 1 10:50:56 2022 UTC (2 years, 4 months ago) by bluhm
Branch: OPENBSD_7_0
Changes since 1.17.2.1: +32 -0 lines
Diff to previous 1.17.2.1 (colored) to branchpoint 1.17 (colored)
Update libexpat to 2.4.4. This fixes CVE-2022-23852 and CVE-2022-23990. Relevant for OpenBSD are security fixes #550 #551 and other changes #553 (missing in change log). No library bump necessary. OK millert@ this is errata/7.0/013_expat.patch.sig
Revision 1.19 / (download) - annotate - [select for diffs], Mon Jan 31 00:21:53 2022 UTC (2 years, 4 months ago) by bluhm
Branch: MAIN
Changes since 1.18: +32 -0 lines
Diff to previous 1.18 (colored)
Update libexpat to 2.4.4. This fixes CVE-2022-23852 and CVE-2022-23990. Relevant for OpenBSD are security fixes #550 #551 and other changes #553 (missing in change log). No library bump necessary. OK millert@
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Mon Jan 17 21:13:06 2022 UTC (2 years, 4 months ago) by bluhm
Branch: OPENBSD_6_9
Changes since 1.15: +28 -0 lines
Diff to previous 1.15 (colored)
Backport security fixes from libexpat 2.4.3 to 2.2.10. This fixes CVE-2021-45960, CVE-2021-46143, and CVE-2022-22822 to CVE-2022-22827. Relevant for OpenBSD are security fixes #531 #534 #532 #538 #539. This is errata/6.9/026_expat.patch.sig
Revision 1.17.2.1 / (download) - annotate - [select for diffs], Mon Jan 17 20:58:22 2022 UTC (2 years, 4 months ago) by bluhm
Branch: OPENBSD_7_0
Changes since 1.17: +75 -0 lines
Diff to previous 1.17 (colored)
Update libexpat to 2.4.3. This fixes CVE-2021-45960, CVE-2021-46143, and CVE-2022-22822 to CVE-2022-22827. Relevant for OpenBSD are security fixes #531 #534 #532 #538 #539 and other changes #527 #513 #514 #502 #503. No library bump necessary. OK millert@ This is errata/7.0/009_expat.patch.sig
Revision 1.18 / (download) - annotate - [select for diffs], Mon Jan 17 20:50:22 2022 UTC (2 years, 4 months ago) by bluhm
Branch: MAIN
Changes since 1.17: +75 -0 lines
Diff to previous 1.17 (colored)
Update libexpat to 2.4.3. This fixes CVE-2021-45960, CVE-2021-46143, and CVE-2022-22822 to CVE-2022-22827. Relevant for OpenBSD are security fixes #531 #534 #532 #538 #539 and other changes #527 #513 #514 #502 #503. No library bump necessary. OK millert@
Revision 1.17 / (download) - annotate - [select for diffs], Wed May 26 19:14:32 2021 UTC (3 years ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE
Branch point for: OPENBSD_7_0
Changes since 1.16: +91 -0 lines
Diff to previous 1.16 (colored)
Update libexpat to 2.4.1. This fixes CVE-2013-0340. Relevant for OpenBSD are security fixes #34 #466 #484 and other changes #467 #473 #483. A new error number in a public header requires a major library bump. Two functions have been added to API. OK tb@
Revision 1.16 / (download) - annotate - [select for diffs], Mon May 10 17:36:48 2021 UTC (3 years, 1 month ago) by bluhm
Branch: MAIN
Changes since 1.15: +50 -1 lines
Diff to previous 1.15 (colored)
Update libexpat to 2.3.0. Relevant for OpenBSD are only bug fix #438 and other change #443. A new error constant has been added to a public header file. According to guenther@ this is an ABI break that requires a major bump. OK tb@; tested by matthieu@
Revision 1.15 / (download) - annotate - [select for diffs], Tue Dec 29 16:59:42 2020 UTC (3 years, 5 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE
Branch point for: OPENBSD_6_9
Changes since 1.14: +78 -2 lines
Diff to previous 1.14 (colored)
Update libexpat to 2.2.10. Relevant are only bug fixes #390 #395 #398 #404 #405 and other changes #354 #355 #412. OK deraadt@
Revision 1.14 / (download) - annotate - [select for diffs], Wed Sep 25 21:06:19 2019 UTC (4 years, 8 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.13: +109 -3 lines
Diff to previous 1.13 (colored)
Update libexpat to 2.2.8. CVE-2019-15903 has been fixed earlier in our tree. Relevant is only bug fix #240. Most of the upstream diff is automated source format change. OK deraadt@
Revision 1.13 / (download) - annotate - [select for diffs], Sat Jun 29 00:33:59 2019 UTC (4 years, 11 months ago) by bluhm
Branch: MAIN
Changes since 1.12: +35 -0 lines
Diff to previous 1.12 (colored)
Update libexpat to 2.2.7. Relevant for OpenBSD is only the fix for CVE-2018-20843, a potential denial-of-service in libexpat due to high RAM and CPU usage. OK deraadt@
Revision 1.12 / (download) - annotate - [select for diffs], Wed Aug 22 13:32:11 2018 UTC (5 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.11: +48 -0 lines
Diff to previous 1.11 (colored)
Update libexpat to 2.2.6. Relevant for OpenBSD is - Avoid doing arithmetic with NULL pointers in XML_GetBuffer - Fix 2.2.5 regression with suspend-resume while parsing a document like '<root/>' - Address compiler warnings - Fix miscellaneous typos
Revision 1.11 / (download) - annotate - [select for diffs], Thu Nov 2 13:40:57 2017 UTC (6 years, 7 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.10: +46 -1 lines
Diff to previous 1.10 (colored)
Update libexpat to 2.2.5. Changes for OpenBSD include a few bug fixes, no library bump needed. OK deraadt@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Aug 23 14:53:52 2017 UTC (6 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.9: +30 -2 lines
Diff to previous 1.9 (colored)
Update libexpat to 2.2.4. Fix copying partial UTF-8 characters. OK deraadt@
Revision 1.9 / (download) - annotate - [select for diffs], Fri Aug 4 16:24:02 2017 UTC (6 years, 10 months ago) by bluhm
Branch: MAIN
Changes since 1.8: +40 -0 lines
Diff to previous 1.8 (colored)
Update libexpat to 2.2.3. Only few changes affect OpenBSD. OK deraadt@
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jul 19 20:24:07 2017 UTC (6 years, 10 months ago) by bluhm
Branch: MAIN
Changes since 1.7: +50 -0 lines
Diff to previous 1.7 (colored)
Update libexpat to 2.2.2. Fixes NULL parser dereference. no objections deraadt@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Jun 30 11:25:29 2017 UTC (6 years, 11 months ago) by bluhm
Branch: MAIN
Changes since 1.6: +175 -6 lines
Diff to previous 1.6 (colored)
Update libexpat to version 2.2.1 which has some security fixes. - CVE-2017-9233 CVE-2016-9063 CVE-2016-5300 CVE-2016-4472 CVE-2016-0718 CVE-2015-2716 CVE-2015-1283 CVE-2012-6702 CVE-2012-0876 have been addressed. Not all of them affect OpenBSD as we had fixes before. - Upstream uses arc4random_buf(3) now. Delete all code for other entropy sources to make sure to compile the correct one. Our library already used arc4random(3) before. - The overflow fixes in rev 1.11 and 1.12 of lib/xmlparse.c have been commited upstream in a different way. Use the upstream code to make maintenance easier. - Although it should be ABI compatible, there is a new global symbol align_limit_to_full_utf8_characters. As it is in lib/internal.h, add a Symbols.map to restrict the export. Do not bump the shared library version. - Use the internal expat's siphash.h. ports build ajacoutot@; move ahead deraadt@
Revision 1.6 / (download) - annotate - [select for diffs], Mon May 9 19:32:01 2016 UTC (8 years, 1 month ago) by rpointel
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.5: +18 -3 lines
Diff to previous 1.5 (colored)
update libexpat to 2.1.1. ok deraadt@ (thanks to sebastian[@]pipping[.]org for information).
Revision 1.5 / (download) - annotate - [select for diffs], Sun Apr 1 18:52:01 2012 UTC (12 years, 2 months ago) by rpointel
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.4: +36 -0 lines
Diff to previous 1.4 (colored)
update libexpat to 2.1.0. use arc4random instead of rand/srand in generate_hash_secret_salt, spotted by nicm@ and deraadt@. ok nicm@ deraadt@.
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jun 26 17:21:00 2010 UTC (13 years, 11 months ago) by eric
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.3: +22 -22 lines
Diff to previous 1.3 (colored)
sync libexpat with upstream. mostly formating cleanup, no binary change. ok deraadt nicm
Revision 1.3 / (download) - annotate - [select for diffs], Thu Aug 30 18:41:04 2007 UTC (16 years, 9 months ago) by matthieu
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.2: +21 -0 lines
Diff to previous 1.2 (colored)
Update to expat 2.0.1. ok deraadt@
Revision 1.2 / (download) - annotate - [select for diffs], Sat May 6 16:09:30 2006 UTC (18 years, 1 month ago) by alek
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.1: +41 -0 lines
Diff to previous 1.1 (colored)
Update to 2.0.0; keep our local changes ok espie@, djm@
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Sep 22 21:32:02 2004 UTC (19 years, 8 months ago) by espie
Branch: expat
CVS Tags: expat_1_95_6,
OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
libexpat: a simple xml parser library, used by X11 and some ports.
Revision 1.1 / (download) - annotate - [select for diffs], Wed Sep 22 21:32:02 2004 UTC (19 years, 8 months ago) by espie
Branch: MAIN
Initial revision