textprox/expat2: update to 2.4.1 -- fixes CVE-2013-0340/CWE-776

See [1] for details: Expat 2.4.0 and follow-up release 2.4.1 have both been released earlier today (21-05-23). Release 2.4.0 fixes long known security issue CVE-2013-0340 by adding protection against so-called Billion Laughs Attacks, a form of denial of service against applications accepting XML input, in all known variations, including recent flavor Parameter Laughs. [1] https://blog.hartwork.org/posts/cve-2013-0340-billion-laughs-fixed-in-expat-2-4-0 PR: 256121 Exp-run by: antoine
2021-05-24 16:38:28 +02:00 · 2021-05-24 16:38:28 +02:00 · 1454ab4020
commit 1454ab4020
parent 6456d569b3
3 changed files with 11 additions and 9 deletions
--- a/textproc/expat2/Makefile
+++ b/textproc/expat2/Makefile
@ -1,7 +1,7 @@
 # Created by: Dirk Froemberg <dirk@FreeBSD.org>

 PORTNAME=	expat
-DISTVERSION=	2.3.0
+DISTVERSION=	2.4.1
 CATEGORIES=	textproc
 MASTER_SITES=	https://github.com/libexpat/libexpat/releases/download/R_${DISTVERSION:S|.|_|g}/

@ -30,6 +30,8 @@ SHEBANG_FILES=	test-driver-wrapper.sh tests/udiffer.py tests/xmltest.sh
 TEST_CONFIGURE_WITH=	tests
 TEST_TARGET=	check

+PLIST_SUB=	EXPAT_VERSION=${DISTVERSION}
+
 post-install:
 	${INSTALL_MAN} ${WRKSRC}/doc/xmlwf.1 ${STAGEDIR}${MANPREFIX}/man/man1/

--- a/textproc/expat2/distinfo
+++ b/textproc/expat2/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1616672812
-SHA256 (expat-2.3.0.tar.xz) = caa34f99b6e3bcea8502507eb6549a0a84510b244a748dfb287271b2d47467a9
-SIZE (expat-2.3.0.tar.xz) = 433508
+TIMESTAMP = 1621866901
+SHA256 (expat-2.4.1.tar.xz) = cf032d0dba9b928636548e32b327a2d66b1aab63c4f4a13dd132c2d1d2f2fb6a
+SIZE (expat-2.4.1.tar.xz) = 445024
--- a/textproc/expat2/pkg-plist
+++ b/textproc/expat2/pkg-plist
@ -2,14 +2,14 @@ bin/xmlwf
 include/expat.h
 include/expat_config.h
 include/expat_external.h
-lib/cmake/expat-2.3.0/expat-config-version.cmake
-lib/cmake/expat-2.3.0/expat-config.cmake
-lib/cmake/expat-2.3.0/expat-noconfig.cmake
-lib/cmake/expat-2.3.0/expat.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-config-version.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-config.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat-noconfig.cmake
+lib/cmake/expat-%%EXPAT_VERSION%%/expat.cmake
 %%STATIC%%lib/libexpat.a
 lib/libexpat.so
 lib/libexpat.so.1
-lib/libexpat.so.1.7.0
+lib/libexpat.so.1.8.1
 libdata/pkgconfig/expat.pc
 man/man1/xmlwf.1.gz
 %%PORTDOCS%%%%DOCSDIR%%/AUTHORS