third_party/expat/README.chromium - Issue 2761253002: Update expat to 2.2.0 to fix CVE vulnerability.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/expat/README.chromium

Issue 2761253002: Update expat to 2.2.0 to fix CVE vulnerability. (Closed)

Patch Set: Fix compiling error on mac Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/expat/README.chromium

diff --git a/third_party/expat/README.chromium b/third_party/expat/README.chromium

index a0af1e2d310fdc877a4e1d934c0a6e07116860d7..7d49d4d940443e85b0e733de683e8a66ae982ff4 100644

--- a/third_party/expat/README.chromium

+++ b/third_party/expat/README.chromium

@@ -1,7 +1,7 @@

Name: Expat XML Parser

Short Name: expat

URL: http://sourceforge.net/projects/expat/

dominicc (has gone to gerrit) 2017/03/23 05:35:27 Can you point to the git repository you got this f

-Version: 2.1.0

+Version: 2.2.0

License: MIT

License File: files/COPYING

Security Critical: yes

@@ -21,25 +21,31 @@ Local Modifications:

conftools/*

doc/*

examples/*

+ m4/*

tests/*

vms/*

win32/*

xmlwf/*

+ aclocal.m4

+ CMake.README

+ CMakeLists.txt

configure

- configure.in

+ configure.ac

+ configureChecks.cmake

Makefile.in

expat.dsw

- expat.dsw

+ expat.pc.in

+ expat_config.h.cmake

expat_config.h.in

+ Makefile.in

Edited:

lib/winconfig.h (see winconfig.h.original for unmodified version)

- * Added check on line 1751 of xmltok_impl.c to patch a

dominicc (has gone to gerrit) 2017/03/23 05:35:27 Can you point to where this was fixed upstream?

- bug with the handling of utf-8 characters that leads to a crash.

- lib/xmltok_impl.c (see xmltok_imp.c.original for unmodified version)

- * Prevent a compiler warning when compiling with

- WIN32_LEAN_AND_MEAN predefined.

lib/xmlparse.c (see xmlparse.c.original for unmodified version)

- * Apply https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c

dominicc (has gone to gerrit) 2017/03/23 05:35:27 Likewise, was this fixed upstream?

- to prevent an integer overflow.

+ * Added line 713 of xmlparse.c to suppress compiling error.

+ * Apply expat patch 7ae9c3d3af433cd4defe95234eae7dc8ed15637f

+ * Apply expat patch #539 Fix regression from fix to CVE-2016-0718

dominicc (has gone to gerrit) 2017/03/23 05:35:27 This is imprecise; what did you apply exactly? I d

+ * Apply expat patch 7ae9c3d3af433cd4defe95234eae7dc8ed15637f

dominicc (has gone to gerrit) 2017/03/23 05:35:27 Is this a dup of the one a couple of lines up?

+ lib/xmltok.c (see xmltok.c.original for unmodified version)

+ * Apply expat patch #539 Fix regression from fix to CVE-2016-0718

Added files:

lib/expat_config.h (a generated config file)

« no previous file with comments | « no previous file | third_party/expat/files/COPYING » ('j') | no next file with comments »