|
|
Update expat to 2.2.0 to fix CVE vulnerability.
Security fixes:
CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue #496)
BUG= 703537
Review-Url: https://codereview.chromium.org/2761253002
Cr-Commit-Position: refs/heads/master@{#459025}
(cherry picked from commit 33a5703a620ec246ee08214e6c880068b6e9d687)
Review-Url: https://codereview.chromium.org/2781503002 .
Cr-Commit-Position: refs/branch-heads/3029@{#425}
Cr-Branched-From: 939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}
Committed: https://chromium.googlesource.com/chromium/src/+/55a2d106eda76d4248ba3415d4718afd7538f425
|
Unified diffs |
Side-by-side diffs |
Delta from patch set |
Stats (+922 lines, -2248 lines) |
Patch |
 |
M |
third_party/expat/README.chromium
|
View
|
|
2 chunks |
+28 lines, -10 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/COPYING
|
View
|
|
1 chunk |
+2 lines, -3 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/Changes
|
View
|
|
2 chunks |
+65 lines, -1 line |
0 comments
|
Download
|
|
M |
third_party/expat/files/MANIFEST
|
View
|
|
2 chunks |
+2 lines, -2 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/README
|
View
|
|
2 chunks |
+2 lines, -2 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/amigaconfig.h
|
View
|
|
1 chunk |
+0 lines, -3 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/expat.h
|
View
|
|
3 chunks |
+7 lines, -6 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/expat_config.h
|
View
|
|
5 chunks |
+7 lines, -8 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/expat_external.h
|
View
|
|
1 chunk |
+15 lines, -0 lines |
0 comments
|
Download
|
|
A + |
third_party/expat/files/lib/expat_external.h.original
|
View
|
|
1 chunk |
+14 lines, -0 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/internal.h
|
View
|
|
1 chunk |
+22 lines, -0 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/libexpat.def
|
View
|
|
1 chunk |
+3 lines, -0 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/libexpatw.def
|
View
|
|
1 chunk |
+3 lines, -0 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmlparse.c
|
View
|
|
22 chunks |
+94 lines, -39 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmlparse.c.original
|
View
|
|
21 chunks |
+95 lines, -32 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmlrole.c
|
View
|
|
38 chunks |
+112 lines, -112 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmltok.h
|
View
|
|
2 chunks |
+8 lines, -2 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmltok.c
|
View
|
|
37 chunks |
+167 lines, -65 lines |
0 comments
|
Download
|
|
A + |
third_party/expat/files/lib/xmltok.c.origin
|
View
|
|
37 chunks |
+165 lines, -65 lines |
0 comments
|
Download
|
|
M |
third_party/expat/files/lib/xmltok_impl.c
|
View
|
|
61 chunks |
+111 lines, -115 lines |
0 comments
|
Download
|
|
D |
third_party/expat/files/lib/xmltok_impl.c.original
|
View
|
|
1 chunk |
+0 lines, -1783 lines |
0 comments
|
Download
|
Total messages: 2 (1 generated)
|
Chromium Code Reviews
Issue
2781503002:
Update expat to 2.2.0 to fix CVE vulnerability. (Closed)
