XML Parser Toolkit
Expat is an XML 1.0 parser written in C. It aims to be fully
conformant. It is currently not a validating XML processor. The current
production version of expat can be downloaded from
ftp://ftp.jclark.com/pub/xml/expat.zip. The directory xmltok contains a
low-level library for tokenizing XML. The interface is documented in
xmltok/xmltok.h. The directory xmlparse contains an XML parser library
that is built on top of the xmltok library. The interface is documented
in xmlparse/xmlparse.h. The directory sample contains a simple example
program using this interface. The file sample/build.bat is a batch
file to build the example using Visual C++. The directory xmlwf
contains the xmlwf application, which uses the xmlparse library. The
arguments to xmlwf are one or more files to check for well-formedness.
An option -d dir can be specified. For each well-formed input file, the
corresponding canonical XML is written to dir/f, where f is the
filename (without any path) of the input file. A -x option causes
references to external general entities to be processed. A -s option
makes documents that are not stand-alone cause an error (a document is
considered stand-alone if it is intrinsically stand-alone because it
has no external subset and no references to parameter entities in the
internal subset or it is declared as stand-alone in the XML
declaration).
- Sources inherited from project SUSE:SLE-15-SP4:GA
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.4:Update/expat && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| baselibs.conf | 0000000179 179 Bytes | |
| expat-2.4.4.tar.xz | 0000449448 439 KB | |
| expat-2.4.4.tar.xz.asc | 0000000833 833 Bytes | |
| expat-CVE-2022-25235.patch | 0000012945 12.6 KB | |
| expat-CVE-2022-25236-relax-fix.patch | 0000007354 7.18 KB | |
| expat-CVE-2022-25236.patch | 0000004799 4.69 KB | |
| expat-CVE-2022-25313-fix-regression.patch | 0000010559 10.3 KB | |
| expat-CVE-2022-25313.patch | 0000007786 7.6 KB | |
| expat-CVE-2022-25314.patch | 0000000831 831 Bytes | |
| expat-CVE-2022-25315.patch | 0000004905 4.79 KB | |
| expat.changes | 0000040270 39.3 KB | |
| expat.spec | 0000004987 4.87 KB | |
| expatfaq.html | 0000003117 3.04 KB |
Latest Revision
Stefan Weiberg (suntorytimed)
committed
(revision 4)
- Security fixes:
* (CVE-2022-25236, bsc#1196784) [>=2.4.5] Fix to CVE-2022-25236
breaks biboumi, ClairMeta, jxmlease, libwbxml,
openleadr-python, rnv, xmltodict
- Added expat-CVE-2022-25236-relax-fix.patch
- Security fixes:
* (CVE-2022-25236, bsc#1196025) Expat before 2.4.5 allows
attackers to insert namespace-separator characters into
namespace URIs
- Added expat-CVE-2022-25236.patch
* (CVE-2022-25235, bsc#1196026) xmltok_impl.c in Expat before
2.4.5 does not check whether a UTF-8 character is valid in a
certain context.
- Added expat-CVE-2022-25235.patch
* (CVE-2022-25313, bsc#1196168) Stack exhaustion in
build_model() via uncontrolled recursion
- Added expat-CVE-2022-25313.patch
- The fix upstream introduced a regression that was later
amended in 2.4.6 version
+ Added expat-CVE-2022-25313-fix-regression.patch
* (CVE-2022-25314, bsc#1196169) Integer overflow in copyString
- Added expat-CVE-2022-25314.patch
* (CVE-2022-25315, bsc#1196171) Integer overflow in storeRawNames
- Added expat-CVE-2022-25315.patch
Comments 0