diff options
| author | Sebastian Pipping <sebastian@pipping.org> | 2024-11-12 15:10:00 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-11-12 07:10:00 -0700 |
| commit | 99fd37931c117c2842c503d623aa9749891a9203 (patch) | |
| tree | cd08bc340f07c120f0f3c9c05b6778f57dc31582 /var | |
| parent | 00e68af7949452175b49693056fe892cb4aa358b (diff) | |
| download | spack-99fd37931c117c2842c503d623aa9749891a9203.tar.gz spack-99fd37931c117c2842c503d623aa9749891a9203.tar.bz2 spack-99fd37931c117c2842c503d623aa9749891a9203.tar.xz spack-99fd37931c117c2842c503d623aa9749891a9203.zip | |
expat: Add 2.6.4 with security fixes + deprecate vulnerable 2.6.3 (#47521)
Diffstat (limited to 'var')
| -rw-r--r-- | var/spack/repos/builtin/packages/expat/package.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/var/spack/repos/builtin/packages/expat/package.py b/var/spack/repos/builtin/packages/expat/package.py index a41d4912de..485f773a82 100644 --- a/var/spack/repos/builtin/packages/expat/package.py +++ b/var/spack/repos/builtin/packages/expat/package.py @@ -16,9 +16,14 @@ class Expat(AutotoolsPackage, CMakePackage): url = "https://github.com/libexpat/libexpat/releases/download/R_2_2_9/expat-2.2.9.tar.bz2" license("MIT") - - version("2.6.3", sha256="b8baef92f328eebcf731f4d18103951c61fa8c8ec21d5ff4202fb6f2198aeb2d") - # deprecate all releases before 2.6.3 because of security issues + version("2.6.4", sha256="8dc480b796163d4436e6f1352e71800a774f73dbae213f1860b60607d2a83ada") + # deprecate all releases before 2.6.4 because of security issues + # CVE-2024-50602 (fixed in 2.6.4) + version( + "2.6.3", + sha256="b8baef92f328eebcf731f4d18103951c61fa8c8ec21d5ff4202fb6f2198aeb2d", + deprecated=True, + ) # CVE-2024-45490 (fixed in 2.6.3) # CVE-2024-45491 (fixed in 2.6.3) # CVE-2024-45492 (fixed in 2.6.3) |