notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Ukraine
FreshPorts needs to find a new hosting provide willing to take a 2U chassis and host it free of charge. This is part of the FreshPorts project. Preferably in the Austin area. This is not a primary server, but it used for development.
Port details
expat2 XML 1.0 parser written in C
2.4.8 textproc on this many watch lists=720 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 2.4.8Version of this port present on the latest quarterly branch.
Maintainer: desktop@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2000-10-24 06:51:38
Last Update: 2022-04-04 13:07:20
Commit Hash: 709f05a
People watching this port, also watch:: libiconv, gmake, gettext, freetype2, m4
License: MIT
Description:
SVNWeb : git : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (23 items)
Collapse this list.
  1. @ldconfig
  2. /usr/local/share/licenses/expat-2.4.8/catalog.mk
  3. /usr/local/share/licenses/expat-2.4.8/LICENSE
  4. /usr/local/share/licenses/expat-2.4.8/MIT
  5. bin/xmlwf
  6. include/expat.h
  7. include/expat_config.h
  8. include/expat_external.h
  9. lib/cmake/expat-2.4.8/expat-config-version.cmake
  10. lib/cmake/expat-2.4.8/expat-config.cmake
  11. lib/cmake/expat-2.4.8/expat-noconfig.cmake
  12. lib/cmake/expat-2.4.8/expat.cmake
  13. @comment lib/libexpat.a
  14. lib/libexpat.so
  15. lib/libexpat.so.1
  16. lib/libexpat.so.1.8.8
  17. libdata/pkgconfig/expat.pc
  18. man/man1/xmlwf.1.gz
  19. share/doc/expat/AUTHORS
  20. share/doc/expat/changelog
  21. @owner
  22. @group
  23. @mode
Collapse this list.
Dependency lines:
  • For RUN/BUILD depends:
    • expat>0:textproc/expat2
  • For LIB depends:
    • libexpat.so:textproc/expat2
To install the port:
cd /usr/ports/textproc/expat2/ && make install clean
To add the package, run one of these commands:
  • pkg install textproc/expat2
  • pkg install expat
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: expat
Flavors: there is no flavor information for this port.
distinfo:
Packages (timestamps in pop-ups are UTC):
expat
ABIlatestquarterly
FreeBSD:11:aarch642.2.6_12.2.8
FreeBSD:11:amd642.4.12.4.1
FreeBSD:11:armv62.1.1_12.2.8
FreeBSD:11:i3862.4.12.4.1
FreeBSD:11:mips--
FreeBSD:11:mips642.2.02.2.8
FreeBSD:12:aarch642.2.6_12.4.8
FreeBSD:12:amd642.4.82.4.8
FreeBSD:12:armv62.2.6_12.2.8
FreeBSD:12:armv72.2.6_12.2.8
FreeBSD:12:i3862.4.82.4.8
FreeBSD:12:mips--
FreeBSD:12:mips642.2.6_12.2.8
FreeBSD:12:powerpc64-2.2.10
FreeBSD:13:aarch642.4.82.4.8
FreeBSD:13:amd642.4.82.4.8
FreeBSD:13:armv62.2.102.4.8
FreeBSD:13:armv72.2.102.4.8
FreeBSD:13:i3862.4.82.4.8
FreeBSD:13:mips--
FreeBSD:13:mips642.2.102.2.10
FreeBSD:13:powerpc642.2.102.4.1
FreeBSD:14:aarch642.4.8-
FreeBSD:14:amd642.4.8-
FreeBSD:14:armv62.4.8-
FreeBSD:14:armv72.4.8-
FreeBSD:14:i3862.4.8-
FreeBSD:14:mips--
FreeBSD:14:mips64--
FreeBSD:14:powerpc642.2.10-
 

This port is required by:
for Build
  1. astro/libosmium
  2. multimedia/makemkv
  3. sysutils/mstflint-lite
  4. sysutils/procenv

Deleted ports which required this port:

Expand this list of 2 deleted ports
  1. devel/libphish*
  2. devel/subversion-static*
  3. Collapse this list of deleted ports.
for Libraries
  1. archivers/libarchive
  2. astro/gpsbabel14
  3. astro/opencpn
  4. astro/readosm
  5. audio/audacity
  6. audio/boca
  7. audio/calf-lv2
Expand this list (399 items / 392 hidden - sorry, this count includes any deleted ports)
  1. Collapse this list).
  2. audio/drumgizmo
  3. audio/gogglesmm
  4. audio/jack
  5. audio/musicpd
  6. audio/vst3sdk
  7. benchmarks/flowgrind
  8. cad/PrusaSlicer
  9. cad/appcsxcad
  10. cad/brlcad
  11. cad/camotics
  12. cad/freecad
  13. cad/lepton-eda
  14. cad/opencascade
  15. cad/openvsp
  16. cad/qcsxcad
  17. comms/obexapp
  18. comms/trustedqsl
  19. converters/osm2pgrouting
  20. converters/osm2pgsql
  21. databases/spatialite-tools
  22. deskutils/fbreader
  23. deskutils/gnome-contacts
  24. deskutils/presage
  25. devel/anjuta
  26. devel/apr1
  27. devel/avr-gdb
  28. devel/cbang
  29. devel/cmake
  30. devel/cmake-gui
  31. devel/dbus
  32. devel/dbus-c++
  33. devel/dbus-glib
  34. devel/electron17
  35. devel/electron18
  36. devel/electron19
  37. devel/gdb
  38. devel/gdcm
  39. devel/git
  40. devel/ice
  41. devel/ice37
  42. devel/kdesvn
  43. devel/libcutl
  44. devel/libopkele
  45. devel/libpdel
  46. devel/log4c
  47. devel/p5-subversion
  48. devel/poco
  49. devel/ptlib
  50. devel/py-subversion
  51. devel/pysvn
  52. devel/rsvndump
  53. devel/ruby-subversion
  54. devel/sdbus-cpp
  55. devel/simgear
  56. devel/subversion
  57. devel/subversion-lts
  58. dns/getdns
  59. dns/unbound
  60. editors/libreoffice
  61. editors/openoffice-4
  62. editors/openoffice-devel
  63. editors/vscode
  64. editors/xmlcopyeditor
  65. emulators/mame
  66. emulators/mess
  67. finance/beanie
  68. ftp/lftp
  69. games/alephone
  70. games/augustus
  71. games/battletanks
  72. games/dreamchess
  73. games/easyrpg-player
  74. games/ezquake
  75. games/flightgear
  76. games/liblcf
  77. games/moonlight-embedded
  78. games/nimuh
  79. games/scorched3d
  80. games/xpilot-ng-server
  81. graphics/art
  82. graphics/aseprite
  83. graphics/blender
  84. graphics/blender-lts29
  85. graphics/cegui
  86. graphics/cloudcompare
  87. graphics/dcp2icc
  88. graphics/digikam
  89. graphics/exiv2
  90. graphics/gdal
  91. graphics/gimp-app
  92. graphics/glosm
  93. graphics/graphviz
  94. graphics/kphotoalbum
  95. graphics/libosmesa
  96. graphics/libwmf
  97. graphics/libwmf-nox11
  98. graphics/mapserver
  99. graphics/mesa-devel
  100. graphics/mesa-dri
  101. graphics/mesa-gallium-va
  102. graphics/mesa-gallium-vdpau
  103. graphics/mesa-gallium-xa
  104. graphics/mesa-libs
  105. graphics/mirtk
  106. graphics/opencolorio
  107. graphics/opencolorio-tools
  108. graphics/openfx-arena
  109. graphics/pcl-pointclouds
  110. graphics/py-opencolorio
  111. graphics/qgis
  112. graphics/qgis-ltr
  113. graphics/rawtherapee
  114. graphics/vips
  115. graphics/vv
  116. graphics/wayland
  117. graphics/wdune
  118. graphics/wxsvg
  119. java/java-subversion
  120. lang/clover
  121. lang/smalltalk
  122. mail/claws-mail
  123. mail/libetpan
  124. math/vtk6
  125. math/vtk8
  126. math/vtk9
  127. misc/libcomps
  128. misc/libmetalink
  129. misc/libsolv
  130. misc/owrep
  131. multimedia/dvdauthor
  132. multimedia/kodi
  133. multimedia/kodi-addon-inputstream.adaptive
  134. multimedia/libxspf
  135. multimedia/snapcast
  136. net/avahi-app
  137. net/c3270
  138. net/ceph14
  139. net/easysoap
  140. net/grive2
  141. net/libarms
  142. net/libnpupnp
  143. net/mad_fcl
  144. net/ntopng
  145. net/opensips31
  146. net/rpki-client
  147. net/tcpflow
  148. net/ulxmlrpcpp
  149. net/xmlrpc-c
  150. net/xmlrpc-epi
  151. net/zebra-server
  152. net-im/biboumi
  153. net-im/ejabberd
  154. net-im/jabberd
  155. net-im/jggtrans
  156. net-im/libmesode
  157. net-im/libstrophe
  158. net-im/signal-desktop
  159. net-mgmt/netxms
  160. print/ghostscript8-base
  161. print/ghostscript9-base
  162. print/miktex
  163. science/InsightToolkit
  164. science/R-cran-udunits2
  165. science/afni
  166. science/dakota
  167. science/elmerfem
  168. science/gnudatalanguage
  169. science/libkml
  170. science/liggghts
  171. science/massxpert
  172. science/openems
  173. science/orthanc-dicomweb
  174. science/orthanc-webviewer
  175. science/paraview
  176. science/udunits
  177. science/vmd
  178. science/votca
  179. science/zotero
  180. security/kdbxviewer
  181. security/ophcrack
  182. security/rats
  183. security/shibboleth-sp
  184. security/subversion-gnome-keyring
  185. sysutils/afflib
  186. sysutils/bulk_extractor
  187. sysutils/eclat
  188. sysutils/ftwin
  189. sysutils/fusefs-httpdirfs
  190. sysutils/fusefs-s3backer
  191. sysutils/ganglia-monitor-core
  192. sysutils/libdnf
  193. sysutils/polkit
  194. textproc/domc
  195. textproc/exempi
  196. textproc/fcitx5
  197. textproc/libxode
  198. textproc/luaexpat
  199. textproc/modlogan
  200. textproc/ocaml-expat
  201. textproc/p5-XML-Parser
  202. textproc/p5-XML-SAX-ExpatXS
  203. textproc/refdb
  204. textproc/rnv
  205. textproc/sablotron
  206. textproc/scew
  207. textproc/scim-openvanilla
  208. textproc/sphinxsearch
  209. textproc/teckit
  210. textproc/wbxml2
  211. textproc/xmlppm
  212. www/apache24
  213. www/chromium
  214. www/cplanet
  215. www/htdigest
  216. www/httest
  217. www/iridium
  218. www/libdom
  219. www/libwww
  220. www/mod_dav_svn
  221. www/mod_security
  222. www/neon
  223. www/netsurf
  224. www/nginx-full
  225. www/osrm-backend
  226. x11/x3270
  227. x11/xforward
  228. x11-fonts/fontconfig
  229. x11-toolkits/wxgtk28
  230. x11-toolkits/wxgtk28-common
  231. x11-toolkits/wxgtk28-contrib
  232. x11-toolkits/wxgtk28-contrib-common
  233. x11-toolkits/wxgtk30
  234. x11-toolkits/wxgtk31
  235. x11-wm/echinus
  236. Collapse this list.

Deleted ports which required this port:

Expand this list of 158 deleted ports
  1. archivers/epkg*
  2. astro/osmium*
  3. astro/roadmap*
  4. astro/viking*
  5. audio/arts*
  6. audio/calf*
  7. audio/libmusicbrainz*
  8. audio/libofa*
  9. audio/libtunepimp*
  10. audio/libtunepimp-old*
  11. cad/salome-yacs*
  12. comms/tqsllib*
  13. converters/shftool*
  14. databases/hypertable*
  15. deskutils/nagaina*
  16. devel/apr0*
  17. devel/apr2*
  18. devel/arm-none-eabi-gdb*
  19. devel/datadesigner*
  20. devel/e4graph*
  21. devel/electron11*
  22. devel/electron12*
  23. devel/electron13*
  24. devel/electron4*
  25. devel/electron5*
  26. devel/electron6*
  27. devel/electron7*
  28. devel/electron9*
  29. devel/erlang-exmpp*
  30. devel/git-lite*
  31. devel/git-subversion*
  32. devel/kdesvn-kde4*
  33. devel/poco-devel*
  34. devel/ptlib26*
  35. devel/pwlib*
  36. devel/subversion16*
  37. devel/subversion17*
  38. devel/subversion18*
  39. devel/subversion19*
  40. editors/atom*
  41. editors/libreoffice-legacy*
  42. editors/libreoffice4*
  43. editors/libreoffice6*
  44. editors/openoffice-3*
  45. editors/openoffice-3-devel*
  46. emulators/advancemame*
  47. emulators/advancemenu*
  48. emulators/advancemess*
  49. emulators/gxmame*
  50. emulators/xmame*
  51. emulators/xmess*
  52. games/8kingdoms*
  53. games/asc*
  54. games/capicity*
  55. games/capitalism*
  56. games/ggz-client-libs*
  57. games/mudmagic*
  58. games/spellathon*
  59. games/vegastrike*
  60. games/xpilot-ng-client*
  61. games/xptools*
  62. graphics/copperspice*
  63. graphics/dri*
  64. graphics/exact-image*
  65. graphics/gbm*
  66. graphics/k3d*
  67. graphics/kipi-plugin-dngconverter*
  68. graphics/libEGL*
  69. graphics/libGL*
  70. graphics/libglapi*
  71. graphics/libglesv2*
  72. graphics/libreatlas*
  73. graphics/libxatracker*
  74. graphics/natron*
  75. graphics/rawtherapee-devel*
  76. graphics/rubyphoto*
  77. java/subversion-java*
  78. lang/hiphop-php*
  79. lang/ofc*
  80. lang/pypy*
  81. lang/pypy-devel*
  82. lang/pypy3*
  83. lang/pypy3-devel*
  84. lang/xotcl*
  85. math/vtk*
  86. math/vtk-headers*
  87. math/vtk-java*
  88. math/vtk-python*
  89. math/vtk-tcl*
  90. math/vtk5*
  91. multimedia/asdcplib*
  92. multimedia/kodi-addon-inputstream.adaptive-devel*
  93. multimedia/kodi-devel*
  94. multimedia/mp4split*
  95. multimedia/opencinematools*
  96. net/ceph*
  97. net/ceph-devel*
  98. net/ceph12*
  99. net/ceph13*
  100. net/clamz*
  101. net/grive*
  102. net/mediatomb*
  103. net/opensips*
  104. net/php4-xmlrpc*
  105. net-im/jabber*
  106. net-im/libjingle*
  107. net-im/mu-conference*
  108. polish/ekg2*
  109. print/ghostscript8*
  110. print/ghostscript8-nox11*
  111. print/ghostscript9*
  112. print/ghostscript9-agpl*
  113. print/ghostscript9-agpl-nox11*
  114. print/ghostscript9-nox11*
  115. security/kdbx-viewer*
  116. security/subversion-kwallet*
  117. sysutils/condor*
  118. sysutils/lire*
  119. sysutils/policykit*
  120. textproc/erlang-fast_xml*
  121. textproc/erlang-p1xml*
  122. textproc/exmpp*
  123. textproc/hs-hexpat*
  124. textproc/luaexpat-51*
  125. textproc/php4-wddx*
  126. textproc/php4-xml*
  127. textproc/php4-xslt*
  128. textproc/ruby-sablot*
  129. textproc/ruby-xmlparser*
  130. textproc/simplexml*
  131. textproc/sphinxsearch-devel*
  132. textproc/tclExpat*
  133. www/apache20*
  134. www/apache22*
  135. www/apache22-event-mpm*
  136. www/apache22-itk-mpm*
  137. www/apache22-peruser-mpm*
  138. www/apache22-worker-mpm*
  139. www/cas*
  140. www/flood*
  141. www/httpdirfs*
  142. www/mod_pagespeed*
  143. www/neon29*
  144. x11-servers/wayland*
  145. x11-toolkits/gtkada3*
  146. x11-toolkits/nucleo*
  147. x11-toolkits/paragui*
  148. x11-toolkits/paragui-devel*
  149. x11-toolkits/wxgtk26*
  150. x11-toolkits/wxgtk26-common*
  151. x11-toolkits/wxgtk26-contrib*
  152. x11-toolkits/wxgtk26-contrib-common*
  153. x11-toolkits/wxgtk26-unicode*
  154. x11-toolkits/wxgtk26-unicode-contrib*
  155. x11-toolkits/wxgtk28-unicode*
  156. x11-toolkits/wxgtk28-unicode-contrib*
  157. x11-toolkits/wxgtk29*
  158. x11-wm/waimea-devel*
  159. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
Options name:

USES:

FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://github.com/libexpat/libexpat/releases/download/R_2_4_8/
Collapse this list.

Number of commits found: 71

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
04 Apr 2022 13:07:20
 files touched by this commit commit hash:709f05aef0aa1c065adaf92895a31aff17369979  2.4.8
Tobias C. Berner (tcberner) search for other commits by this committer
textproc/expat2: update to 2.4.8

Release 2.4.8 Mon March 28 2022
        Other changes:
            #587  pkg-config: Move "-lm" to section "Libs.private"
            #587  CMake|MSVC: Fix pkg-config section "Libs"
        #55 #582  CMake|macOS: Start using linker arguments
                    "-compatibility_version <version>" and
                    "-current_version <version>" in a way compatible with
                    GNU Libtool
       #590 #591  Version info bumped from 9:7:8 to 9:8:8;
                    see https://verbump.de/ for what these numbers do

        Infrastructure:
            #589  CI: Upgrade Clang from 13 to 14

        Special thanks to:
            evpobr
            Kai Pastor
            Sam James

Exp-run by:	antoine
PR:		262944
10 Mar 2022 05:14:18
 files touched by this commit commit hash:5a4db4dfb5abda7978bcb9cb146cd6e74725e43e  2.4.7
Tobias C. Berner (tcberner) search for other commits by this committer
textproc/expat2: update to 2.4.7

From [1]:

Release 2.4.7 Fri March 4 2022
        Bug fixes:
       #572 #577  Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
                    with regard to all valid URI characters (RFC 3986),
                    i.e. the following set (excluding whitespace):
                    ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz
                    0123456789 % -._~ :/?#[]@ !$&'()*+,;=

        Other changes:
  #555 #570 #581  CMake|Windows: Store Expat version in the DLL
            #577  Document consequences of namespace separator choices not just
(Only the first 15 lines of the commit message are shown above View all of this commit message)
05 Feb 2022 06:42:34
 files touched by this commit commit hash:4c6bb049ab93102501743fc83ee38b45e6d974a4  2.4.4
Tobias C. Berner (tcberner) search for other commits by this committer
textproc/expat2: update to 2.4.4

Release 2.4.4 Sun January 30 2022
        Security fixes:
            #550  CVE-2022-23852 -- Fix signed integer overflow
                    (undefined behavior) in function XML_GetBuffer
                    (that is also called by function XML_Parse internally)
                    for when XML_CONTEXT_BYTES is defined to >0 (which is both
                    common and default).
                    Impact is denial of service or more.
            #551  CVE-2022-23990 -- Fix unsigned integer overflow in function
                    doProlog triggered by large content in element type
                    declarations when there is an element declaration handler
                    present (from a prior call to XML_SetElementDeclHandler).
                    Impact is denial of service or more.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
21 Jan 2022 08:04:08
 files touched by this commit commit hash:97d40c6bda0656833e3e16d9364a5dc1b9587200  2.4.3
Tobias C. Berner (tcberner) search for other commits by this committer
textproc/expat2: update to 2.4.3

From [1]:

libexpat is a fast streaming XML parser. Alongside libxml2, Expat is one
of the most widely used software libre XML parsers written in C,
precisely C99. It is cross-platform and licensed under the MIT license.

Expat 2.4.3 has been released earlier today. Besides two minor fixes to
the build system, this release is about security fixes. There is a total
of 8 CVEs fixed, all related to fixed-size integer math (integer
overflow and invalid shifts) near memory allocation. Impact is denial of
service, or more.

  *  CVE-2021-45960
(Only the first 15 lines of the commit message are shown above View all of this commit message)
27 Dec 2021 13:08:09
 files touched by this commit commit hash:18a7d3dfe3bc14ee859237123956a91a75a177b9  2.4.2
Daniel Engberg (diizzy) search for other commits by this committer
textproc/expat2: Update to 2.4.2

Changelog: https://github.com/libexpat/libexpat/blob/R_2_4_2/expat/Changes

PR:		260580
Approved by:	tcberner (mentor), desktop (tcberner)
Exp-run by:	antoine
14 Sep 2021 10:55:36
 files touched by this commit commit hash:3ee2d51df275eed026c4f7864251a2193e90722e  2.4.1
Bernhard Froehlich (decke) search for other commits by this committer
textproc/expat2: Fix CPE information because current one is deprecated

Approved by:    portmgr (blanket)
29 Aug 2021 11:43:53
 files touched by this commit commit hash:20617299ae5e7fe31ddec87a2bf6bb201c5f125c  2.4.1
Bernhard Froehlich (decke) search for other commits by this committer
textproc/expat2: Add CPE information

Approved by:	portmgr (blanket)
27 May 2021 08:56:26
 files touched by this commit commit hash:1454ab40206b85f94edb6390e0d96c9716a07399  2.4.1
Tobias C. Berner (tcberner) search for other commits by this committer
textprox/expat2: update to 2.4.1 -- fixes CVE-2013-0340/CWE-776

See [1] for details:
	Expat 2.4.0 and follow-up release 2.4.1 have both been released earlier
	today (21-05-23). Release 2.4.0 fixes long known security issue CVE-2013-0340
by
	adding protection against so-called Billion Laughs Attacks, a form of
	denial of service against applications accepting XML input, in all known
	variations, including recent flavor Parameter Laughs.

[1]
https://blog.hartwork.org/posts/cve-2013-0340-billion-laughs-fixed-in-expat-2-4-0

PR:		256121
Exp-run by:	antoine
14 Apr 2021 17:38:18
 files touched by this commit commit hash:d06d7188f31e5df646b41f7a8abf9a9cfd74578b  2.3.0 This port version is marked as vulnerable.
Tobias C. Berner (tcberner) search for other commits by this committer
Author: Daniel Engberg
textproc/expat: update to 2.3.0

- Move static libraries behind an option STATIC. This will likely
  be dropped completely in the next update.

PR:		254543
Exp-run by:	antoine
06 Apr 2021 14:31:07
 files touched by this commit commit hash:305f148f482daf30dcf728039d03d019f88344eb  2.2.10 This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
16 Nov 2020 18:15:15
Original commit files touched by this commit Revision:555503  2.2.10 This port version is marked as vulnerable.
tcberner search for other commits by this committer
textproc/expat2: Update to 2.2.10

- give maintainership to desktop@
- add test target

Changelog:
	https://github.com/libexpat/libexpat/blob/R_2_2_10/expat/Changes

PR:		243228
Submitted by:	daniel.engberg.lists@pyret.net
Exp-run by:	antoine
Approved by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (previous maintainer)
10 Oct 2019 14:42:10
Original commit files touched by this commit Revision:514230  2.2.8 This port version is marked as vulnerable.
danfe search for other commits by this committer
Manual pages are not subject to DOCS option and typically installed
unconditionally, especially when they come pre-built.
19 Sep 2019 12:37:40
Original commit files touched by this commit Revision:512335  2.2.8 This port version is marked as vulnerable.
pi search for other commits by this committer
textproc/expat2: upgrade 2.2.7 -> 2.2.8

PR:		240613
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
Exp-Run by:	antoine
Relnotes:	https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes
Security:	CVE-2019-15903
16 Sep 2019 11:16:55
Original commit files touched by this commit Revision:512162  2.2.7 This port version is marked as vulnerable.
pi search for other commits by this committer
textproc/expat2: upgrade 2.2.6 -> 2.2.7

- exp-run by antoine

PR:		238864
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
Reviewed by:	koobs
Relnotes:	https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
Security:	https://github.com/libexpat/libexpat/issues/186
		https://github.com/libexpat/libexpat/pull/262
10 Sep 2018 13:14:52
Original commit files touched by this commit Revision:479406  2.2.6_1 This port version is marked as vulnerable.
mat search for other commits by this committer
Add DOCS options to ports that should have one.

Also various fixes related to said option.

PR:		230864
Submitted by:	mat
exp-runs by:	antoine
27 Aug 2018 23:45:15
Original commit files touched by this commit Revision:478260  2.2.6_1 This port version is marked as vulnerable.
cpm search for other commits by this committer
textproc/expat2: configure fails when texproc/docbook-utils has been installed

- Build --without-docbook to skip XML to man page compilation
- Bump PORTREVISION

PR:		230957
Submitted by:	cpm
Approved by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
27 Aug 2018 15:11:57
Original commit files touched by this commit Revision:478211  2.2.6 This port version is marked as vulnerable.
swills search for other commits by this committer
textproc/expat2: update to 2.2.6

PR:		230653
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
Exp-run by:	antoine
20 Dec 2017 19:58:13
Original commit files touched by this commit Revision:456847  2.2.5 This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.2.5. Submitter becomes maintainer after consecutive and
lengthy timeouts.

PR:		221634
Submitted by:	svysh.fbsd@gmail.com
Approved by:	maintainer timeout (4 months)
Exp-run by:	antoine
29 Jun 2017 08:39:45
Original commit files touched by this commit Revision:444629  2.2.1 This port version is marked as vulnerable.
tijl search for other commits by this committer
Update to 2.2.1.

Security:	CVE-2017-9233
20 Jan 2017 20:33:31
Original commit files touched by this commit Revision:431996  2.2.0_1 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Update WWW: SF redirects to https://sourceforge.net/projects/<PROJECT_NAME>/
08 Dec 2016 17:40:42
Original commit files touched by this commit Revision:428144  2.2.0_1 This port version is marked as vulnerable.
tijl search for other commits by this committer
Remove libexpat.so.6 compatibility link that was added in r374303 to
prevent massive PORTREVISION bumps.  Bump dependent ports that have not
been bumped since.
02 Dec 2016 11:58:22
Original commit files touched by this commit Revision:427552  2.2.0 This port version is marked as vulnerable.
mat search for other commits by this committer
Do not use post-stage.  Use post-install instead.

The only reason to use post-stage is because the port needs to do
"things" at a later time, like some plist manipulation.
While there, fold post-install in do-install targets when they are
defined.

PR:		214780
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	Absolight
26 Nov 2016 10:34:36
Original commit files touched by this commit Revision:427152  2.2.0 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
- Add LICENSE

Approved by:	portmgr (blanket)
08 Jul 2016 10:03:46
Original commit files touched by this commit Revision:418214  2.2.0 This port version is marked as vulnerable.
tijl search for other commits by this committer
Update to 2.2.0.

PR:		210531
Approved by:	maintainer timeout (2 weeks)
30 Jun 2016 22:36:05
Original commit files touched by this commit Revision:417847  2.1.1_2 This port version is marked as vulnerable.
feld search for other commits by this committer
textproc/expat2: Patch vulnerability

This patch resolves a vulnerability that may still exist due to
compiler optimizations. The previous patches for CVE-2015-1283 and
CVE-2015-2716 may not work as intended in some situations.

MFH:		2016Q2
Security:	CVE-2016-4472
20 Jun 2016 16:23:29
Original commit files touched by this commit Revision:417166  2.1.1_1 This port version is marked as vulnerable.
mat search for other commits by this committer
With the power of USES=dos2unix, get rid of most patches and files
with CRLF.

While there, run make makepatch, rename patches to use the new scheme,
and various fixes.

With hat:	portmgr
Sponsored by:	Absolight
09 Jun 2016 03:27:56
Original commit files touched by this commit Revision:416579  2.1.1_1 This port version is marked as vulnerable.
junovitch search for other commits by this committer
textproc/expat2: address two CVEs reported by upstream

PR:		210155
Reported by:	Sebastian Pipping <sebastian@pipping.org>
Approved by:	ports-secteam (with hat)
Security:	CVE-2012-6702
Security:	CVE-2016-5300
Security:	https://vuxml.FreeBSD.org/freebsd/c9c252f5-2def-11e6-ae88-002590263bf5.html
MFH:		2016Q2
20 May 2016 01:07:16
Original commit files touched by this commit Revision:415534  2.1.1 This port version is marked as vulnerable.
junovitch search for other commits by this committer
textproc/expat2: update 2.1.0 -> 2.1.1

- Update USES for new release format
- Drop CVE-2015-1283 patch now included in this release
- Add patch for CVE-2016-0718

PR:		209360
Submitted by:	tijl
Approved by:	ports-secteam (with hat)
Security:	CVE-2016-0718
Security:	https://vuxml.FreeBSD.org/freebsd/57b3aba7-1e25-11e6-8dd3-002590263bf5.html
11 Aug 2015 22:06:20
Original commit files touched by this commit Revision:393978  2.1.0_3 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add patch for CVE-2015-1283
08 Dec 2014 16:48:41
Original commit files touched by this commit Revision:374303  2.1.0_2 This port version is marked as vulnerable.
tijl search for other commits by this committer
Replace USES=libtool:oldver with USES=libtool or USES=libtool:keepla in
the 32 ports that still use it.  Bump PORTREVISION on their dependent
ports except the ones that depend on these:

audio/libogg
audio/libvorbis
devel/pcre
ftp/curl
graphics/jpeg
graphics/libart_lgpl
graphics/tiff
textproc/expat2
textproc/libxslt

In these cases the same trick as in the recent gettext update is used.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
20 Jun 2014 10:45:46
Original commit files touched by this commit Revision:358550  2.1.0_1 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch to USES=libtool

Approved by:	portmgr blanket
26 Jan 2014 20:15:41
Original commit files touched by this commit Revision:341273  2.1.0 This port version is marked as vulnerable.
mat search for other commits by this committer
Support staging.

Sponsored by:	Absolight
20 Sep 2013 23:17:32
Original commit files touched by this commit Revision:327773  2.1.0 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
textproc)
29 Jul 2013 17:12:55
Original commit files touched by this commit Revision:323896  2.1.0 This port version is marked as vulnerable.
tijl search for other commits by this committer
Update to 2.1.0.

PR:		ports/167636
Submitted by:	sunpoet (with modifications)
Approved by:	kuriyama (maintainer)
09 Nov 2011 15:26:04
Original commit files touched by this commit   2.0.1_2 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Remove WITH_FBSD10_FIX, is no longer needed
27 Oct 2011 10:03:59
Original commit files touched by this commit   2.0.1_2 This port version is marked as vulnerable.
erwin search for other commits by this committer
Apply FreeBSD 10 workaround for some high profile ports to
unbreak a lot of dependent ports.

Submitted by:   beat
Tested on:      pointyhat i386-9-exp and i386-10
29 Aug 2011 14:33:26
Original commit files touched by this commit   2.0.1_2 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Apply updated (correct) fix for xmlparse.c (r1.166 in expat CVS).

PR:             ports/157469
Submitted by:   Todd Rinaldo <toddr@cpanel.net>
03 Jul 2011 14:40:25
Original commit files touched by this commit   2.0.1_1 This port version is marked as vulnerable.
ohauer search for other commits by this committer
-remove MD5
08 Dec 2009 01:34:33
Original commit files touched by this commit   2.0.1_1 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Apply 2 patches from CVS.

Security:       CVE-2009-3560, CVE-2009-3720 (DoS)
Obtained from: 
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165
               
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch
22 Aug 2009 00:37:17
Original commit files touched by this commit   2.0.1 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch SourceForge ports to the new File Release System: categories starting
with T,U,V
21 Aug 2008 06:18:49
Original commit files touched by this commit   2.0.1 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
11 Apr 2008 13:57:34
Original commit files touched by this commit   2.0.1 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 2.0.1

PR:             ports/113550
Submitted by:   bf <bf2006a@yahoo.com>
Approved by:    maintainer timeout (kuriyama; 10 months)
23 Feb 2006 10:40:45
Original commit files touched by this commit   2.0.0_1 This port version is marked as vulnerable.
ade search for other commits by this committer
Conversion to a single libtool environment.

Approved by:    portmgr (kris)
30 Jan 2006 23:18:23
Original commit files touched by this commit   2.0.0 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.0.0 (almost bugfixes from 1.95.8).
- Bump shlib version to 6.
24 Jan 2006 03:10:24
Original commit files touched by this commit   1.95.8_3 This port version is marked as vulnerable.
edwin search for other commits by this committer
SHA256ify

Approved by: krion@
15 Nov 2005 06:52:12
Original commit files touched by this commit   1.95.8_3 This port version is marked as vulnerable.
ade search for other commits by this committer
Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.
12 Jun 2005 16:19:36
Original commit files touched by this commit   1.95.8_3 This port version is marked as vulnerable.
pav search for other commits by this committer
- Fix breakage from previous changes, incorrect libtool file was being
  installed breaking libtool-aware consumers, like php4-xml. Easiest fix
  is to not install .la file.

PR:             ports/82020
Submitted by:   pav
Approved by:    maintainer timeout (4 days - acute fix)
05 Jun 2005 14:18:52
Original commit files touched by this commit   1.95.8_2 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Avoid linking with libc.so (for supporting PTHREAD_LIBS
correctly on 4-stable).

Submitted by:   KATO Tsuguru <tkato432@yahoo.com>
PR:             ports/81730
05 Jun 2005 14:17:52
Original commit files touched by this commit   1.95.8_2 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Avoid linking with libc.so (for supporting PTHREAD_LIBS
correctly on 4-stable).

Submitted by:   KATO Tsuguru <tkato432@yahoo.com>
PR:             ports/81730
24 Apr 2005 09:37:32
Original commit files touched by this commit   1.95.8_1 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Use libtool-1.5 (with required plist fix).

PR:             ports/78291
Submitted by:   delphij
04 Aug 2004 04:46:24
Original commit files touched by this commit   1.95.8 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.8.
09 Jul 2004 17:43:11
Original commit files touched by this commit   1.95.7 This port version is marked as vulnerable.
marcus search for other commits by this committer
Apply a big libtool patch to allow porters to use the libtool installed by
the libtoolX ports instead of the one included with each port.  Ports that
set USE_LIBTOOL_VER=X will now use the ports version of libtool instead of
the included version.  To restore previous behavior, use the new macro,
USE_INC_LIBTOOL_VER.  Both macros accept the same argument: a libtool version.

For example, to use the ports version of libtool-1.5, add the following to
your Makefile:

USE_LIBTOOL_VER=        15

To use the included version of libtool with extra hacks provided by
libtool-1.5, add the following to your Makefile:

USE_INC_LIBTOOL_VER=    15

With this change, ports that had to add additional libtool hacks to prevent
.la files from being installed or to fix certain threading issues can now
delete those hacks (after appropriate testing, of course).

PR:             63944
Based on work by:eik and marcus
Approved by:    ade (autotools maintainer)
Tested by:      kris on pointyhat
Bound to be hidden problems:    You bet
14 Mar 2004 07:57:43
Original commit files touched by this commit   1.95.7 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.7 (shlib major is bumped to 5).
14 Mar 2004 06:17:56
Original commit files touched by this commit   1.95.6_1 This port version is marked as vulnerable.
ade search for other commits by this committer
Whoa there, boy, that's a mighty big commit y'all have there...

Begin autotools sanitization sequence by requiring ports to explicitly
specify which version of {libtool,autoconf,automake} they need, erasing
the concept of a "system default".

For ports-in-waiting:

        USE_LIBTOOL=YES         ->      USE_LIBTOOL_VER=13
        USE_AUTOCONF=YES        ->      USE_AUTOCONF_VER=213
        USE_AUTOMAKE=YES        ->      USE_AUTOMAKE_VER=14

Ports attempting to use the old style system after June 1st 2004 will be
sorely disappointed.
22 Feb 2003 07:48:51
Original commit files touched by this commit   1.95.6_1 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
de-pkg-comment.
06 Feb 2003 01:25:48
Original commit files touched by this commit   1.95.6_1 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Move declaration of enum XML_Status to more earlier place.
This patch is already included in expat repository and will be removed
after next version is released.

Pointed out by: Jordanas Kriauciunas <joskis@xxx.lt>
03 Feb 2003 22:27:13
Original commit files touched by this commit   1.95.6 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.6.
17 Sep 2002 06:36:53
Original commit files touched by this commit   1.95.5 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
I forgot to bump shlib version.

Spotted by:     Mike Harding <mvh@ix.netcom.com>
17 Sep 2002 02:26:23
Original commit files touched by this commit   1.95.5 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.5.

PR:             ports/42749
Submitted by:   Paul Dlug <paul@aps.org>
21 Jul 2002 02:16:17
Original commit files touched by this commit   1.95.4 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.4 (shlib version bumped).

Submitted by:   Sandro Tolaini <sandro@focuseek.com> and
                KATO Tsuguru <tkato@prontomail.com>
PR:             ports/40682, ports/40798
06 Jul 2002 08:10:24
Original commit files touched by this commit   1.95.3 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 1.95.3.

PR:             ports/39993
Submitted by:   KATO Tsuguru <tkato@prontomail.com>
11 May 2002 01:54:17
Original commit files touched by this commit   1.95.2 This port version is marked as vulnerable.
sobomax search for other commits by this committer
Force SHELL MAKE_ENV to be /bin/sh.

Submitted by:   Kent Stewart <kstewart@owt.com>
10 May 2002 17:40:21
Original commit files touched by this commit   1.95.2 This port version is marked as vulnerable.
sobomax search for other commits by this committer
Use bmake instead of gmake - this hopefully resolves dependency deadloop
(gettext->expat->gmake->gettext->expat->...) occasionally created by yours
truly.

Reported by:            marcus
Self kick applied to:   sobomax
26 Nov 2001 06:27:49
 files touched by this commit commit hash:fp1.21189@dev.null.freshports.org
kuriyama search for other commits by this committer
Upgrade to 1.95.2.    
31 Aug 2001 15:20:29
 files touched by this commit commit hash:fp1.18210@dev.null.freshports.org
sobomax search for other commits by this committer
USE_LIBTOOL implies GNU_CONFIGURE, so remove the latter where appropriate.    
17 Mar 2001 04:01:46
 files touched by this commit commit hash:fp1.11175@dev.null.freshports.org
kuriyama search for other commits by this committer
Fix prototype to reduce warning.    
10 Mar 2001 06:44:04
 files touched by this commit commit hash:fp1.10619@dev.null.freshports.org
kuriyama search for other commits by this committer
Fix typo (INSTALLS_SHLIBS -> INSTALLS_SHLIB).    
05 Feb 2001 16:35:27
 files touched by this commit commit hash:fp1.9250@dev.null.freshports.org
olgeni search for other commits by this committer
More style fixes for ports/textproc.    
26 Oct 2000 13:36:51
 files touched by this commit commit hash:fp1.5512@dev.null.freshports.org
knu search for other commits by this committer
Add MAKE_ARGS to tell libtool to use the specified shlib version.    
26 Oct 2000 02:20:04
 files touched by this commit commit hash:fp1.5496@dev.null.freshports.org
kuriyama search for other commits by this committer
Bump SHLIB_MAJOR (and PORTREVISION) not to conflict with expat1.2.    
24 Oct 2000 10:51:38
 files touched by this commit commit hash:fp1.5418@dev.null.freshports.org
kuriyama search for other commits by this committer
Introduce latest version of expat.   This development version will be released
as 2.0 and maintained on   sourceforge.    

Number of commits found: 71