.gitignore

@@ -1 +1 @@
-SOURCES/expat-2.4.8.tar.bz2
+SOURCES/expat-2.2.4.tar.bz2

.mingw-expat.metadata

@@ -1 +1 @@
-5bc8aed3107a04ba2a35d45646eb079e6abbfe1d SOURCES/expat-2.4.8.tar.bz2
+3394d6390c041a8f5dec1d5fe7c4af0a23ae4504 SOURCES/expat-2.2.4.tar.bz2

SOURCES/expat-2.2.5-CVE-2018-20843.patch

@@ -0,0 +1,15 @@
+
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-20843
+https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
+
+--- libexpat-R_2_2_5/expat/lib/xmlparse.c.cve20843
++++ libexpat-R_2_2_5/expat/lib/xmlparse.c
+@@ -6057,7 +6057,7 @@ setElementTypePrefix(XML_Parser parser,
+       else
+         poolDiscard(&dtd->pool);
+       elementType->prefix = prefix;
+-
++      break;
+     }
+   }
+   return 1;

SOURCES/expat-2.4.8-Ensure-raw-tagnames-are-safe-exiting-internalEntityParser.patch

@@ -1,122 +0,0 @@
-commit bfecc1f11ab5f0cc2aa3dc5cb87d3236a87ce61d
-Author: Tomas Korbar <tkorbar@redhat.com>
-Date:   Fri Sep 30 10:52:04 2022 +0200
-
-    Fix CVE-2022-40674
-
-diff --git a/lib/xmlparse.c b/lib/xmlparse.c
-index e986156..1352a89 100644
---- a/lib/xmlparse.c
-+++ b/lib/xmlparse.c
-@@ -5826,10 +5826,15 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end,
-   {
-     parser->m_processor = contentProcessor;
-     /* see externalEntityContentProcessor vs contentProcessor */
--    return doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding,
--                     s, end, nextPtr,
--                     (XML_Bool)! parser->m_parsingStatus.finalBuffer,
--                     XML_ACCOUNT_DIRECT);
-+    result = doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding,
-+                      s, end, nextPtr,
-+                      (XML_Bool)! parser->m_parsingStatus.finalBuffer,
-+                      XML_ACCOUNT_DIRECT);
-+    if (result == XML_ERROR_NONE) {
-+      if (! storeRawNames(parser))
-+        return XML_ERROR_NO_MEMORY;
-+    }
-+    return result;
-   }
- }
- 
-diff --git a/tests/runtests.c b/tests/runtests.c
-index ea371b4..193e103 100644
---- a/tests/runtests.c
-+++ b/tests/runtests.c
-@@ -5008,6 +5008,78 @@ START_TEST(test_resume_entity_with_syntax_error) {
- }
- END_TEST
- 
-+void
-+suspending_comment_handler(void *userData, const XML_Char *UNUSED_P(data)) {
-+  XML_Parser parser = (XML_Parser)userData;
-+  XML_StopParser(parser, XML_TRUE);
-+}
-+
-+START_TEST(test_suspend_resume_internal_entity_issue_629) {
-+  const char *const text
-+      = "<!DOCTYPE a [<!ENTITY e '<!--COMMENT-->a'>]><a>&e;<b>\n"
-+        "<"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-+        "/>"
-+        "</b></a>";
-+  const size_t firstChunkSizeBytes = 54;
-+
-+  XML_Parser parser = XML_ParserCreate(NULL);
-+  XML_SetUserData(parser, parser);
-+  XML_SetCommentHandler(parser, suspending_comment_handler);
-+
-+  if (XML_Parse(parser, text, (int)firstChunkSizeBytes, XML_FALSE)
-+      != XML_STATUS_SUSPENDED)
-+    xml_failure(parser);
-+  if (XML_ResumeParser(parser) != XML_STATUS_OK)
-+    xml_failure(parser);
-+  if (XML_Parse(parser, text + firstChunkSizeBytes,
-+                (int)(strlen(text) - firstChunkSizeBytes), XML_TRUE)
-+      != XML_STATUS_OK)
-+    xml_failure(parser);
-+  XML_ParserFree(parser);
-+}
-+END_TEST
-+
-+
- /* Test suspending and resuming in a parameter entity substitution */
- static void XMLCALL
- element_decl_suspender(void *userData, const XML_Char *name,
-@@ -12017,6 +12089,7 @@ make_suite(void) {
-   tcase_add_test(tc_basic, test_hash_collision);
-   tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_internal_entity);
-   tcase_add_test__ifdef_xml_dtd(tc_basic, test_resume_entity_with_syntax_error);
-+  tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_internal_entity_issue_629);
-   tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_parameter_entity);
-   tcase_add_test(tc_basic, test_restart_on_error);
-   tcase_add_test(tc_basic, test_reject_lt_in_attribute_value);
-

SPECS/mingw-expat.spec

@@ -1,20 +1,18 @@
 %{?mingw_package_header}
 
 Name:           mingw-expat
-Version:        2.4.8
-Release:        2%{?dist}
+Version:        2.2.4
+Release:        5%{?dist}
 Summary:        MinGW Windows port of expat XML parser library
 
 License:        MIT
 URL:            http://www.libexpat.org/
 Source0:        http://downloads.sourceforge.net/expat/expat-%{version}.tar.bz2
-
-Patch0001:      expat-2.4.8-Ensure-raw-tagnames-are-safe-exiting-internalEntityParser.patch
+Patch1:         expat-2.2.5-CVE-2018-20843.patch
 
 BuildArch:      noarch
 ExclusiveArch: %{ix86} x86_64
 
-BuildRequires: make
 BuildRequires:  mingw32-filesystem >= 95
 BuildRequires:  mingw32-gcc
 BuildRequires:  mingw32-binutils
@@ -76,8 +74,7 @@ Static version of the MinGW Windows expat XML parser library.
 
 %prep
 %setup -q -n expat-%{version}
-%patch0001 -p1 -b .CVE-2022-40674
-
+%patch1 -p2 -b .cve20843
 
 %build
 %mingw_configure
@@ -91,10 +88,10 @@ Static version of the MinGW Windows expat XML parser library.
 find $RPM_BUILD_ROOT -name "*.la" -delete
 
 # Remove documentation which duplicates that found in the native package.
-rm -rf $RPM_BUILD_ROOT%{mingw32_docdir}
-rm -rf $RPM_BUILD_ROOT%{mingw32_mandir}/man1
-rm -rf $RPM_BUILD_ROOT%{mingw64_docdir}
-rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1
+rm -r $RPM_BUILD_ROOT%{mingw32_docdir}
+rm -r $RPM_BUILD_ROOT%{mingw32_mandir}/man1
+rm -r $RPM_BUILD_ROOT%{mingw64_docdir}
+rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 
 # Win32
 %files -n mingw32-expat
@@ -103,7 +100,6 @@ rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 %{mingw32_bindir}/xmlwf.exe
 %{mingw32_libdir}/libexpat.dll.a
 %{mingw32_libdir}/pkgconfig/expat.pc
-%{mingw32_libdir}/cmake/expat-%{version}/
 %{mingw32_includedir}/expat.h
 %{mingw32_includedir}/expat_config.h
 %{mingw32_includedir}/expat_external.h
@@ -118,7 +114,6 @@ rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 %{mingw64_bindir}/xmlwf.exe
 %{mingw64_libdir}/libexpat.dll.a
 %{mingw64_libdir}/pkgconfig/expat.pc
-%{mingw64_libdir}/cmake/expat-%{version}/
 %{mingw64_includedir}/expat.h
 %{mingw64_includedir}/expat_config.h
 %{mingw64_includedir}/expat_external.h
@@ -128,19 +123,6 @@ rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 
 
 %changelog
-* Wed Jan 04 2023 Uri Lublin <uril@redhat.com> - 2.4.8-2
-- Fix CVE-2022-40674
-  Resolves: rhbz#2130833
-
-* Mon May 02 2022 Uri Lublin <uril@redhat.com> - 2.4.8-1
-- Update to 2.4.8 and pick up CVEs fixes
-- Resolves: rhbz#2050504 CVE-2022-23990
-- Resolves: rhbz#2057023 CVE-2022-25236
-- Resolves: rhbz#2057037 CVE-2022-25235
-- Resolves: rhbz#2057094 CVE-2022-25313
-- Resolves: rhbz#2057099 CVE-2022-25314
-- Resolves: rhbz#2057127 CVE-2022-25315
-
 * Wed Jun 10 2020 Uri Lublin <uril@redhat.com> - 2.2.4-5
 - Rebuild
 - Resolves: rhbz#1773899