update to version 2.5.0

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>

SPECS/expat.spec

@@ -1,24 +1,14 @@
-%global unversion 2_2_10
+%global unversion 2_5_0
 
 Summary: An XML parser library
 Name: expat
 Version: %(echo %{unversion} | sed 's/_/./g')
-Release: 12%{?dist}.2
+Release: 1%{?dist}
 Source: https://github.com/libexpat/libexpat/archive/R_%{unversion}.tar.gz#/expat-%{version}.tar.gz
 URL: https://libexpat.github.io/
 License: MIT
 BuildRequires: autoconf, libtool, xmlto, gcc-c++
 BuildRequires: make
-Patch0:	expat-2.2.10-prevent-integer-overflow-in-doProlog.patch
-Patch1:	expat-2.2.10-Prevent-more-integer-overflows.patch
-Patch2:	expat-2.2.10-Prevent-integer-overflow-on-m_groupSize-in-function.patch
-Patch3:	expat-2.2.10-Detect-and-prevent-troublesome-left-shifts.patch
-Patch4:	expat-2.2.10-Detect-and-prevent-integer-overflow-in-XML_GetBuffer.patch
-Patch5: expat-2.2.10-Protect-against-malicious-namespace-declarations.patch
-Patch6: expat-2.2.10-Add-missing-validation-of-encoding.patch
-Patch7: expat-2.2.10-Prevent-integer-overflow-in-storeRawNames.patch
-Patch8: expat-2.2.10-Prevent-integer-overflow-in-copyString.patch
-Patch9: expat-2.2.10-Prevent-stack-exhaustion-in-build_model.patch
 
 %description
 This is expat, the C library for parsing XML, written by James Clark. Expat
@@ -46,16 +36,6 @@ Install it if you need to link statically with expat.
 
 %prep
 %setup -q -n libexpat-R_%{unversion}/expat
-%patch0 -p1 -b .CVE-2022-23990
-%patch1 -p1 -b .CVE-2022-22822-CVE-2022-22827
-%patch2 -p1 -b .CVE-2021-46143
-%patch3 -p1 -b .CVE-2021-45960
-%patch4 -p1 -b .CVE-2022-23852
-%patch5 -p1 -b .CVE-2022-25236
-%patch6 -p1 -b .CVE-2022-25235
-%patch7 -p1 -b .CVE-2022-25315
-%patch8 -p1 -b .CVE-2022-25314
-%patch9 -p1 -b .CVE-2022-25313
 
 sed -i 's/install-data-hook/do-nothing-please/' lib/Makefile.am
 ./buildconf.sh
@@ -84,27 +64,30 @@ make check
 %{_mandir}/*/*
 
 %files devel
-%doc doc/reference.html doc/*.png doc/*.css examples/*.c
+%doc doc/reference.html doc/*.css examples/*.c
 %{_libdir}/lib*.so
 %{_libdir}/pkgconfig/*.pc
 %{_includedir}/*.h
+%{_libdir}/cmake/expat-%{version}
 
 %files static
 %{_libdir}/lib*.a
 
 %changelog
-* Tue May 03 2022 Tomas Korbar <tkorbar@redhat.com> -  2.2.10-12.2
+* Thu Nov 10 2022 Tomas Korbar <tkorbar@redhat.com> - 2.5.0-1
-- Improve fix for CVE-2022-25313
+- Rebase to version 2.5.0
-- Related: CVE-2022-25313
+- Resolves: CVE-2022-43680
 
-* Tue Apr 26 2022 Tomas Korbar <tkorbar@redhat.com> -  2.2.10-12.1
+* Thu Sep 29 2022 Tomas Korbar <tkorbar@redhat.com> - 2.4.9-1
-- Fix multiple CVEs
+- Rebase to version 2.4.9
-- Resolves: CVE-2022-25314
+- Resolves: CVE-2022-40674
-- Resolves: CVE-2022-25313
 
-* Wed Mar 16 2022 Tomas Korbar <tkorbar@redhat.com> -  2.2.10-12
+* Tue Apr 26 2022 Tomas Korbar <tkorbar@redhat.com> -  2.4.7-1
-- Build fix for CVE-2022-25236 in rhel-9.0.0
+- Rebase to version 2.4.7
-- Related: CVE-2022-25236
+- Resolves: rhbz#2067201
+- Resolves: CVE-2022-25313
+- Resolves: CVE-2022-25314
+- Resolves: CVE-2022-25236
 
 * Mon Mar 14 2022 Tomas Korbar <tkorbar@redhat.com> -  2.2.10-11
 - Improve fix for CVE-2022-25236