From a8a0eacb8148c8d68f059dc7eba585c92cbe937e Mon Sep 17 00:00:00 2001
From: Karen Arutyunov <karen@codesynthesis.com>
Date: Fri, 30 Sep 2022 14:34:51 +0300
Subject: Upgrade to 2.4.9

This in particular fixes CVE-2022-40674.
---
 libexpat/libexpat/buildfile | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'libexpat/libexpat/buildfile')

diff --git a/libexpat/libexpat/buildfile b/libexpat/libexpat/buildfile
index c20e977..7e9514c 100644
--- a/libexpat/libexpat/buildfile
+++ b/libexpat/libexpat/buildfile
@@ -21,6 +21,19 @@ msvc_runtime = ($c.target.system == 'win32-msvc')
 #
 libs{expat}: def{libexpat}: include = $msvc_runtime
 
+def{libexpat}: in{libexpat}
+{
+  in.symbol = '@'
+
+  # @@ TMP Use the in.substitutions variable instead when build2 0.16.0 is
+  #        released (see README-DEV for details).
+  #
+  in.substitution = lax
+
+  EXPAT_COMMENT_ATTR_INFO = ';'
+  EXPAT_COMMENT_DTD       = ' '
+}
+
 # Build options.
 #
 c.poptions += -DHAVE_EXPAT_CONFIG_H -DXML_BUILDING_EXPAT
-- 
cgit v1.1