From db943d695fad7be038cd95100728c73194bf1386 Mon Sep 17 00:00:00 2001
From: Joe Slater <joe.slater@windriver.com>
Date: Mon, 25 Apr 2022 14:38:32 -0400
Subject: [PATCH] expat:  fix several CVEs

CVE-2021-45960
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-23852
CVE-2022-25235
CVE-2022-25236
CVE-2022-25315

Advance to expat-2.1.0-14.el7_9.

=== Testing ===
build-iso; install; boot

 # run test to see if an xml file is well-formed
 $ xmlwf -c -d /tmp /etc/firewalld/zones/public.xml
 $ cat /tmp/public.xml # should look like an xml file
===

Closes-bug: 1969362
Change-Id: I78f1abc4253d0016fed6845202e00cab91e9ed11
Signed-off-by: Joe Slater <joe.slater@windriver.com>
---
 centos-mirror-tools/config/centos/compiler/rpms_3rdparties.lst | 2 --
 centos-mirror-tools/config/centos/compiler/rpms_centos.lst     | 2 ++
 centos-mirror-tools/config/centos/distro/rpms_3rdparties.lst   | 2 --
 centos-mirror-tools/config/centos/distro/rpms_centos.lst       | 2 ++
 centos-mirror-tools/config/centos/flock/rpms_3rdparties.lst    | 1 -
 centos-mirror-tools/config/centos/flock/rpms_centos.lst        | 1 +
 centos-mirror-tools/config/centos/mock/rpms_3rdparties.lst     | 1 -
 centos-mirror-tools/config/centos/mock/rpms_centos.lst         | 1 +
 8 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/centos-mirror-tools/config/centos/compiler/rpms_3rdparties.lst b/centos-mirror-tools/config/centos/compiler/rpms_3rdparties.lst
index 3faf8e70..f819ad56 100644
--- a/centos-mirror-tools/config/centos/compiler/rpms_3rdparties.lst
+++ b/centos-mirror-tools/config/centos/compiler/rpms_3rdparties.lst
@@ -1,5 +1,3 @@
-# expat-2.1.0-12.el7.x86_64.rpm provided by mock
-expat-devel-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-devel-2.1.0-12.el7.x86_64.rpm
 # glib2-2.56.1-7.el7.x86_64.rpm provided by mock
 kernel-headers-4.18.0-147.3.1.el8_1.x86_64.rpm#http://mirror.centos.org/centos/8.1.1911/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-147.3.1.el8_1.x86_64.rpm
 libpng-1.5.13-8.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/libpng-1.5.13-8.el7.x86_64.rpm
diff --git a/centos-mirror-tools/config/centos/compiler/rpms_centos.lst b/centos-mirror-tools/config/centos/compiler/rpms_centos.lst
index 3a074645..bdd3642d 100644
--- a/centos-mirror-tools/config/centos/compiler/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/compiler/rpms_centos.lst
@@ -40,6 +40,8 @@ device-mapper-multipath-libs-0.4.9-119.el7.x86_64.rpm
 device-mapper-persistent-data-0.7.3-3.el7.x86_64.rpm
 # diffutils-3.3-4.el7.x86_64.rpm provided by mock
 # dracut-033-554.el7.x86_64.rpm provided by mock
+# expat-2.1.0-14.el7_9.x86_64.rpm provided by mock
+expat-devel-2.1.0-14.el7_9.x86_64.rpm
 file-devel-5.11-37.el7.x86_64.rpm
 # filesystem-3.2-25.el7.x86_64.rpm provided by mock
 # findutils-4.5.11-6.el7.x86_64.rpm provided by mock
diff --git a/centos-mirror-tools/config/centos/distro/rpms_3rdparties.lst b/centos-mirror-tools/config/centos/distro/rpms_3rdparties.lst
index fba16ff5..5ef492bd 100644
--- a/centos-mirror-tools/config/centos/distro/rpms_3rdparties.lst
+++ b/centos-mirror-tools/config/centos/distro/rpms_3rdparties.lst
@@ -1,5 +1,3 @@
-# expat-2.1.0-12.el7.x86_64.rpm provided by mock
-expat-devel-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-devel-2.1.0-12.el7.x86_64.rpm
 # glib2-2.56.1-7.el7.x86_64.rpm provided by mock
 glib2-devel-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-devel-2.56.1-7.el7.x86_64.rpm
 glib2-doc-2.56.1-7.el7.noarch.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-doc-2.56.1-7.el7.noarch.rpm
diff --git a/centos-mirror-tools/config/centos/distro/rpms_centos.lst b/centos-mirror-tools/config/centos/distro/rpms_centos.lst
index 35511fa0..173bc282 100644
--- a/centos-mirror-tools/config/centos/distro/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/distro/rpms_centos.lst
@@ -216,6 +216,8 @@ erlang-stdlib-18.3.4.4-2.el7.x86_64.rpm
 erlang-syntax_tools-18.3.4.4-2.el7.x86_64.rpm
 erlang-tools-18.3.4.4-2.el7.x86_64.rpm
 erlang-xmerl-18.3.4.4-2.el7.x86_64.rpm
+# expat-2.1.0-14.el7_9.x86_64.rpm provided by mock
+expat-devel-2.1.0-14.el7_9.x86_64.rpm
 expect-5.45-14.el7_1.x86_64.rpm
 # file-5.11-37.el7.x86_64.rpm provided by mock
 # file-libs-5.11-37.el7.x86_64.rpm provided by mock
diff --git a/centos-mirror-tools/config/centos/flock/rpms_3rdparties.lst b/centos-mirror-tools/config/centos/flock/rpms_3rdparties.lst
index 4efed1a6..ed94b4a0 100644
--- a/centos-mirror-tools/config/centos/flock/rpms_3rdparties.lst
+++ b/centos-mirror-tools/config/centos/flock/rpms_3rdparties.lst
@@ -1,5 +1,4 @@
 ansible-2.7.5-1.el7.ans.noarch.rpm#https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.7.5-1.el7.ans.noarch.rpm
-# expat-2.1.0-12.el7.x86_64.rpm provided by mock
 # glib2-2.56.1-7.el7.x86_64.rpm provided by mock
 glib2-devel-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-devel-2.56.1-7.el7.x86_64.rpm
 influxdb-0.9.5.1-1.x86_64.rpm#https://s3.amazonaws.com/influxdb/influxdb-0.9.5.1-1.x86_64.rpm
diff --git a/centos-mirror-tools/config/centos/flock/rpms_centos.lst b/centos-mirror-tools/config/centos/flock/rpms_centos.lst
index ae3212d7..cd8fbe0f 100644
--- a/centos-mirror-tools/config/centos/flock/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/flock/rpms_centos.lst
@@ -178,6 +178,7 @@ erlang-xmerl-18.3.4.4-2.el7.x86_64.rpm
 ethtool-4.8-9.el7.x86_64.rpm
 eventlog-0.2.13-4.el7.x86_64.rpm
 eventlog-devel-0.2.13-4.el7.x86_64.rpm
+# expat-2.1.0-14.el7_9.x86_64.rpm provided by mock
 expect-5.45-14.el7_1.x86_64.rpm
 fcgi-2.4.0-25.el7.x86_64.rpm
 fcgi-devel-2.4.0-25.el7.x86_64.rpm
diff --git a/centos-mirror-tools/config/centos/mock/rpms_3rdparties.lst b/centos-mirror-tools/config/centos/mock/rpms_3rdparties.lst
index fb130b31..5eced613 100644
--- a/centos-mirror-tools/config/centos/mock/rpms_3rdparties.lst
+++ b/centos-mirror-tools/config/centos/mock/rpms_3rdparties.lst
@@ -1,2 +1 @@
-expat-2.1.0-12.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/expat-2.1.0-12.el7.x86_64.rpm
 glib2-2.56.1-7.el7.x86_64.rpm#http://mirror.centos.org/centos/7/os/x86_64/Packages/glib2-2.56.1-7.el7.x86_64.rpm
diff --git a/centos-mirror-tools/config/centos/mock/rpms_centos.lst b/centos-mirror-tools/config/centos/mock/rpms_centos.lst
index 5b09105d..b33a3f35 100644
--- a/centos-mirror-tools/config/centos/mock/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/mock/rpms_centos.lst
@@ -25,6 +25,7 @@ dracut-033-554.el7.x86_64.rpm
 dwz-0.11-3.el7.x86_64.rpm
 epel-release-7-11.noarch.rpm
 epel-rpm-macros-7-21.noarch.rpm
+expat-2.1.0-14.el7_9.x86_64.rpm
 fedpkg-minimal-1.1.0-7.el7.noarch.rpm
 file-5.11-37.el7.x86_64.rpm
 file-libs-5.11-37.el7.x86_64.rpm