From 5c9c7856a6074027db762ba6c094dba07e62ba13 Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius@gnu.org>
Date: Sun, 30 Jan 2022 15:36:39 +0100
Subject: gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852,
 CVE-2022-23990].

* gnu/packages/xml.scm (expat/fixed): Update to 2.4.4.
---
 gnu/packages/xml.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 771c577618..6a897648eb 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -158,7 +158,7 @@ things the parser might find in the XML document (like start tags).")
 (define expat/fixed
   (package
     (inherit expat)
-    (version "2.4.3")
+    (version "2.4.4")
     (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
               (origin
                 (method url-fetch)
@@ -170,7 +170,7 @@ things the parser might find in the XML document (like start tags).")
                             "/expat-" version ".tar.xz")))
                 (sha256
                  (base32
-                  "12kp4h40cpyqqpjqaldag0xq4ig1ljzpkzy9i2marc7blnqz3ydi")))))))
+                  "1f0iqdy21wcd5nbfgsf8r2d5ilh15mrv8qmm37nw4l9k6xp5vlmm")))))))
 
 (define-public libebml
   (package
-- 
cgit v1.2.3