On 2024/11/12 21:12, David Higgs wrote: > On Tue, Nov 12, 2024 at 3:34 PM Alexander Bluhm <bl...@openbsd.org> wrote: > > CVSROOT: /cvs > Module name: src > Changes by: bl...@cvs.openbsd.org 2024/11/12 13:33:38 > > Modified files: > lib/libexpat : Changes README.md shlib_version > lib/libexpat/doc: reference.html > lib/libexpat/examples: element_declarations.c > lib/libexpat/lib: expat.h xmlparse.c > lib/libexpat/tests: basic_tests.c common.c common.h handlers.c > handlers.h misc_tests.c > > Log message: > Update libexpat to version 2.6.4. > > Relevant for OpenBSD are security fix #915, other changes #905 #902 > #904 #317 #918 #914. Major library bump is necessary as new error > constant has been added to a public header file. CVE-2024-50602 > > OK matthieu@ tb@ deraadt@ > > > I suspect I ran sysclean at exactly the wrong time, and now I can't easily > fix python (or git, > according to pkg_check).
If you don't have another machine handy to copy from, simplest fix is probably to cvs up to before the update (cd /usr/src/lib/libexpat; cvs up -D 2024/11/11), and build it (make obj; make clean; make includes; make; make install). I wouldn't expect sysclean to suggest removing an old version while you still have installed ports referencing it though..
