[3.5][Security] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 (#3354)

* bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4

* Upgrade libexpat embedded copy from version 2.2.1 to 2.2.3 to get security
  fixes.

* Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial
  characters for UTF-8 input (libexpat bug 115):
  https://github.com/libexpat/libexpat/issues/115

* Define XML_POOR_ENTROPY when compiling expat

2 files changed, 5 insertions, 0 deletions

diff --git a/Misc/NEWS.d/next/Library/2017-09-05-20-35-21.bpo-31170.QGmJ1t.rst b/Misc/NEWS.d/next/Library/2017-09-05-20-35-21.bpo-31170.QGmJ1t.rst
new file mode 100644
index 0000000..2505007
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2017-09-05-20-35-21.bpo-31170.QGmJ1t.rst
@@ -0,0 +1,3 @@
+expat: Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial
+characters for UTF-8 input (libexpat bug 115):
+https://github.com/libexpat/libexpat/issues/115
diff --git a/Misc/NEWS.d/next/Security/2017-09-05-20-34-44.bpo-30947.iNMmm4.rst b/Misc/NEWS.d/next/Security/2017-09-05-20-34-44.bpo-30947.iNMmm4.rst
new file mode 100644
index 0000000..3caca9a7
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2017-09-05-20-34-44.bpo-30947.iNMmm4.rst
@@ -0,0 +1,2 @@
+Upgrade libexpat embedded copy from version 2.2.1 to 2.2.3 to get security
+fixes.