Bump libexpat from 2.6.4 to 2.7.3

[mattleibow]

Summary

Update libexpat to 2.7.3 to fix security vulnerabilities.

Security Fixes

• CVE-2025-59375 (CVSS 7.5 HIGH) - Memory exhaustion DoS via crafted XML
• CVE-2024-50602 (CVSS 5.9 Medium) - Parser crash via XML_ResumeParser

Changes

• Updated externals/skia submodule to mono/skia@58763ac5b0
• Updated cgmanifest.json with new commit hash

Related Issues

• Fixes [BUG] Bump libexpat in Skia deps to ≥2.7.2 (CVE-2025-59375) #3389
• Fixes [BUG] Bump libexpat in Skia deps to ≥2.6.4 (CVE-2024-50602) #3425

[github-actions]

Triage Summary

No labels will be applied as the issue relates to updating an external library for security fixes, which does not fit into any of the specified labels.

This issue is not a regression as it pertains solely to a library update for security reasons and does not involve any previously functioning features.

Additional remarks:

• No labels are applicable since the issue discusses an update related to security vulnerabilities and external libraries.
• The issue does not correlate with any specific operating system, platform, or environment that is covered by the available labels.
• It solely focuses on security aspects and does not impact compatibility, performance, or reliability.

Detailed Summary and Actions

Summary of the triage:

• The issue is focused on updating a library for security fixes and does not relate to any specific labels.
• There are no affected platforms or areas that are relevant based on the existing labels.
• The main concern is the security vulnerabilities and the update of a library version.

Summary of the actions that will be performed:

Action	Item	Description
No Action	-	The issue does not correspond with any relevant labels to be applied.

This entire triage process was automated by AI and mistakes may have been made. Please let us know so we can continue to improve.