Vendor import of expat 2.4.7. - src

diff options

Diffstat (limited to 'Changes')

-rw-r--r--

1 files changed, 34 insertions, 0 deletions

diff --git a/Changes b/Changes
index 40127e1b76f7..95f697b39a48 100644
--- a/Changes
+++ b/Changes

@@ -2,6 +2,40 @@ NOTE: We are looking for help with a few things:

https://github.com/libexpat/libexpat/labels/help%20wanted

If you can help, please get in touch. Thanks!

+Release 2.4.7 Fri March 4 2022

+ Bug fixes:

+ #572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5)

+ with regard to all valid URI characters (RFC 3986),

+ i.e. the following set (excluding whitespace):

+ ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz

+ 0123456789 % -._~ :/?#[]@ !$&'()*+,;=

+ Other changes:

+ #555 #570 #581 CMake|Windows: Store Expat version in the DLL

+ #577 Document consequences of namespace separator choices not just

+ in doc/reference.html but also in header <expat.h>

+ #577 Document Expat's lack of validation of namespace URIs against

+ RFC 3986, and that the XML 1.0r4 specification doesn't

+ require Expat to validate namespace URIs, and that Expat

+ may do more in that regard in future releases.

+ If you find need for strict RFC 3986 URI validation on

+ application level today, https://uriparser.github.io/ may

+ be of interest.

+ #579 Fix documentation of XML_EndDoctypeDeclHandler in <expat.h>

+ #575 Document that a call to XML_FreeContentModel can be done at

+ a later time from outside the element declaration handler

+ #574 Make hardcoded namespace URIs easier to find in code

+ #573 Update documentation on use of XML_POOR_ENTOPY on Solaris

+ #569 #571 tests: Resolve use of macros NAN and INFINITY for GNU G++

+ 4.8.2 on Solaris.

+ #578 #580 Version info bumped from 9:6:8 to 9:7:8;

+ see https://verbump.de/ for what these numbers do

+ Special thanks to:

+ Jeffrey Walton

+ Johnny Jazeix

+ Thijs Schreijer

Release 2.4.6 Sun February 20 2022

Bug fixes:

#566 Fix a regression introduced by the fix for CVE-2022-25313