Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 1 | NOTE: We are looking for help with a few things: |
| 2 | https://github.com/libexpat/libexpat/labels/help%20wanted |
| 3 | If you can help, please get in touch. Thanks! |
| 4 | |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 5 | Release 2.2.9 Wed Septemper 25 2019 |
| 6 | Other changes: |
| 7 | examples: Drop executable bits from elements.c |
| 8 | #349 Windows: Change the name of the Windows DLLs from expat*.dll |
| 9 | to libexpat*.dll once more (regression from 2.2.8, first |
| 10 | fixed in 1.95.3, issue #61 on SourceForge today, |
| 11 | was issue #432456 back then); needs a fix due |
| 12 | case-insensitive file systems on Windows and the fact that |
| 13 | Perl's XML::Parser::Expat compiles into Expat.dll. |
| 14 | #347 Windows: Only define _CRT_RAND_S if not defined |
| 15 | Version info bumped from 7:10:6 to 7:11:6 |
| 16 | |
| 17 | Special thanks to: |
| 18 | Ben Wagner |
| 19 | |
| 20 | Release 2.2.8 Fri Septemper 13 2019 |
| 21 | Security fixes: |
| 22 | #317 #318 CVE-2019-15903 -- Fix heap overflow triggered by |
| 23 | XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber), |
| 24 | and deny internal entities closing the doctype; |
| 25 | fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43 |
| 26 | |
| 27 | Bug fixes: |
| 28 | #240 Fix cases where XML_StopParser did not have any effect |
| 29 | when called from inside of an end element handler |
| 30 | #341 xmlwf: Fix exit code for operation without "-d DIRECTORY"; |
| 31 | previously, only "-d DIRECTORY" would give you a proper |
| 32 | exit code: |
| 33 | # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $? |
| 34 | 2 |
| 35 | # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $? |
| 36 | 0 |
| 37 | Now both cases return exit code 2. |
| 38 | |
| 39 | Other changes: |
| 40 | #299 #302 Windows: Replace LoadLibrary hack to access |
| 41 | unofficial API function SystemFunction036 (RtlGenRandom) |
| 42 | by using official API function rand_s (needs WinXP+) |
| 43 | #325 Windows: Drop support for Visual Studio <=7.1/2003 |
| 44 | and document supported compilers in README.md |
| 45 | #286 Windows: Remove COM code from xmlwf; in case it turns |
| 46 | out needed later, there will be a dedicated repository |
| 47 | below https://github.com/libexpat/ for that code |
| 48 | #322 Windows: Remove explicit MSVC solution and project files. |
| 49 | You can generate Visual Studio solution files through |
| 50 | CMake, e.g.: cmake -G"Visual Studio 15 2017" . |
| 51 | #338 xmlwf: Make "xmlwf -h" help output more friendly |
| 52 | #339 examples: Improve elements.c |
| 53 | #244 #264 Autotools: Add argument --enable-xml-attr-info |
| 54 | #239 #301 Autotools: Add arguments |
| 55 | --with-getrandom |
| 56 | --without-getrandom |
| 57 | --with-sys-getrandom |
| 58 | --without-sys-getrandom |
| 59 | #312 #343 Autotools: Fix linking issues with "./configure LD=clang" |
| 60 | Autotools: Fix "make run-xmltest" for out-of-source builds |
| 61 | #329 #336 CMake: Pull all options from Expat <=2.2.7 into namespace |
| 62 | prefix EXPAT_ with the exception of DOCBOOK_TO_MAN: |
| 63 | - BUILD_doc -> EXPAT_BUILD_DOCS (plural) |
| 64 | - BUILD_examples -> EXPAT_BUILD_EXAMPLES |
| 65 | - BUILD_shared -> EXPAT_SHARED_LIBS |
| 66 | - BUILD_tests -> EXPAT_BUILD_TESTS |
| 67 | - BUILD_tools -> EXPAT_BUILD_TOOLS |
| 68 | - DOCBOOK_TO_MAN -> DOCBOOK_TO_MAN (unchanged) |
| 69 | - INSTALL -> EXPAT_ENABLE_INSTALL |
| 70 | - MSVC_USE_STATIC_CRT -> EXPAT_MSVC_STATIC_CRT |
| 71 | - USE_libbsd -> EXPAT_WITH_LIBBSD |
| 72 | - WARNINGS_AS_ERRORS -> EXPAT_WARNINGS_AS_ERRORS |
| 73 | - XML_CONTEXT_BYTES -> EXPAT_CONTEXT_BYTES |
| 74 | - XML_DEV_URANDOM -> EXPAT_DEV_URANDOM |
| 75 | - XML_DTD -> EXPAT_DTD |
| 76 | - XML_NS -> EXPAT_NS |
| 77 | - XML_UNICODE -> EXPAT_CHAR_TYPE=ushort (!) |
| 78 | - XML_UNICODE_WCHAR_T -> EXPAT_CHAR_TYPE=wchar_t (!) |
| 79 | #244 #264 CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), |
| 80 | default OFF |
| 81 | #326 CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), |
| 82 | default OFF |
| 83 | #328 CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), |
| 84 | default OFF |
| 85 | #239 #277 CMake: Add arguments |
| 86 | -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO |
| 87 | -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO |
| 88 | #326 CMake: Install expat_config.h to include directory |
| 89 | #326 CMake: Generate and install configuration files for |
| 90 | future find_package(expat [..] CONFIG [..]) |
| 91 | CMake: Now produces a summary of applied configuration |
| 92 | CMake: Require C++ compiler only when tests are enabled |
| 93 | #330 CMake: Fix compilation for 16bit character types, |
| 94 | i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) |
| 95 | #265 CMake: Fix linking with MinGW |
| 96 | #330 CMake: Add full support for MinGW; to enable, use |
| 97 | -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake |
| 98 | #330 CMake: Port "make run-xmltest" from GNU Autotools to CMake |
| 99 | #316 CMake: Windows: Make binary postfix match MSVC |
| 100 | Old: expat[d].lib |
| 101 | New: expat[w][d][MD|MT].lib |
| 102 | CMake: Migrate files from Windows to Unix line endings |
| 103 | #308 CMake: Integrate OSS-Fuzz fuzzers, option |
| 104 | -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF |
| 105 | #14 Drop an OpenVMS support leftover |
| 106 | #235 #268 .. |
| 107 | #270 #310 .. |
| 108 | #313 #331 #333 Address compiler warnings |
| 109 | #282 #283 .. |
| 110 | #284 #285 Address cppcheck warnings |
| 111 | #294 #295 Address Clang Static Analyzer warnings |
| 112 | #24 #293 Mass-apply clang-format 9 (and ensure conformance during CI) |
| 113 | Version info bumped from 7:9:6 to 7:10:6 |
| 114 | |
| 115 | Special thanks to: |
| 116 | David Loffredo |
| 117 | Joonun Jang |
| 118 | Khajapasha Mohammed |
| 119 | Kishore Kunche |
| 120 | Marco Maggi |
| 121 | Mitch Phillips |
| 122 | Rolf Ade |
| 123 | xantares |
| 124 | Zhongyuan Zhou |
| 125 | |
Haibo Huang | fd5e81a | 2019-06-20 12:09:36 -0700 | [diff] [blame] | 126 | Release 2.2.7 Wed June 19 2019 |
| 127 | Security fixes: |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 128 | #186 #262 CVE-2018-20843 -- Fix extraction of namespace prefixes from |
| 129 | XML names; XML names with multiple colons could end up in |
| 130 | the wrong namespace, and take a high amount of RAM and CPU |
Haibo Huang | fd5e81a | 2019-06-20 12:09:36 -0700 | [diff] [blame] | 131 | resources while processing, opening the door to |
| 132 | use for denial-of-service attacks |
| 133 | |
| 134 | Other changes: |
| 135 | #195 #197 Autotools/CMake: Utilize -fvisibility=hidden to stop |
| 136 | exporting non-API symbols |
| 137 | #227 Autotools: Add --without-examples and --without-tests |
| 138 | #228 Autotools: Modernize configure.ac |
| 139 | #245 #246 Autotools: Fix check for -fvisibility=hidden for Clang |
| 140 | #247 #248 Autotools: Fix compilation for lack of docbook2x-man |
| 141 | #236 #258 Autotools: Produce .tar.{gz,lz,xz} release archives |
| 142 | #212 CMake: Make libdir of pkgconfig expat.pc support multilib |
| 143 | #158 #263 CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR |
| 144 | #219 Remove fallback to bcopy, assume that memmove(3) exists |
| 145 | #257 Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD) |
| 146 | #243 Windows: Fix syntax of .def module definition files |
| 147 | Version info bumped from 7:8:6 to 7:9:6 |
| 148 | |
| 149 | Special thanks to: |
| 150 | Benjamin Peterson |
| 151 | Caolán McNamara |
| 152 | Hanno Böck |
| 153 | KangLin |
| 154 | Kishore Kunche |
| 155 | Marco Maggi |
| 156 | Rhodri James |
| 157 | Sebastian Dröge |
| 158 | userwithuid |
| 159 | Yury Gribov |
| 160 | |
Elliott Hughes | aaec48e | 2018-08-16 16:29:01 -0700 | [diff] [blame] | 161 | Release 2.2.6 Sun August 12 2018 |
| 162 | Bug fixes: |
| 163 | #170 #206 Avoid doing arithmetic with NULL pointers in XML_GetBuffer |
| 164 | #204 #205 Fix 2.2.5 regression with suspend-resume while parsing |
| 165 | a document like '<root/>' |
| 166 | |
| 167 | Other changes: |
| 168 | #165 #168 Autotools: Fix docbook-related configure syntax error |
| 169 | #166 Autotools: Avoid grep option `-q` for Solaris |
| 170 | #167 Autotools: Support |
| 171 | ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" |
| 172 | #159 #167 Autotools: Support DOCBOOK_TO_MAN command which produces |
| 173 | xmlwf.1 rather than XMLWF.1; also covers case insensitive |
| 174 | file systems |
| 175 | #181 Autotools: Drop -rpath option passed to libtool |
| 176 | #188 Autotools: Detect and deny SGML docbook2man as ours is XML |
| 177 | #188 Autotools/CMake: Support command db2x_docbook2man as well |
| 178 | #174 CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF |
| 179 | #184 #185 CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF |
| 180 | #207 #208 CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, |
| 181 | both defaulting to OFF |
| 182 | #175 CMake: Prefer check_symbol_exists over check_function_exists |
| 183 | #176 CMake: Create the same pkg-config file as with GNU Autotools |
| 184 | #178 #179 CMake: Use GNUInstallDirs module to set proper defaults for |
| 185 | install directories |
| 186 | #208 CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM |
| 187 | #180 Windows: Fix compilation of test suite for Visual Studio 2008 |
| 188 | #131 #173 #202 Address compiler warnings |
| 189 | #187 #190 #200 Fix miscellaneous typos |
| 190 | Version info bumped from 7:7:6 to 7:8:6 |
| 191 | |
| 192 | Special thanks to: |
| 193 | Anton Maklakov |
| 194 | Benjamin Peterson |
| 195 | Brad King |
| 196 | Franek Korta |
| 197 | Frank Rast |
| 198 | Joe Orton |
| 199 | luzpaz |
| 200 | Pedro Vicente |
| 201 | Rainer Jung |
| 202 | Rhodri James |
| 203 | Rolf Ade |
| 204 | Rolf Eike Beer |
| 205 | Thomas Beutlich |
| 206 | Tomasz Kłoczko |
| 207 | |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 208 | Release 2.2.5 Tue October 31 2017 |
| 209 | Bug fixes: |
| 210 | #8 If the parser runs out of memory, make sure its internal |
| 211 | state reflects the memory it actually has, not the memory |
| 212 | it wanted to have. |
| 213 | #11 The default handler wasn't being called when it should for |
| 214 | a SYSTEM or PUBLIC doctype if an entity declaration handler |
| 215 | was registered. |
| 216 | #137 #138 Fix a case of mistakenly reported parsing success where |
| 217 | XML_StopParser was called from an element handler |
| 218 | #162 Function XML_ErrorString was returning NULL rather than |
| 219 | a message for code XML_ERROR_INVALID_ARGUMENT |
| 220 | introduced with release 2.2.1 |
| 221 | |
| 222 | Other changes: |
| 223 | #106 xmlwf: Add argument -N adding notation declarations |
| 224 | #75 #106 Test suite: Resolve expected failure cases where xmlwf |
| 225 | output was incomplete |
| 226 | #127 Windows: Fix test suite compilation |
| 227 | #126 #127 Windows: Fix compilation for Visual Studio 2012 |
Elliott Hughes | aaec48e | 2018-08-16 16:29:01 -0700 | [diff] [blame] | 228 | Windows: Upgrade shipped project files to Visual Studio 2017 |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 229 | #33 #132 tests: Mass-fix compilation for XML_UNICODE_WCHAR_T |
| 230 | #129 examples: Fix compilation for XML_UNICODE_WCHAR_T |
| 231 | #130 benchmark: Fix compilation for XML_UNICODE_WCHAR_T |
| 232 | #144 xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs |
| 233 | Windows or MinGW for 2-byte wchar_t |
| 234 | #9 Address two Clang Static Analyzer false positives |
| 235 | #59 Resolve troublesome macros hiding parser struct membership |
| 236 | and dereferencing that pointer |
| 237 | #6 Resolve superfluous internal malloc/realloc switch |
| 238 | #153 #155 Improve docbook2x-man detection |
| 239 | #160 Undefine NDEBUG in the test suite (rather than rejecting it) |
| 240 | #161 Address compiler warnings |
| 241 | Version info bumped from 7:6:6 to 7:7:6 |
| 242 | |
| 243 | Special thanks to: |
| 244 | Benbuck Nason |
| 245 | Hans Wennborg |
| 246 | José Gutiérrez de la Concha |
| 247 | Pedro Monreal Gonzalez |
| 248 | Rhodri James |
| 249 | Rolf Ade |
| 250 | Stephen Groat |
| 251 | and |
| 252 | Core Infrastructure Initiative |
| 253 | |
| 254 | Release 2.2.4 Sat August 19 2017 |
| 255 | Bug fixes: |
| 256 | #115 Fix copying of partial characters for UTF-8 input |
| 257 | |
| 258 | Other changes: |
| 259 | #109 Fix "make check" for non-x86 architectures that default |
| 260 | to unsigned type char (-128..127 rather than 0..255) |
| 261 | #109 coverage.sh: Cover -funsigned-char |
| 262 | Autotools: Introduce --without-xmlwf argument |
| 263 | #65 Autotools: Replace handwritten Makefile with GNU Automake |
| 264 | #43 CMake: Auto-detect high quality entropy extractors, add new |
| 265 | option USE_libbsd=ON to use arc4random_buf of libbsd |
| 266 | #74 CMake: Add -fno-strict-aliasing only where supported |
| 267 | #114 CMake: Always honor manually set BUILD_* options |
| 268 | #114 CMake: Compile man page if docbook2x-man is available, only |
| 269 | #117 Include file tests/xmltest.log.expected in source tarball |
| 270 | (required for "make run-xmltest") |
| 271 | #117 Include (existing) Visual Studio 2013 files in source tarball |
| 272 | Improve test suite error output |
| 273 | #111 Fix some typos in documentation |
| 274 | Version info bumped from 7:5:6 to 7:6:6 |
| 275 | |
| 276 | Special thanks to: |
| 277 | Jakub Wilk |
| 278 | Joe Orton |
| 279 | Lin Tian |
| 280 | Rolf Eike Beer |
| 281 | |
| 282 | Release 2.2.3 Wed August 2 2017 |
| 283 | Security fixes: |
| 284 | #82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability |
| 285 | using Steve Holme's LoadLibrary wrapper for/of cURL |
| 286 | |
| 287 | Bug fixes: |
| 288 | #85 Fix a dangling pointer issue related to realloc |
| 289 | |
| 290 | Other changes: |
| 291 | Increase code coverage |
| 292 | #91 Linux: Allow getrandom to fail if nonblocking pool has not |
| 293 | yet been initialized and read /dev/urandom then, instead. |
| 294 | This is in line with what recent Python does. |
| 295 | #81 Pre-10.7/Lion macOS: Support entropy from arc4random |
| 296 | #86 Check that a UTF-16 encoding in an XML declaration has the |
| 297 | right endianness |
| 298 | #4 #5 #7 Recover correctly when some reallocations fail |
| 299 | Repair "./configure && make" for systems without any |
| 300 | provider of high quality entropy |
| 301 | and try reading /dev/urandom on those |
| 302 | Ensure that user-defined character encodings have converter |
| 303 | functions when they are needed |
| 304 | Fix mis-leading description of argument -c in xmlwf.1 |
| 305 | Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) |
| 306 | for CloudABI |
| 307 | #100 Fix use of SIPHASH_MAIN in siphash.h |
| 308 | #23 Test suite: Fix memory leaks |
| 309 | Version info bumped from 7:4:6 to 7:5:6 |
| 310 | |
| 311 | Special thanks to: |
| 312 | Chanho Park |
| 313 | Joe Orton |
| 314 | Pascal Cuoq |
| 315 | Rhodri James |
| 316 | Simon McVittie |
| 317 | Vadim Zeitlin |
| 318 | Viktor Szakats |
| 319 | and |
| 320 | Core Infrastructure Initiative |
| 321 | |
| 322 | Release 2.2.2 Wed July 12 2017 |
| 323 | Security fixes: |
| 324 | #43 Protect against compilation without any source of high |
| 325 | quality entropy enabled, e.g. with CMake build system; |
| 326 | commit ff0207e6076e9828e536b8d9cd45c9c92069b895 |
| 327 | #60 Windows with _UNICODE: |
| 328 | Unintended use of LoadLibraryW with a non-wide string |
| 329 | resulted in failure to load advapi32.dll and degradation |
| 330 | in quality of used entropy when compiled with _UNICODE for |
| 331 | Windows; you can launch existing binaries with |
| 332 | EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the |
| 333 | quality of entropy used during runtime; commits |
| 334 | * 95b95032f907ef1cd17ee7a9a1768010a825d61d |
| 335 | * 73a5a2e9c081f49f2d775cf7ced864158b68dc80 |
| 336 | [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; |
| 337 | resulted in NULL dereference, previously; |
| 338 | commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe |
| 339 | |
| 340 | Bug fixes: |
| 341 | #69 Fix improper use of unsigned long long integer literals |
| 342 | |
| 343 | Other changes: |
| 344 | #73 Start requiring a C99 compiler |
| 345 | #49 Fix "==" Bashism in configure script |
| 346 | #50 Fix too eager getrandom detection for Debian GNU/kFreeBSD |
| 347 | #52 and macOS |
| 348 | #51 Address lack of stdint.h in Visual Studio 2003 to 2008 |
| 349 | #58 Address compile warnings |
| 350 | #68 Fix "./buildconf.sh && ./configure" for some versions |
| 351 | of Dash for /bin/sh |
| 352 | #72 CMake: Ease use of Expat in context of a parent project |
| 353 | with multiple CMakeLists.txt files |
| 354 | #72 CMake: Resolve mistaken executable permissions |
| 355 | #76 Address compile warning with -DNDEBUG (not recommended!) |
| 356 | #77 Address compile warning about macro redefinition |
| 357 | |
| 358 | Special thanks to: |
| 359 | Alexander Bluhm |
| 360 | Ben Boeckel |
| 361 | Cătălin Răceanu |
| 362 | Kerin Millar |
| 363 | László Böszörményi |
| 364 | S. P. Zeidler |
| 365 | Segev Finer |
| 366 | Václav Slavík |
| 367 | Victor Stinner |
| 368 | Viktor Szakats |
| 369 | and |
| 370 | Radically Open Security |
| 371 | |
| 372 | Release 2.2.1 Sat June 17 2017 |
| 373 | Security fixes: |
| 374 | CVE-2017-9233 -- External entity infinite loop DoS |
| 375 | Details: https://libexpat.github.io/doc/cve-2017-9233/ |
| 376 | Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f |
| 377 | [MOX-002] CVE-2016-9063 -- Detect integer overflow; commit |
| 378 | d4f735b88d9932bd5039df2335eefdd0723dbe20 |
| 379 | (Fixed version of existing downstream patches!) |
| 380 | (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off |
| 381 | longer tag names; commits |
| 382 | * 896b6c1fd3b842f377d1b62135dccf0a579cf65d |
| 383 | * af507cef2c93cb8d40062a0abe43a4f4e9158fb2 |
| 384 | #16 * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd |
| 385 | #25 More integer overflow detection (function poolGrow); commits |
| 386 | * 810b74e4703dcfdd8f404e3cb177d44684775143 |
| 387 | * 44178553f3539ce69d34abee77a05e879a7982ac |
| 388 | [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; commits |
| 389 | * 4be2cb5afcc018d996f34bbbce6374b7befad47f |
| 390 | * 7e5b71b748491b6e459e5c9a1d090820f94544d8 |
| 391 | [MOX-005] #30 Use high quality entropy for hash initialization: |
| 392 | * arc4random_buf on BSD, systems with libbsd |
| 393 | (when configured with --with-libbsd), CloudABI |
| 394 | * RtlGenRandom on Windows XP / Server 2003 and later |
| 395 | * getrandom on Linux 3.17+ |
| 396 | In a way, that's still part of CVE-2016-5300. |
| 397 | https://github.com/libexpat/libexpat/pull/30/commits |
| 398 | [MOX-005] For the low quality entropy extraction fallback code, |
| 399 | the parser instance address can no longer leak, commit |
| 400 | 04ad658bd3079dd15cb60fc67087900f0ff4b083 |
| 401 | [MOX-003] Prevent use of uninitialised variable; commit |
| 402 | [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b |
| 403 | Add missing parameter validation to public API functions |
| 404 | and dedicated error code XML_ERROR_INVALID_ARGUMENT: |
| 405 | [MOX-006] * NULL checks; commits |
| 406 | * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many) |
| 407 | * 9ed727064b675b7180c98cb3d4f75efba6966681 |
| 408 | * 6a747c837c50114dfa413994e07c0ba477be4534 |
| 409 | * Negative length (XML_Parse); commit |
| 410 | [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f |
| 411 | [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash |
| 412 | to go further with fixing CVE-2012-0876. |
| 413 | https://github.com/libexpat/libexpat/pull/39/commits |
| 414 | |
| 415 | Bug fixes: |
| 416 | #32 Fix sharing of hash salt across parsers; |
| 417 | relevant where XML_ExternalEntityParserCreate is called |
| 418 | prior to XML_Parse, in particular (e.g. FBReader) |
| 419 | #28 xmlwf: Auto-disable use of memory-mapping (and parsing |
| 420 | as a single chunk) for files larger than ~1 GB (2^30 bytes) |
| 421 | rather than failing with error "out of memory" |
| 422 | #3 Fix double free after malloc failure in DTD code; commit |
| 423 | 7ae9c3d3af433cd4defe95234eae7dc8ed15637f |
| 424 | #17 Fix memory leak on parser error for unbound XML attribute |
| 425 | prefix with new namespaces defined in the same tag; |
| 426 | found by Google's OSS-Fuzz; commits |
| 427 | * 16f87daae5a16132e479e4f71862128c7a915c73 |
| 428 | * b47dbc9745932c160893d433220e462bd605f8cd |
| 429 | xmlwf on Windows: Add missing calls to CloseHandle |
| 430 | |
| 431 | New features: |
| 432 | #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 |
| 433 | for runtime debugging of entropy extraction |
| 434 | |
| 435 | Other changes: |
| 436 | Increase code coverage |
| 437 | #33 Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2; |
| 438 | XML_UNICODE_WCHAR_T was never meant to be used outside |
| 439 | of Windows; 4-byte wchar_t is common on Linux |
| 440 | (SF.net) #538 Start using -fno-strict-aliasing |
| 441 | (SF.net) #540 Support compilation against cloudlibc of CloudABI |
| 442 | Allow MinGW cross-compilation |
| 443 | (SF.net) #534 CMake: Introduce option "BUILD_doc" (enabled by default) |
| 444 | to bypass compilation of the xmlwf.1 man page |
| 445 | (SF.net) pr2 CMake: Introduce option "INSTALL" (enabled by default) |
| 446 | to bypass installation of expat files |
| 447 | CMake: Fix ninja support |
| 448 | Autotools: Add parameters --enable-xml-context [COUNT] |
| 449 | and --disable-xml-context; default of context of 1024 |
| 450 | bytes enabled unchanged |
| 451 | #14 Drop AmigaOS 4.x code and includes |
| 452 | #14 Drop ancient build systems: |
| 453 | * Borland C++ Builder |
| 454 | * OpenVMS |
| 455 | * Open Watcom |
| 456 | * Visual Studio 6.0 |
| 457 | * Pre-X Mac OS (MPW Makefile) |
| 458 | If you happen to rely on some of these, please get in |
| 459 | touch for joining with maintenance. |
| 460 | #10 Move from WIN32 to _WIN32 |
| 461 | #13 Fix "make run-xmltest" order instability |
| 462 | Address compile warnings |
| 463 | Bump version info from 7:2:6 to 7:3:6 |
| 464 | Add AUTHORS file |
| 465 | |
| 466 | Infrastructure: |
| 467 | #1 Migrate from SourceForge to GitHub (except downloads): |
| 468 | https://github.com/libexpat/ |
| 469 | #1 Re-create http://libexpat.org/ project website |
| 470 | Start utilizing Travis CI |
| 471 | |
| 472 | Special thanks to: |
| 473 | Andy Wang |
| 474 | Don Lewis |
| 475 | Ed Schouten |
| 476 | Karl Waclawek |
| 477 | Pascal Cuoq |
| 478 | Rhodri James |
| 479 | Sergei Nikulov |
| 480 | Tobias Taschner |
| 481 | Viktor Szakats |
| 482 | and |
| 483 | Core Infrastructure Initiative |
| 484 | Mozilla Foundation (MOSS Track 3: Secure Open Source) |
| 485 | Radically Open Security |
| 486 | |
Paul Duffin | ba34a0c | 2017-02-27 14:40:16 +0000 | [diff] [blame] | 487 | Release 2.2.0 Tue June 21 2016 |
| 488 | Security fixes: |
| 489 | #537 CVE-2016-0718 -- Fix crash on malformed input |
| 490 | CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / |
| 491 | CVE-2015-2716 introduced with Expat 2.1.1 |
| 492 | #499 CVE-2016-5300 -- Use more entropy for hash initialization |
| 493 | than the original fix to CVE-2012-0876 |
| 494 | #519 CVE-2012-6702 -- Resolve troublesome internal call to srand |
| 495 | that was introduced with Expat 2.1.0 |
| 496 | when addressing CVE-2012-0876 (issue #496) |
| 497 | |
| 498 | Bug fixes: |
| 499 | Fix uninitialized reads of size 1 |
| 500 | (e.g. in little2_updatePosition) |
| 501 | Fix detection of UTF-8 character boundaries |
| 502 | |
| 503 | Other changes: |
| 504 | #532 Fix compilation for Visual Studio 2010 (keyword "C99") |
| 505 | Autotools: Resolve use of "$<" to better support bmake |
| 506 | Autotools: Add QA script "qa.sh" (and make target "qa") |
| 507 | Autotools: Respect CXXFLAGS if given |
| 508 | Autotools: Fix "make run-xmltest" |
| 509 | Autotools: Have "make run-xmltest" check for expected output |
| 510 | p90 CMake: Fix static build (BUILD_shared=OFF) on Windows |
| 511 | #536 CMake: Add soversion, support -DNO_SONAME=yes to bypass |
| 512 | #323 CMake: Add suffix "d" to differentiate debug from release |
| 513 | CMake: Define WIN32 with CMake on Windows |
| 514 | Annotate memory allocators for GCC |
| 515 | Address all currently known compile warnings |
| 516 | Make sure that API symbols remain visible despite |
| 517 | -fvisibility=hidden |
| 518 | Remove executable flag from source files |
| 519 | Resolve COMPILED_FROM_DSP in favor of WIN32 |
| 520 | |
| 521 | Special thanks to: |
| 522 | Björn Lindahl |
| 523 | Christian Heimes |
| 524 | Cristian Rodríguez |
| 525 | Daniel Krügler |
| 526 | Gustavo Grieco |
| 527 | Karl Waclawek |
| 528 | László Böszörményi |
| 529 | Marco Grassi |
| 530 | Pascal Cuoq |
| 531 | Sergei Nikulov |
| 532 | Thomas Beutlich |
| 533 | Warren Young |
| 534 | Yann Droneaud |
| 535 | |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 536 | Release 2.1.1 Sat March 12 2016 |
| 537 | Security fixes: |
| 538 | #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer |
| 539 | |
| 540 | Bug fixes: |
| 541 | #502: Fix potential null pointer dereference |
| 542 | #520: Symbol XML_SetHashSalt was not exported |
| 543 | Output of "xmlwf -h" was incomplete |
| 544 | |
Paul Duffin | ba34a0c | 2017-02-27 14:40:16 +0000 | [diff] [blame] | 545 | Other changes: |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 546 | #503: Document behavior of calling XML_SetHashSalt with salt 0 |
| 547 | Minor improvements to man page xmlwf(1) |
| 548 | Improvements to the experimental CMake build system |
| 549 | libtool now invoked with --verbose |
| 550 | |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 551 | Release 2.1.0 Sat March 24 2012 |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 552 | - Security fixes: |
| 553 | #2958794: CVE-2012-1148 - Memory leak in poolGrow. |
| 554 | #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. |
| 555 | #3496608: CVE-2012-0876 - Hash DOS attack. |
| 556 | #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). |
| 557 | #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 558 | - Bug Fixes: |
| 559 | #1742315: Harmful XML_ParserCreateNS suggestion. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 560 | #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. |
| 561 | #1983953, 2517952, 2517962, 2649838: |
| 562 | Build modifications using autoreconf instead of buildconf.sh. |
| 563 | #2815947, #2884086: OBJEXT and EXEEXT support while building. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 564 | #2517938: xmlwf should return non-zero exit status if not well-formed. |
| 565 | #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. |
| 566 | #2855609: Dangling positionPtr after error. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 567 | #2990652: CMake support. |
| 568 | #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 569 | #3206497: Uninitialized memory returned from XML_Parse. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 570 | #3287849: make check fails on mingw-w64. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 571 | - Patches: |
| 572 | #1749198: pkg-config support. |
| 573 | #3010222: Fix for bug #3010819. |
| 574 | #3312568: CMake support. |
| 575 | #3446384: Report byte offsets for attr names and values. |
| 576 | - New Features / API changes: |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 577 | Added new API member XML_SetHashSalt() that allows setting an initial |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 578 | value (salt) for hash calculations. This is part of the fix for |
| 579 | bug #3496608 to randomize hash parameters. |
| 580 | When compiled with XML_ATTR_INFO defined, adds new API member |
| 581 | XML_GetAttributeInfo() that allows retrieving the byte |
| 582 | offsets for attribute names and values (patch #3446384). |
| 583 | Added CMake build system. |
| 584 | See bug #2990652 and patch #3312568. |
| 585 | Added run-benchmark target to Makefile.in - relies on testdata module |
| 586 | present in the same relative location as in the repository. |
| 587 | |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 588 | Release 2.0.1 Tue June 5 2007 |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 589 | - Fixed bugs #1515266, #1515600: The character data handler's calling |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 590 | of XML_StopParser() was not handled properly; if the parser was |
| 591 | stopped and the handler set to NULL, the parser would segfault. |
| 592 | - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed |
| 593 | some character constants to be ASCII encoded. |
| 594 | - Minor cleanups of the test harness. |
| 595 | - Fixed xmlwf bug #1513566: "out of memory" error on file size zero. |
| 596 | - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. |
| 597 | - Fixes and improvements for Windows platform: |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 598 | bugs #1409451, #1476160, #1548182, #1602769, #1717322. |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 599 | - Build fixes for various platforms: |
| 600 | HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. |
| 601 | All Unix: #1554618 (refreshed config.sub/config.guess). |
| 602 | #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, |
| 603 | without relying on GNU-Make specific features. |
| 604 | #1647805: Patched configure.in to work better with Intel compiler. |
| 605 | - Fixes to Makefile.in to have make check work correctly: |
| 606 | bugs #1408143, #1535603, #1536684. |
| 607 | - Added Open Watcom support: patch #1523242. |
| 608 | |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 609 | Release 2.0.0 Wed Jan 11 2006 |
| 610 | - We no longer use the "check" library for C unit testing; we |
| 611 | always use the (partial) internal implementation of the API. |
| 612 | - Report XML_NS setting via XML_GetFeatureList(). |
| 613 | - Fixed headers for use from C++. |
| 614 | - XML_GetCurrentLineNumber() and XML_GetCurrentColumnNumber() |
| 615 | now return unsigned integers. |
| 616 | - Added XML_LARGE_SIZE switch to enable 64-bit integers for |
| 617 | byte indexes and line/column numbers. |
| 618 | - Updated to use libtool 1.5.22 (the most recent). |
| 619 | - Added support for AmigaOS. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 620 | - Some mostly minor bug fixes. SF issues include: #1006708, |
| 621 | #1021776, #1023646, #1114960, #1156398, #1221160, #1271642. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 622 | |
| 623 | Release 1.95.8 Fri Jul 23 2004 |
| 624 | - Major new feature: suspend/resume. Handlers can now request |
| 625 | that a parse be suspended for later resumption or aborted |
| 626 | altogether. See "Temporarily Stopping Parsing" in the |
| 627 | documentation for more details. |
| 628 | - Some mostly minor bug fixes, but compilation should no |
| 629 | longer generate warnings on most platforms. SF issues |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 630 | include: #827319, #840173, #846309, #888329, #896188, #923913, |
| 631 | #928113, #961698, #985192. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 632 | |
| 633 | Release 1.95.7 Mon Oct 20 2003 |
| 634 | - Fixed enum XML_Status issue (reported on SourceForge many |
| 635 | times), so compilers that are properly picky will be happy. |
| 636 | - Introduced an XMLCALL macro to control the calling |
| 637 | convention used by the Expat API; this macro should be used |
| 638 | to annotate prototypes and definitions of callback |
| 639 | implementations in code compiled with a calling convention |
| 640 | other than the default convention for the host platform. |
| 641 | - Improved ability to build without the configure-generated |
| 642 | expat_config.h header. This is useful for applications |
| 643 | which embed Expat rather than linking in the library. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 644 | - Fixed a variety of bugs: see SF issues #458907, #609603, |
| 645 | #676844, #679754, #692878, #692964, #695401, #699323, #699487, |
| 646 | #820946. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 647 | - Improved hash table lookups. |
| 648 | - Added more regression tests and improved documentation. |
| 649 | |
| 650 | Release 1.95.6 Tue Jan 28 2003 |
| 651 | - Added XML_FreeContentModel(). |
| 652 | - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree(). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 653 | - Fixed a variety of bugs: see SF issues #615606, #616863, |
| 654 | #618199, #653180, #673791. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 655 | - Enhanced the regression test suite. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 656 | - Man page improvements: includes SF issue #632146. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 657 | |
| 658 | Release 1.95.5 Fri Sep 6 2002 |
| 659 | - Added XML_UseForeignDTD() for improved SAX2 support. |
| 660 | - Added XML_GetFeatureList(). |
| 661 | - Defined XML_Bool type and the values XML_TRUE and XML_FALSE. |
| 662 | - Use an incomplete struct instead of a void* for the parser |
| 663 | (may not retain). |
| 664 | - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected. |
| 665 | - Finally fixed bug where default handler would report DTD |
| 666 | events that were already handled by another handler. |
| 667 | Initial patch contributed by Darryl Miles. |
| 668 | - Removed unnecessary DllMain() function that caused static |
| 669 | linking into a DLL to be difficult. |
| 670 | - Added VC++ projects for building static libraries. |
| 671 | - Reduced line-length for all source code and headers to be |
| 672 | no longer than 80 characters, to help with AS/400 support. |
| 673 | - Reduced memory copying during parsing (SF patch #600964). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 674 | - Fixed a variety of bugs: see SF issues #580793, #434664, |
| 675 | #483514, #580503, #581069, #584041, #584183, #584832, #585537, |
| 676 | #596555, #596678, #598352, #598944, #599715, #600479, #600971. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 677 | |
| 678 | Release 1.95.4 Fri Jul 12 2002 |
| 679 | - Added support for VMS, contributed by Craig Berry. See |
| 680 | vms/README.vms for more information. |
| 681 | - Added Mac OS (classic) support, with a makefile for MPW, |
| 682 | contributed by Thomas Wegner and Daryle Walker. |
| 683 | - Added Borland C++ Builder 5 / BCC 5.5 support, contributed |
| 684 | by Patrick McConnell (SF patch #538032). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 685 | - Fixed a variety of bugs: see SF issues #441449, #563184, |
| 686 | #564342, #566334, #566901, #569461, #570263, #575168, #579196. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 687 | - Made skippedEntityHandler conform to SAX2 (see source comment) |
| 688 | - Re-implemented WFC: Entity Declared from XML 1.0 spec and |
| 689 | added a new error "entity declared in parameter entity": |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 690 | see SF bug report #569461 and SF patch #578161 |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 691 | - Re-implemented section 5.1 from XML 1.0 spec: |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 692 | see SF bug report #570263 and SF patch #578161 |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 693 | |
| 694 | Release 1.95.3 Mon Jun 3 2002 |
| 695 | - Added a project to the MSVC workspace to create a wchar_t |
| 696 | version of the library; the DLLs are named libexpatw.dll. |
| 697 | - Changed the name of the Windows DLLs from expat.dll to |
| 698 | libexpat.dll; this fixes SF bug #432456. |
| 699 | - Added the XML_ParserReset() API function. |
| 700 | - Fixed XML_SetReturnNSTriplet() to work for element names. |
| 701 | - Made the XML_UNICODE builds usable (thanks, Karl!). |
| 702 | - Allow xmlwf to read from standard input. |
| 703 | - Install a man page for xmlwf on Unix systems. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 704 | - Fixed many bugs; see SF bug reports #231864, #461380, #464837, |
| 705 | #466885, #469226, #477667, #484419, #487840, #494749, #496505, |
| 706 | #547350. Other bugs which we can't test as easily may also |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 707 | have been fixed, especially in the area of build support. |
| 708 | |
| 709 | Release 1.95.2 Fri Jul 27 2001 |
| 710 | - More changes to make MSVC happy with the build; add a single |
| 711 | workspace to support both the library and xmlwf application. |
| 712 | - Added a Windows installer for Windows users; includes |
| 713 | xmlwf.exe. |
| 714 | - Added compile-time constants that can be used to determine the |
| 715 | Expat version |
| 716 | - Removed a lot of GNU-specific dependencies to aide portability |
| 717 | among the various Unix flavors. |
| 718 | - Fix the UTF-8 BOM bug. |
| 719 | - Cleaned up warning messages for several compilers. |
| 720 | - Added the -Wall, -Wstrict-prototypes options for GCC. |
| 721 | |
| 722 | Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000 |
| 723 | - Changes to get expat to build under Microsoft compiler |
| 724 | - Removed all aborts and instead return an UNEXPECTED_STATE error. |
| 725 | - Fixed a bug where a stray '%' in an entity value would cause an |
| 726 | abort. |
| 727 | - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for |
| 728 | finding this oversight. |
| 729 | - Changed default patterns in lib/Makefile.in to fit non-GNU makes |
| 730 | Thanks to robin@unrated.net for reporting and providing an |
| 731 | account to test on. |
| 732 | - The reference had the wrong label for XML_SetStartNamespaceDecl. |
| 733 | Reported by an anonymous user. |
| 734 | |
| 735 | Release 1.95.0 Fri Sep 29 2000 |
| 736 | - XML_ParserCreate_MM |
| 737 | Allows you to set a memory management suite to replace the |
| 738 | standard malloc,realloc, and free. |
| 739 | - XML_SetReturnNSTriplet |
| 740 | If you turn this feature on when namespace processing is in |
| 741 | effect, then qualified, prefixed element and attribute names |
| 742 | are returned as "uri|name|prefix" where '|' is whatever |
| 743 | separator character is used in namespace processing. |
| 744 | - Merged in features from perl-expat |
| 745 | o XML_SetElementDeclHandler |
| 746 | o XML_SetAttlistDeclHandler |
| 747 | o XML_SetXmlDeclHandler |
| 748 | o XML_SetEntityDeclHandler |
| 749 | o StartDoctypeDeclHandler takes 3 additional parameters: |
| 750 | sysid, pubid, has_internal_subset |
| 751 | o Many paired handler setters (like XML_SetElementHandler) |
| 752 | now have corresponding individual handler setters |
| 753 | o XML_GetInputContext for getting the input context of |
| 754 | the current parse position. |
| 755 | - Added reference material |
| 756 | - Packaged into a distribution that builds a sharable library |