Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 1 | NOTE: We are looking for help with a few things: |
| 2 | https://github.com/libexpat/libexpat/labels/help%20wanted |
| 3 | If you can help, please get in touch. Thanks! |
| 4 | |
Elliott Hughes | f898dc2 | 2022-02-23 17:34:51 -0800 | [diff] [blame] | 5 | Release 2.4.6 Sun February 20 2022 |
| 6 | Bug fixes: |
| 7 | #566 Fix a regression introduced by the fix for CVE-2022-25313 |
| 8 | in release 2.4.5 that affects applications that (1) |
| 9 | call function XML_SetElementDeclHandler and (2) are |
| 10 | parsing XML that contains nested element declarations |
| 11 | (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>"). |
| 12 | |
| 13 | Other changes: |
| 14 | #567 #568 Version info bumped from 9:5:8 to 9:6:8; |
| 15 | see https://verbump.de/ for what these numbers do |
| 16 | |
| 17 | Special thanks to: |
| 18 | Matt Sergeant |
| 19 | Samanta Navarro |
| 20 | Sergei Trofimovich |
| 21 | and |
| 22 | NixOS |
| 23 | Perl XML::Parser |
| 24 | |
| 25 | Release 2.4.5 Fri February 18 2022 |
| 26 | Security fixes: |
| 27 | #562 CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 |
| 28 | sequences (e.g. from start tag names) to the XML |
| 29 | processing application on top of Expat can cause |
| 30 | arbitrary damage (e.g. code execution) depending |
| 31 | on how invalid UTF-8 is handled inside the XML |
| 32 | processor; validation was not their job but Expat's. |
| 33 | Exploits with code execution are known to exist. |
| 34 | #561 CVE-2022-25236 -- Passing (one or more) namespace separator |
| 35 | characters in "xmlns[:prefix]" attribute values |
| 36 | made Expat send malformed tag names to the XML |
| 37 | processor on top of Expat which can cause |
| 38 | arbitrary damage (e.g. code execution) depending |
| 39 | on such unexpectable cases are handled inside the XML |
| 40 | processor; validation was not their job but Expat's. |
| 41 | Exploits with code execution are known to exist. |
| 42 | #558 CVE-2022-25313 -- Fix stack exhaustion in doctype parsing |
| 43 | that could be triggered by e.g. a 2 megabytes |
| 44 | file with a large number of opening braces. |
| 45 | Expected impact is denial of service or potentially |
| 46 | arbitrary code execution. |
| 47 | #560 CVE-2022-25314 -- Fix integer overflow in function copyString; |
| 48 | only affects the encoding name parameter at parser creation |
| 49 | time which is often hardcoded (rather than user input), |
| 50 | takes a value in the gigabytes to trigger, and a 64-bit |
| 51 | machine. Expected impact is denial of service. |
| 52 | #559 CVE-2022-25315 -- Fix integer overflow in function storeRawNames; |
| 53 | needs input in the gigabytes and a 64-bit machine. |
| 54 | Expected impact is denial of service or potentially |
| 55 | arbitrary code execution. |
| 56 | |
| 57 | Other changes: |
| 58 | #557 #564 Version info bumped from 9:4:8 to 9:5:8; |
| 59 | see https://verbump.de/ for what these numbers do |
| 60 | |
| 61 | Special thanks to: |
| 62 | Ivan Fratric |
| 63 | Samanta Navarro |
| 64 | and |
| 65 | Google Project Zero |
| 66 | JetBrains |
| 67 | |
| 68 | Release 2.4.4 Sun January 30 2022 |
| 69 | Security fixes: |
| 70 | #550 CVE-2022-23852 -- Fix signed integer overflow |
| 71 | (undefined behavior) in function XML_GetBuffer |
| 72 | (that is also called by function XML_Parse internally) |
| 73 | for when XML_CONTEXT_BYTES is defined to >0 (which is both |
| 74 | common and default). |
| 75 | Impact is denial of service or more. |
| 76 | #551 CVE-2022-23990 -- Fix unsigned integer overflow in function |
| 77 | doProlog triggered by large content in element type |
| 78 | declarations when there is an element declaration handler |
| 79 | present (from a prior call to XML_SetElementDeclHandler). |
| 80 | Impact is denial of service or more. |
| 81 | |
| 82 | Bug fixes: |
| 83 | #544 #545 xmlwf: Fix a memory leak on output file opening error |
| 84 | |
| 85 | Other changes: |
| 86 | #546 Autotools: Fix broken CMake support under Cygwin |
| 87 | #554 Windows: Add missing files to the installer to fix |
| 88 | compilation with CMake from installed sources |
| 89 | #552 #554 Version info bumped from 9:3:8 to 9:4:8; |
| 90 | see https://verbump.de/ for what these numbers do |
| 91 | |
| 92 | Special thanks to: |
| 93 | Carlo Bramini |
| 94 | hwt0415 |
| 95 | Roland Illig |
| 96 | Samanta Navarro |
| 97 | and |
| 98 | Clang LeakSan and the Clang team |
| 99 | |
| 100 | Release 2.4.3 Sun January 16 2022 |
| 101 | Security fixes: |
| 102 | #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places |
| 103 | resulting in |
| 104 | a) realloc acting as free |
| 105 | b) realloc allocating too few bytes |
| 106 | c) undefined behavior |
| 107 | depending on architecture and precise value |
| 108 | for XML documents with >=2^27+1 prefixed attributes |
| 109 | on a single XML tag a la |
| 110 | "<r xmlns:a='[..]' a:a123='[..]' [..] />" |
| 111 | where XML_ParserCreateNS is used to create the parser |
| 112 | (which needs argument "-n" when running xmlwf). |
| 113 | Impact is denial of service, or more. |
| 114 | #532 #538 CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow |
| 115 | on variable m_groupSize in function doProlog leading |
| 116 | to realloc acting as free. |
| 117 | Impact is denial of service or more. |
| 118 | #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows |
| 119 | near memory allocation at multiple places. Mitre assigned |
| 120 | a dedicated CVE for each involved internal C function: |
| 121 | - CVE-2022-22822 for function addBinding |
| 122 | - CVE-2022-22823 for function build_model |
| 123 | - CVE-2022-22824 for function defineAttribute |
| 124 | - CVE-2022-22825 for function lookup |
| 125 | - CVE-2022-22826 for function nextScaffoldPart |
| 126 | - CVE-2022-22827 for function storeAtts |
| 127 | Impact is denial of service or more. |
| 128 | |
| 129 | Other changes: |
| 130 | #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 |
| 131 | #541 Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin |
| 132 | and MSYS2 by not going through Wine on these platforms |
| 133 | #527 #528 Address compiler warnings |
| 134 | #533 #543 Version info bumped from 9:2:8 to 9:3:8; |
| 135 | see https://verbump.de/ for what these numbers do |
| 136 | |
| 137 | Infrastructure: |
| 138 | #536 CI: Check for realistic minimum CMake version |
| 139 | #529 #539 CI: Cover compilation with -m32 |
| 140 | #529 CI: Store coverage reports as artifacts for download |
| 141 | #528 CI: Upgrade Clang from 11 to 13 |
| 142 | |
| 143 | Special thanks to: |
| 144 | An anonymous whitehat |
| 145 | Christopher Degawa |
| 146 | J. Peter Mugaas |
| 147 | Tyson Smith |
| 148 | and |
| 149 | GCC Farm Project |
| 150 | Trend Micro Zero Day Initiative |
| 151 | |
| 152 | Release 2.4.2 Sun December 19 2021 |
| 153 | Other changes: |
| 154 | #509 #510 Link againgst libm for function "isnan" |
| 155 | #513 #514 Include expat_config.h as early as possible |
| 156 | #498 Autotools: Include files with release archives: |
| 157 | - buildconf.sh |
| 158 | - fuzz/*.c |
| 159 | #507 #519 Autotools: Sync CMake templates |
| 160 | #495 #524 CMake: MinGW: Fix pkg-config section "Libs" for |
| 161 | - non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug) |
| 162 | - multi-config CMake generators (e.g. Ninja Multi-Config) |
| 163 | #502 #503 docs: Document that function XML_GetBuffer may return NULL |
| 164 | when asking for a buffer of 0 (zero) bytes size |
| 165 | #522 #523 docs: Fix return value docs for both |
| 166 | XML_SetBillionLaughsAttackProtection* functions |
| 167 | #525 #526 Version info bumped from 9:1:8 to 9:2:8; |
| 168 | see https://verbump.de/ for what these numbers do |
| 169 | |
| 170 | Special thanks to: |
| 171 | Dong-hee Na |
| 172 | Joergen Ibsen |
| 173 | Kai Pastor |
| 174 | |
Elliott Hughes | 33bf975 | 2021-08-10 17:33:34 -0700 | [diff] [blame] | 175 | Release 2.4.1 Sun May 23 2021 |
| 176 | Bug fixes: |
| 177 | #488 #490 Autotools: Fix installed header expat_config.h for multilib |
| 178 | systems; regression introduced in 2.4.0 by pull request #486 |
| 179 | |
| 180 | Other changes: |
| 181 | #491 #492 Version info bumped from 9:0:8 to 9:1:8; |
| 182 | see https://verbump.de/ for what these numbers do |
| 183 | |
| 184 | Special thanks to: |
| 185 | Gentoo's QA check "multilib_check_headers" |
| 186 | |
| 187 | Release 2.4.0 Sun May 23 2021 |
| 188 | Security fixes: |
| 189 | #34 #466 #484 CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks |
| 190 | (denial-of-service; flavors targeting CPU time or RAM or both, |
| 191 | leveraging general entities or parameter entities or both) |
| 192 | by tracking and limiting the input amplification factor |
| 193 | (<amplification> := (<direct> + <indirect>) / <direct>). |
| 194 | By conservative default, amplification up to a factor of 100.0 |
| 195 | is tolerated and rejection only starts after 8 MiB of output bytes |
| 196 | (=<direct> + <indirect>) have been processed. |
| 197 | The fix adds the following to the API: |
| 198 | - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to |
| 199 | signals this specific condition. |
| 200 | - Two new API functions .. |
| 201 | - XML_SetBillionLaughsAttackProtectionMaximumAmplification and |
| 202 | - XML_SetBillionLaughsAttackProtectionActivationThreshold |
| 203 | .. to further tighten billion laughs protection parameters |
| 204 | when desired. Please see file "doc/reference.html" for details. |
| 205 | If you ever need to increase the defaults for non-attack XML |
| 206 | payload, please file a bug report with libexpat. |
| 207 | - Two new XML_FEATURE_* constants .. |
| 208 | - that can be queried using the XML_GetFeatureList function, and |
| 209 | - that are shown in "xmlwf -v" output. |
| 210 | - Two new environment variable switches .. |
| 211 | - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and |
| 212 | - EXPAT_ENTITY_DEBUG=(0|1) |
| 213 | .. for runtime debugging of accounting and entity processing. |
| 214 | Specific behavior of these values may change in the future. |
| 215 | - Two new command line arguments "-a FACTOR" and "-b BYTES" |
| 216 | for xmlwf to further tighten billion laughs protection |
| 217 | parameters when desired. |
| 218 | If you ever need to increase the defaults for non-attack XML |
| 219 | payload, please file a bug report with libexpat. |
| 220 | |
| 221 | Bug fixes: |
| 222 | #332 #470 For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake) |
| 223 | or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault |
| 224 | for UTF-16 payloads containing CDATA sections. |
| 225 | #485 #486 Autotools: Fix generated CMake files for non-64bit and |
| 226 | non-Linux platforms (e.g. macOS and MinGW in particular) |
| 227 | that were introduced with release 2.3.0 |
| 228 | |
| 229 | Other changes: |
| 230 | #468 #469 xmlwf: Improve help output and the xmlwf man page |
| 231 | #463 xmlwf: Improve maintainability through some refactoring |
| 232 | #477 xmlwf: Fix man page DocBook validity |
| 233 | #458 #459 CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR |
| 234 | and CMAKE_INSTALL_INCLUDEDIR |
| 235 | #471 #481 CMake: Add support for standard variable BUILD_SHARED_LIBS |
| 236 | #457 Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters |
| 237 | #467 Resolve macro HAVE_EXPAT_CONFIG_H |
| 238 | #472 Delete unused legacy helper file "conftools/PrintPath" |
| 239 | #473 #483 Improve attribution |
| 240 | #464 #465 #477 doc/reference.html: Fix XHTML validity |
| 241 | #475 #478 doc/reference.html: Replace the 90s look by OK.css |
| 242 | #479 Version info bumped from 8:0:7 to 9:0:8 |
| 243 | due to addition of new symbols and error codes; |
| 244 | see https://verbump.de/ for what these numbers do |
| 245 | |
| 246 | Infrastructure: |
| 247 | #456 CI: Enable periodic runs |
| 248 | #457 CI: Start covering the list of exported symbols |
| 249 | #474 CI: Isolate coverage task |
| 250 | #476 #482 CI: Adapt to breaking changes in image "ubuntu-18.04" |
| 251 | #477 CI: Cover well-formedness and DocBook/XHTML validity |
| 252 | of doc/reference.html and doc/xmlwf.xml |
| 253 | |
| 254 | Special thanks to: |
| 255 | Dimitry Andric |
| 256 | Eero Helenius |
| 257 | Nick Wellnhofer |
| 258 | Rhodri James |
| 259 | Tomas Korbar |
| 260 | Yury Gribov |
| 261 | and |
| 262 | Clang LeakSan |
| 263 | JetBrains |
| 264 | OSS-Fuzz |
| 265 | |
Elliott Hughes | f648a29 | 2021-04-01 15:10:13 -0700 | [diff] [blame] | 266 | Release 2.3.0 Thu March 25 2021 |
| 267 | Bug fixes: |
| 268 | #438 When calling XML_ParseBuffer without a prior successful call to |
| 269 | XML_GetBuffer as a user, no longer trigger undefined behavior |
| 270 | (by adding an integer to a NULL pointer) but rather return |
| 271 | XML_STATUS_ERROR and set the error code to (new) code |
| 272 | XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) |
| 273 | of Clang 11 (but not Clang 9). |
| 274 | #444 xmlwf: Exit status 2 was used for both: |
| 275 | - malformed input files (documented) and |
| 276 | - invalid command-line arguments (undocumented). |
| 277 | The case of invalid command-line arguments now |
| 278 | has its own exit status 4, resolving the ambiguity. |
| 279 | |
| 280 | Other changes: |
| 281 | #439 xmlwf: Add argument -k to allow continuing after |
| 282 | non-fatal errors |
| 283 | #439 xmlwf: Add section about exit status to the -h help output |
| 284 | #422 #426 #447 Windows: Drop support for Visual Studio <=14.0/2015 |
| 285 | #434 Windows: CMake: Detect unsupported Visual Studio at |
| 286 | configure time (rather than at compile time) |
| 287 | #382 #428 testrunner: Make verbose mode (argument "-v") report |
| 288 | about passed tests, and make default mode report about |
| 289 | failures, as well. |
| 290 | #442 CMake: Call "enable_language(CXX)" prior to tinkering |
| 291 | with CMAKE_CXX_* variables |
| 292 | #448 Document use of libexpat from a CMake-based project |
| 293 | #451 Autotools: Install CMake files as generated by CMake 3.19.6 |
| 294 | so that users with "find_package(expat [..] CONFIG [..])" |
| 295 | are served on distributions that are *not* using the CMake |
| 296 | build system inside for libexpat packaging |
| 297 | #436 #437 Autotools: Drop obsolescent macro AC_HEADER_STDC |
| 298 | #450 #452 Autotools: Resolve use of obsolete macro AC_CONFIG_HEADER |
| 299 | #441 Address compiler warnings |
| 300 | #443 Version info bumped from 7:12:6 to 8:0:7 |
| 301 | due to addition of error code XML_ERROR_NO_BUFFER |
| 302 | (see https://verbump.de/ for what these numbers do) |
| 303 | |
| 304 | Infrastructure: |
| 305 | #435 #446 Replace Travis CI by GitHub Actions |
| 306 | |
| 307 | Special thanks to: |
| 308 | Alexander Richardson |
| 309 | Oleksandr Popovych |
| 310 | Thomas Beutlich |
| 311 | Tim Bray |
| 312 | and |
| 313 | Clang LeakSan, Clang 11 UBSan and the Clang team |
| 314 | |
Haibo Huang | d1a324a | 2020-10-28 22:19:36 -0700 | [diff] [blame] | 315 | Release 2.2.10 Sat October 3 2020 |
| 316 | Bug fixes: |
| 317 | #390 #395 #398 Fix undefined behavior during parsing caused by |
| 318 | pointer arithmetic with NULL pointers |
| 319 | #404 #405 Fix reading uninitialized variable during parsing |
| 320 | #406 xmlwf: Add missing check for malloc NULL return |
| 321 | |
| 322 | Other changes: |
| 323 | #396 Windows: Drop support for Visual Studio <=8.0/2005 |
| 324 | #409 Windows: Add missing file "Changes" to the installer |
| 325 | to fix compilation with CMake from installed sources |
| 326 | #403 xmlwf: Document exit codes in xmlwf manpage and |
| 327 | exit with code 3 (rather than code 1) for output errors |
| 328 | when used with "-d DIRECTORY" |
| 329 | #356 #359 MinGW: Provide declaration of rand_s for mingwrt <5.3.0 |
| 330 | #383 #392 Autotools: Use -Werror while configure tests the compiler |
| 331 | for supported compile flags to avoid false positives |
| 332 | #383 #393 #394 Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, |
| 333 | e.g. ensure that they have the last word over flags added |
| 334 | while running ./configure |
| 335 | #360 CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis |
| 336 | on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) |
| 337 | #360 CMake: Detect and deny unsupported build combinations |
| 338 | involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) |
| 339 | #360 CMake: Install pre-compiled shipped xmlwf.1 manpage in case |
| 340 | of -DEXPAT_BUILD_DOCS=OFF |
| 341 | #375 #380 #419 CMake: Fix use of Expat by means of add_subdirectory |
| 342 | #407 #408 CMake: Keep expat target name constant at "expat" |
| 343 | (i.e. refrain from using the target name to control |
| 344 | build artifact filenames) |
| 345 | #385 CMake: Fix compilation with -DEXPAT_SHARED_LIBS=OFF for |
| 346 | Windows |
| 347 | CMake: Expose man page compilation as target "xmlwf-manpage" |
| 348 | #413 #414 CMake: Introduce option EXPAT_BUILD_PKGCONFIG |
| 349 | to control generation of pkg-config file "expat.pc" |
| 350 | #424 CMake: Add minimalistic support for building binary packages |
| 351 | with CMake target "package"; based on CPack |
| 352 | #366 CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with |
| 353 | default OFF to build fuzzer code against OSS-Fuzz and |
| 354 | related environment variable LIB_FUZZING_ENGINE |
| 355 | #354 Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF, each |
| 356 | #354 #355 .. |
| 357 | #356 #412 Address compiler warnings |
| 358 | #368 #369 Address pngcheck warnings with doc/*.png images |
Elliott Hughes | f648a29 | 2021-04-01 15:10:13 -0700 | [diff] [blame] | 359 | #425 Version info bumped from 7:11:6 to 7:12:6 |
Haibo Huang | d1a324a | 2020-10-28 22:19:36 -0700 | [diff] [blame] | 360 | |
| 361 | Special thanks to: |
| 362 | asavah |
| 363 | Ben Wagner |
| 364 | Bhargava Shastry |
| 365 | Frank Landgraf |
| 366 | Jeffrey Walton |
| 367 | Joe Orton |
| 368 | Kleber TarcÃsio |
| 369 | Ma Lin |
| 370 | Maciej Sroczyński |
| 371 | Mohammed Khajapasha |
| 372 | Vadim Zeitlin |
| 373 | and |
| 374 | Cppcheck 2.0 and the Cppcheck team |
| 375 | |
| 376 | Release 2.2.9 Wed September 25 2019 |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 377 | Other changes: |
| 378 | examples: Drop executable bits from elements.c |
| 379 | #349 Windows: Change the name of the Windows DLLs from expat*.dll |
| 380 | to libexpat*.dll once more (regression from 2.2.8, first |
| 381 | fixed in 1.95.3, issue #61 on SourceForge today, |
| 382 | was issue #432456 back then); needs a fix due |
| 383 | case-insensitive file systems on Windows and the fact that |
| 384 | Perl's XML::Parser::Expat compiles into Expat.dll. |
| 385 | #347 Windows: Only define _CRT_RAND_S if not defined |
| 386 | Version info bumped from 7:10:6 to 7:11:6 |
| 387 | |
| 388 | Special thanks to: |
| 389 | Ben Wagner |
| 390 | |
Haibo Huang | d1a324a | 2020-10-28 22:19:36 -0700 | [diff] [blame] | 391 | Release 2.2.8 Fri September 13 2019 |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 392 | Security fixes: |
| 393 | #317 #318 CVE-2019-15903 -- Fix heap overflow triggered by |
| 394 | XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber), |
| 395 | and deny internal entities closing the doctype; |
| 396 | fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43 |
| 397 | |
| 398 | Bug fixes: |
| 399 | #240 Fix cases where XML_StopParser did not have any effect |
| 400 | when called from inside of an end element handler |
| 401 | #341 xmlwf: Fix exit code for operation without "-d DIRECTORY"; |
| 402 | previously, only "-d DIRECTORY" would give you a proper |
| 403 | exit code: |
| 404 | # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $? |
| 405 | 2 |
| 406 | # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $? |
| 407 | 0 |
| 408 | Now both cases return exit code 2. |
| 409 | |
| 410 | Other changes: |
| 411 | #299 #302 Windows: Replace LoadLibrary hack to access |
| 412 | unofficial API function SystemFunction036 (RtlGenRandom) |
| 413 | by using official API function rand_s (needs WinXP+) |
| 414 | #325 Windows: Drop support for Visual Studio <=7.1/2003 |
| 415 | and document supported compilers in README.md |
| 416 | #286 Windows: Remove COM code from xmlwf; in case it turns |
| 417 | out needed later, there will be a dedicated repository |
| 418 | below https://github.com/libexpat/ for that code |
| 419 | #322 Windows: Remove explicit MSVC solution and project files. |
| 420 | You can generate Visual Studio solution files through |
| 421 | CMake, e.g.: cmake -G"Visual Studio 15 2017" . |
| 422 | #338 xmlwf: Make "xmlwf -h" help output more friendly |
| 423 | #339 examples: Improve elements.c |
| 424 | #244 #264 Autotools: Add argument --enable-xml-attr-info |
| 425 | #239 #301 Autotools: Add arguments |
| 426 | --with-getrandom |
| 427 | --without-getrandom |
| 428 | --with-sys-getrandom |
| 429 | --without-sys-getrandom |
| 430 | #312 #343 Autotools: Fix linking issues with "./configure LD=clang" |
| 431 | Autotools: Fix "make run-xmltest" for out-of-source builds |
| 432 | #329 #336 CMake: Pull all options from Expat <=2.2.7 into namespace |
| 433 | prefix EXPAT_ with the exception of DOCBOOK_TO_MAN: |
| 434 | - BUILD_doc -> EXPAT_BUILD_DOCS (plural) |
| 435 | - BUILD_examples -> EXPAT_BUILD_EXAMPLES |
| 436 | - BUILD_shared -> EXPAT_SHARED_LIBS |
| 437 | - BUILD_tests -> EXPAT_BUILD_TESTS |
| 438 | - BUILD_tools -> EXPAT_BUILD_TOOLS |
| 439 | - DOCBOOK_TO_MAN -> DOCBOOK_TO_MAN (unchanged) |
| 440 | - INSTALL -> EXPAT_ENABLE_INSTALL |
| 441 | - MSVC_USE_STATIC_CRT -> EXPAT_MSVC_STATIC_CRT |
| 442 | - USE_libbsd -> EXPAT_WITH_LIBBSD |
| 443 | - WARNINGS_AS_ERRORS -> EXPAT_WARNINGS_AS_ERRORS |
| 444 | - XML_CONTEXT_BYTES -> EXPAT_CONTEXT_BYTES |
| 445 | - XML_DEV_URANDOM -> EXPAT_DEV_URANDOM |
| 446 | - XML_DTD -> EXPAT_DTD |
| 447 | - XML_NS -> EXPAT_NS |
| 448 | - XML_UNICODE -> EXPAT_CHAR_TYPE=ushort (!) |
| 449 | - XML_UNICODE_WCHAR_T -> EXPAT_CHAR_TYPE=wchar_t (!) |
| 450 | #244 #264 CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), |
| 451 | default OFF |
| 452 | #326 CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), |
| 453 | default OFF |
| 454 | #328 CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), |
| 455 | default OFF |
| 456 | #239 #277 CMake: Add arguments |
| 457 | -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO |
| 458 | -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO |
| 459 | #326 CMake: Install expat_config.h to include directory |
| 460 | #326 CMake: Generate and install configuration files for |
| 461 | future find_package(expat [..] CONFIG [..]) |
| 462 | CMake: Now produces a summary of applied configuration |
| 463 | CMake: Require C++ compiler only when tests are enabled |
| 464 | #330 CMake: Fix compilation for 16bit character types, |
| 465 | i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) |
| 466 | #265 CMake: Fix linking with MinGW |
| 467 | #330 CMake: Add full support for MinGW; to enable, use |
| 468 | -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake |
| 469 | #330 CMake: Port "make run-xmltest" from GNU Autotools to CMake |
| 470 | #316 CMake: Windows: Make binary postfix match MSVC |
| 471 | Old: expat[d].lib |
| 472 | New: expat[w][d][MD|MT].lib |
| 473 | CMake: Migrate files from Windows to Unix line endings |
| 474 | #308 CMake: Integrate OSS-Fuzz fuzzers, option |
| 475 | -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF |
| 476 | #14 Drop an OpenVMS support leftover |
| 477 | #235 #268 .. |
| 478 | #270 #310 .. |
| 479 | #313 #331 #333 Address compiler warnings |
| 480 | #282 #283 .. |
| 481 | #284 #285 Address cppcheck warnings |
| 482 | #294 #295 Address Clang Static Analyzer warnings |
| 483 | #24 #293 Mass-apply clang-format 9 (and ensure conformance during CI) |
| 484 | Version info bumped from 7:9:6 to 7:10:6 |
| 485 | |
| 486 | Special thanks to: |
| 487 | David Loffredo |
| 488 | Joonun Jang |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 489 | Kishore Kunche |
| 490 | Marco Maggi |
| 491 | Mitch Phillips |
Haibo Huang | d1a324a | 2020-10-28 22:19:36 -0700 | [diff] [blame] | 492 | Mohammed Khajapasha |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 493 | Rolf Ade |
| 494 | xantares |
| 495 | Zhongyuan Zhou |
| 496 | |
Haibo Huang | fd5e81a | 2019-06-20 12:09:36 -0700 | [diff] [blame] | 497 | Release 2.2.7 Wed June 19 2019 |
| 498 | Security fixes: |
Haibo Huang | 40a7191 | 2019-10-11 11:13:39 -0700 | [diff] [blame] | 499 | #186 #262 CVE-2018-20843 -- Fix extraction of namespace prefixes from |
| 500 | XML names; XML names with multiple colons could end up in |
| 501 | the wrong namespace, and take a high amount of RAM and CPU |
Haibo Huang | fd5e81a | 2019-06-20 12:09:36 -0700 | [diff] [blame] | 502 | resources while processing, opening the door to |
| 503 | use for denial-of-service attacks |
| 504 | |
| 505 | Other changes: |
| 506 | #195 #197 Autotools/CMake: Utilize -fvisibility=hidden to stop |
| 507 | exporting non-API symbols |
| 508 | #227 Autotools: Add --without-examples and --without-tests |
| 509 | #228 Autotools: Modernize configure.ac |
| 510 | #245 #246 Autotools: Fix check for -fvisibility=hidden for Clang |
| 511 | #247 #248 Autotools: Fix compilation for lack of docbook2x-man |
| 512 | #236 #258 Autotools: Produce .tar.{gz,lz,xz} release archives |
| 513 | #212 CMake: Make libdir of pkgconfig expat.pc support multilib |
| 514 | #158 #263 CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR |
| 515 | #219 Remove fallback to bcopy, assume that memmove(3) exists |
| 516 | #257 Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD) |
| 517 | #243 Windows: Fix syntax of .def module definition files |
| 518 | Version info bumped from 7:8:6 to 7:9:6 |
| 519 | |
| 520 | Special thanks to: |
| 521 | Benjamin Peterson |
| 522 | Caolán McNamara |
| 523 | Hanno Böck |
| 524 | KangLin |
| 525 | Kishore Kunche |
| 526 | Marco Maggi |
| 527 | Rhodri James |
| 528 | Sebastian Dröge |
| 529 | userwithuid |
| 530 | Yury Gribov |
| 531 | |
Elliott Hughes | aaec48e | 2018-08-16 16:29:01 -0700 | [diff] [blame] | 532 | Release 2.2.6 Sun August 12 2018 |
| 533 | Bug fixes: |
| 534 | #170 #206 Avoid doing arithmetic with NULL pointers in XML_GetBuffer |
| 535 | #204 #205 Fix 2.2.5 regression with suspend-resume while parsing |
| 536 | a document like '<root/>' |
| 537 | |
| 538 | Other changes: |
| 539 | #165 #168 Autotools: Fix docbook-related configure syntax error |
| 540 | #166 Autotools: Avoid grep option `-q` for Solaris |
| 541 | #167 Autotools: Support |
| 542 | ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" |
| 543 | #159 #167 Autotools: Support DOCBOOK_TO_MAN command which produces |
| 544 | xmlwf.1 rather than XMLWF.1; also covers case insensitive |
| 545 | file systems |
| 546 | #181 Autotools: Drop -rpath option passed to libtool |
| 547 | #188 Autotools: Detect and deny SGML docbook2man as ours is XML |
| 548 | #188 Autotools/CMake: Support command db2x_docbook2man as well |
| 549 | #174 CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF |
| 550 | #184 #185 CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF |
| 551 | #207 #208 CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, |
| 552 | both defaulting to OFF |
| 553 | #175 CMake: Prefer check_symbol_exists over check_function_exists |
| 554 | #176 CMake: Create the same pkg-config file as with GNU Autotools |
| 555 | #178 #179 CMake: Use GNUInstallDirs module to set proper defaults for |
| 556 | install directories |
| 557 | #208 CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM |
| 558 | #180 Windows: Fix compilation of test suite for Visual Studio 2008 |
| 559 | #131 #173 #202 Address compiler warnings |
| 560 | #187 #190 #200 Fix miscellaneous typos |
| 561 | Version info bumped from 7:7:6 to 7:8:6 |
| 562 | |
| 563 | Special thanks to: |
| 564 | Anton Maklakov |
| 565 | Benjamin Peterson |
| 566 | Brad King |
| 567 | Franek Korta |
| 568 | Frank Rast |
| 569 | Joe Orton |
| 570 | luzpaz |
| 571 | Pedro Vicente |
| 572 | Rainer Jung |
| 573 | Rhodri James |
| 574 | Rolf Ade |
| 575 | Rolf Eike Beer |
| 576 | Thomas Beutlich |
| 577 | Tomasz KÅ‚oczko |
| 578 | |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 579 | Release 2.2.5 Tue October 31 2017 |
| 580 | Bug fixes: |
| 581 | #8 If the parser runs out of memory, make sure its internal |
| 582 | state reflects the memory it actually has, not the memory |
| 583 | it wanted to have. |
| 584 | #11 The default handler wasn't being called when it should for |
| 585 | a SYSTEM or PUBLIC doctype if an entity declaration handler |
| 586 | was registered. |
| 587 | #137 #138 Fix a case of mistakenly reported parsing success where |
| 588 | XML_StopParser was called from an element handler |
| 589 | #162 Function XML_ErrorString was returning NULL rather than |
| 590 | a message for code XML_ERROR_INVALID_ARGUMENT |
| 591 | introduced with release 2.2.1 |
| 592 | |
| 593 | Other changes: |
| 594 | #106 xmlwf: Add argument -N adding notation declarations |
| 595 | #75 #106 Test suite: Resolve expected failure cases where xmlwf |
| 596 | output was incomplete |
| 597 | #127 Windows: Fix test suite compilation |
| 598 | #126 #127 Windows: Fix compilation for Visual Studio 2012 |
Elliott Hughes | aaec48e | 2018-08-16 16:29:01 -0700 | [diff] [blame] | 599 | Windows: Upgrade shipped project files to Visual Studio 2017 |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 600 | #33 #132 tests: Mass-fix compilation for XML_UNICODE_WCHAR_T |
| 601 | #129 examples: Fix compilation for XML_UNICODE_WCHAR_T |
| 602 | #130 benchmark: Fix compilation for XML_UNICODE_WCHAR_T |
| 603 | #144 xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs |
| 604 | Windows or MinGW for 2-byte wchar_t |
| 605 | #9 Address two Clang Static Analyzer false positives |
| 606 | #59 Resolve troublesome macros hiding parser struct membership |
| 607 | and dereferencing that pointer |
| 608 | #6 Resolve superfluous internal malloc/realloc switch |
| 609 | #153 #155 Improve docbook2x-man detection |
| 610 | #160 Undefine NDEBUG in the test suite (rather than rejecting it) |
| 611 | #161 Address compiler warnings |
| 612 | Version info bumped from 7:6:6 to 7:7:6 |
| 613 | |
| 614 | Special thanks to: |
| 615 | Benbuck Nason |
| 616 | Hans Wennborg |
| 617 | José Gutiérrez de la Concha |
| 618 | Pedro Monreal Gonzalez |
| 619 | Rhodri James |
| 620 | Rolf Ade |
| 621 | Stephen Groat |
| 622 | and |
| 623 | Core Infrastructure Initiative |
| 624 | |
| 625 | Release 2.2.4 Sat August 19 2017 |
| 626 | Bug fixes: |
| 627 | #115 Fix copying of partial characters for UTF-8 input |
| 628 | |
| 629 | Other changes: |
| 630 | #109 Fix "make check" for non-x86 architectures that default |
| 631 | to unsigned type char (-128..127 rather than 0..255) |
| 632 | #109 coverage.sh: Cover -funsigned-char |
| 633 | Autotools: Introduce --without-xmlwf argument |
| 634 | #65 Autotools: Replace handwritten Makefile with GNU Automake |
| 635 | #43 CMake: Auto-detect high quality entropy extractors, add new |
| 636 | option USE_libbsd=ON to use arc4random_buf of libbsd |
| 637 | #74 CMake: Add -fno-strict-aliasing only where supported |
| 638 | #114 CMake: Always honor manually set BUILD_* options |
| 639 | #114 CMake: Compile man page if docbook2x-man is available, only |
| 640 | #117 Include file tests/xmltest.log.expected in source tarball |
| 641 | (required for "make run-xmltest") |
| 642 | #117 Include (existing) Visual Studio 2013 files in source tarball |
| 643 | Improve test suite error output |
| 644 | #111 Fix some typos in documentation |
| 645 | Version info bumped from 7:5:6 to 7:6:6 |
| 646 | |
| 647 | Special thanks to: |
| 648 | Jakub Wilk |
| 649 | Joe Orton |
| 650 | Lin Tian |
| 651 | Rolf Eike Beer |
| 652 | |
| 653 | Release 2.2.3 Wed August 2 2017 |
| 654 | Security fixes: |
| 655 | #82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability |
| 656 | using Steve Holme's LoadLibrary wrapper for/of cURL |
| 657 | |
| 658 | Bug fixes: |
| 659 | #85 Fix a dangling pointer issue related to realloc |
| 660 | |
| 661 | Other changes: |
| 662 | Increase code coverage |
| 663 | #91 Linux: Allow getrandom to fail if nonblocking pool has not |
| 664 | yet been initialized and read /dev/urandom then, instead. |
| 665 | This is in line with what recent Python does. |
| 666 | #81 Pre-10.7/Lion macOS: Support entropy from arc4random |
| 667 | #86 Check that a UTF-16 encoding in an XML declaration has the |
| 668 | right endianness |
| 669 | #4 #5 #7 Recover correctly when some reallocations fail |
| 670 | Repair "./configure && make" for systems without any |
| 671 | provider of high quality entropy |
| 672 | and try reading /dev/urandom on those |
| 673 | Ensure that user-defined character encodings have converter |
| 674 | functions when they are needed |
| 675 | Fix mis-leading description of argument -c in xmlwf.1 |
| 676 | Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) |
| 677 | for CloudABI |
| 678 | #100 Fix use of SIPHASH_MAIN in siphash.h |
| 679 | #23 Test suite: Fix memory leaks |
| 680 | Version info bumped from 7:4:6 to 7:5:6 |
| 681 | |
| 682 | Special thanks to: |
| 683 | Chanho Park |
| 684 | Joe Orton |
| 685 | Pascal Cuoq |
| 686 | Rhodri James |
| 687 | Simon McVittie |
| 688 | Vadim Zeitlin |
| 689 | Viktor Szakats |
| 690 | and |
| 691 | Core Infrastructure Initiative |
| 692 | |
| 693 | Release 2.2.2 Wed July 12 2017 |
| 694 | Security fixes: |
| 695 | #43 Protect against compilation without any source of high |
| 696 | quality entropy enabled, e.g. with CMake build system; |
| 697 | commit ff0207e6076e9828e536b8d9cd45c9c92069b895 |
| 698 | #60 Windows with _UNICODE: |
| 699 | Unintended use of LoadLibraryW with a non-wide string |
| 700 | resulted in failure to load advapi32.dll and degradation |
| 701 | in quality of used entropy when compiled with _UNICODE for |
| 702 | Windows; you can launch existing binaries with |
| 703 | EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the |
| 704 | quality of entropy used during runtime; commits |
| 705 | * 95b95032f907ef1cd17ee7a9a1768010a825d61d |
| 706 | * 73a5a2e9c081f49f2d775cf7ced864158b68dc80 |
| 707 | [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; |
| 708 | resulted in NULL dereference, previously; |
| 709 | commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe |
| 710 | |
| 711 | Bug fixes: |
| 712 | #69 Fix improper use of unsigned long long integer literals |
| 713 | |
| 714 | Other changes: |
| 715 | #73 Start requiring a C99 compiler |
| 716 | #49 Fix "==" Bashism in configure script |
| 717 | #50 Fix too eager getrandom detection for Debian GNU/kFreeBSD |
| 718 | #52 and macOS |
| 719 | #51 Address lack of stdint.h in Visual Studio 2003 to 2008 |
| 720 | #58 Address compile warnings |
| 721 | #68 Fix "./buildconf.sh && ./configure" for some versions |
| 722 | of Dash for /bin/sh |
| 723 | #72 CMake: Ease use of Expat in context of a parent project |
| 724 | with multiple CMakeLists.txt files |
| 725 | #72 CMake: Resolve mistaken executable permissions |
| 726 | #76 Address compile warning with -DNDEBUG (not recommended!) |
| 727 | #77 Address compile warning about macro redefinition |
| 728 | |
| 729 | Special thanks to: |
| 730 | Alexander Bluhm |
| 731 | Ben Boeckel |
| 732 | Cătălin Răceanu |
| 733 | Kerin Millar |
| 734 | László Böszörményi |
| 735 | S. P. Zeidler |
| 736 | Segev Finer |
| 737 | Václav SlavÃk |
| 738 | Victor Stinner |
| 739 | Viktor Szakats |
| 740 | and |
| 741 | Radically Open Security |
| 742 | |
| 743 | Release 2.2.1 Sat June 17 2017 |
| 744 | Security fixes: |
| 745 | CVE-2017-9233 -- External entity infinite loop DoS |
| 746 | Details: https://libexpat.github.io/doc/cve-2017-9233/ |
| 747 | Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f |
| 748 | [MOX-002] CVE-2016-9063 -- Detect integer overflow; commit |
| 749 | d4f735b88d9932bd5039df2335eefdd0723dbe20 |
| 750 | (Fixed version of existing downstream patches!) |
| 751 | (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off |
| 752 | longer tag names; commits |
| 753 | * 896b6c1fd3b842f377d1b62135dccf0a579cf65d |
| 754 | * af507cef2c93cb8d40062a0abe43a4f4e9158fb2 |
| 755 | #16 * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd |
| 756 | #25 More integer overflow detection (function poolGrow); commits |
| 757 | * 810b74e4703dcfdd8f404e3cb177d44684775143 |
| 758 | * 44178553f3539ce69d34abee77a05e879a7982ac |
| 759 | [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; commits |
| 760 | * 4be2cb5afcc018d996f34bbbce6374b7befad47f |
| 761 | * 7e5b71b748491b6e459e5c9a1d090820f94544d8 |
| 762 | [MOX-005] #30 Use high quality entropy for hash initialization: |
| 763 | * arc4random_buf on BSD, systems with libbsd |
| 764 | (when configured with --with-libbsd), CloudABI |
| 765 | * RtlGenRandom on Windows XP / Server 2003 and later |
| 766 | * getrandom on Linux 3.17+ |
| 767 | In a way, that's still part of CVE-2016-5300. |
| 768 | https://github.com/libexpat/libexpat/pull/30/commits |
| 769 | [MOX-005] For the low quality entropy extraction fallback code, |
| 770 | the parser instance address can no longer leak, commit |
| 771 | 04ad658bd3079dd15cb60fc67087900f0ff4b083 |
| 772 | [MOX-003] Prevent use of uninitialised variable; commit |
| 773 | [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b |
| 774 | Add missing parameter validation to public API functions |
| 775 | and dedicated error code XML_ERROR_INVALID_ARGUMENT: |
| 776 | [MOX-006] * NULL checks; commits |
| 777 | * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many) |
| 778 | * 9ed727064b675b7180c98cb3d4f75efba6966681 |
| 779 | * 6a747c837c50114dfa413994e07c0ba477be4534 |
| 780 | * Negative length (XML_Parse); commit |
| 781 | [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f |
| 782 | [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash |
| 783 | to go further with fixing CVE-2012-0876. |
| 784 | https://github.com/libexpat/libexpat/pull/39/commits |
| 785 | |
| 786 | Bug fixes: |
| 787 | #32 Fix sharing of hash salt across parsers; |
| 788 | relevant where XML_ExternalEntityParserCreate is called |
| 789 | prior to XML_Parse, in particular (e.g. FBReader) |
| 790 | #28 xmlwf: Auto-disable use of memory-mapping (and parsing |
| 791 | as a single chunk) for files larger than ~1 GB (2^30 bytes) |
| 792 | rather than failing with error "out of memory" |
| 793 | #3 Fix double free after malloc failure in DTD code; commit |
| 794 | 7ae9c3d3af433cd4defe95234eae7dc8ed15637f |
| 795 | #17 Fix memory leak on parser error for unbound XML attribute |
| 796 | prefix with new namespaces defined in the same tag; |
| 797 | found by Google's OSS-Fuzz; commits |
| 798 | * 16f87daae5a16132e479e4f71862128c7a915c73 |
| 799 | * b47dbc9745932c160893d433220e462bd605f8cd |
| 800 | xmlwf on Windows: Add missing calls to CloseHandle |
| 801 | |
| 802 | New features: |
| 803 | #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 |
| 804 | for runtime debugging of entropy extraction |
| 805 | |
| 806 | Other changes: |
| 807 | Increase code coverage |
| 808 | #33 Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2; |
| 809 | XML_UNICODE_WCHAR_T was never meant to be used outside |
| 810 | of Windows; 4-byte wchar_t is common on Linux |
| 811 | (SF.net) #538 Start using -fno-strict-aliasing |
| 812 | (SF.net) #540 Support compilation against cloudlibc of CloudABI |
| 813 | Allow MinGW cross-compilation |
| 814 | (SF.net) #534 CMake: Introduce option "BUILD_doc" (enabled by default) |
| 815 | to bypass compilation of the xmlwf.1 man page |
| 816 | (SF.net) pr2 CMake: Introduce option "INSTALL" (enabled by default) |
| 817 | to bypass installation of expat files |
| 818 | CMake: Fix ninja support |
| 819 | Autotools: Add parameters --enable-xml-context [COUNT] |
| 820 | and --disable-xml-context; default of context of 1024 |
| 821 | bytes enabled unchanged |
| 822 | #14 Drop AmigaOS 4.x code and includes |
| 823 | #14 Drop ancient build systems: |
| 824 | * Borland C++ Builder |
| 825 | * OpenVMS |
| 826 | * Open Watcom |
| 827 | * Visual Studio 6.0 |
| 828 | * Pre-X Mac OS (MPW Makefile) |
| 829 | If you happen to rely on some of these, please get in |
| 830 | touch for joining with maintenance. |
| 831 | #10 Move from WIN32 to _WIN32 |
| 832 | #13 Fix "make run-xmltest" order instability |
| 833 | Address compile warnings |
| 834 | Bump version info from 7:2:6 to 7:3:6 |
| 835 | Add AUTHORS file |
| 836 | |
| 837 | Infrastructure: |
| 838 | #1 Migrate from SourceForge to GitHub (except downloads): |
| 839 | https://github.com/libexpat/ |
| 840 | #1 Re-create http://libexpat.org/ project website |
| 841 | Start utilizing Travis CI |
| 842 | |
| 843 | Special thanks to: |
| 844 | Andy Wang |
| 845 | Don Lewis |
| 846 | Ed Schouten |
| 847 | Karl Waclawek |
| 848 | Pascal Cuoq |
| 849 | Rhodri James |
| 850 | Sergei Nikulov |
| 851 | Tobias Taschner |
| 852 | Viktor Szakats |
| 853 | and |
| 854 | Core Infrastructure Initiative |
| 855 | Mozilla Foundation (MOSS Track 3: Secure Open Source) |
| 856 | Radically Open Security |
| 857 | |
Paul Duffin | ba34a0c | 2017-02-27 14:40:16 +0000 | [diff] [blame] | 858 | Release 2.2.0 Tue June 21 2016 |
| 859 | Security fixes: |
| 860 | #537 CVE-2016-0718 -- Fix crash on malformed input |
| 861 | CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / |
| 862 | CVE-2015-2716 introduced with Expat 2.1.1 |
| 863 | #499 CVE-2016-5300 -- Use more entropy for hash initialization |
| 864 | than the original fix to CVE-2012-0876 |
| 865 | #519 CVE-2012-6702 -- Resolve troublesome internal call to srand |
| 866 | that was introduced with Expat 2.1.0 |
| 867 | when addressing CVE-2012-0876 (issue #496) |
| 868 | |
| 869 | Bug fixes: |
| 870 | Fix uninitialized reads of size 1 |
| 871 | (e.g. in little2_updatePosition) |
| 872 | Fix detection of UTF-8 character boundaries |
| 873 | |
| 874 | Other changes: |
| 875 | #532 Fix compilation for Visual Studio 2010 (keyword "C99") |
| 876 | Autotools: Resolve use of "$<" to better support bmake |
| 877 | Autotools: Add QA script "qa.sh" (and make target "qa") |
| 878 | Autotools: Respect CXXFLAGS if given |
| 879 | Autotools: Fix "make run-xmltest" |
| 880 | Autotools: Have "make run-xmltest" check for expected output |
| 881 | p90 CMake: Fix static build (BUILD_shared=OFF) on Windows |
| 882 | #536 CMake: Add soversion, support -DNO_SONAME=yes to bypass |
| 883 | #323 CMake: Add suffix "d" to differentiate debug from release |
| 884 | CMake: Define WIN32 with CMake on Windows |
| 885 | Annotate memory allocators for GCC |
| 886 | Address all currently known compile warnings |
| 887 | Make sure that API symbols remain visible despite |
| 888 | -fvisibility=hidden |
| 889 | Remove executable flag from source files |
| 890 | Resolve COMPILED_FROM_DSP in favor of WIN32 |
| 891 | |
| 892 | Special thanks to: |
| 893 | Björn Lindahl |
| 894 | Christian Heimes |
| 895 | Cristian RodrÃguez |
| 896 | Daniel Krügler |
| 897 | Gustavo Grieco |
| 898 | Karl Waclawek |
| 899 | László Böszörményi |
| 900 | Marco Grassi |
| 901 | Pascal Cuoq |
| 902 | Sergei Nikulov |
| 903 | Thomas Beutlich |
| 904 | Warren Young |
| 905 | Yann Droneaud |
| 906 | |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 907 | Release 2.1.1 Sat March 12 2016 |
| 908 | Security fixes: |
| 909 | #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer |
| 910 | |
| 911 | Bug fixes: |
| 912 | #502: Fix potential null pointer dereference |
| 913 | #520: Symbol XML_SetHashSalt was not exported |
| 914 | Output of "xmlwf -h" was incomplete |
| 915 | |
Paul Duffin | ba34a0c | 2017-02-27 14:40:16 +0000 | [diff] [blame] | 916 | Other changes: |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 917 | #503: Document behavior of calling XML_SetHashSalt with salt 0 |
| 918 | Minor improvements to man page xmlwf(1) |
| 919 | Improvements to the experimental CMake build system |
| 920 | libtool now invoked with --verbose |
| 921 | |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 922 | Release 2.1.0 Sat March 24 2012 |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 923 | - Security fixes: |
| 924 | #2958794: CVE-2012-1148 - Memory leak in poolGrow. |
| 925 | #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. |
| 926 | #3496608: CVE-2012-0876 - Hash DOS attack. |
| 927 | #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). |
| 928 | #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 929 | - Bug Fixes: |
| 930 | #1742315: Harmful XML_ParserCreateNS suggestion. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 931 | #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. |
| 932 | #1983953, 2517952, 2517962, 2649838: |
| 933 | Build modifications using autoreconf instead of buildconf.sh. |
| 934 | #2815947, #2884086: OBJEXT and EXEEXT support while building. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 935 | #2517938: xmlwf should return non-zero exit status if not well-formed. |
| 936 | #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. |
| 937 | #2855609: Dangling positionPtr after error. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 938 | #2990652: CMake support. |
| 939 | #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. |
Elliott Hughes | 7247294 | 2018-01-10 08:36:10 -0800 | [diff] [blame] | 940 | #3206497: Uninitialized memory returned from XML_Parse. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 941 | #3287849: make check fails on mingw-w64. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 942 | - Patches: |
| 943 | #1749198: pkg-config support. |
| 944 | #3010222: Fix for bug #3010819. |
| 945 | #3312568: CMake support. |
| 946 | #3446384: Report byte offsets for attr names and values. |
| 947 | - New Features / API changes: |
Paul Duffin | cee2349 | 2016-05-04 10:42:31 +0100 | [diff] [blame] | 948 | Added new API member XML_SetHashSalt() that allows setting an initial |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 949 | value (salt) for hash calculations. This is part of the fix for |
| 950 | bug #3496608 to randomize hash parameters. |
| 951 | When compiled with XML_ATTR_INFO defined, adds new API member |
| 952 | XML_GetAttributeInfo() that allows retrieving the byte |
| 953 | offsets for attribute names and values (patch #3446384). |
| 954 | Added CMake build system. |
| 955 | See bug #2990652 and patch #3312568. |
| 956 | Added run-benchmark target to Makefile.in - relies on testdata module |
| 957 | present in the same relative location as in the repository. |
| 958 | |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 959 | Release 2.0.1 Tue June 5 2007 |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 960 | - Fixed bugs #1515266, #1515600: The character data handler's calling |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 961 | of XML_StopParser() was not handled properly; if the parser was |
| 962 | stopped and the handler set to NULL, the parser would segfault. |
| 963 | - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed |
| 964 | some character constants to be ASCII encoded. |
| 965 | - Minor cleanups of the test harness. |
| 966 | - Fixed xmlwf bug #1513566: "out of memory" error on file size zero. |
| 967 | - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. |
| 968 | - Fixes and improvements for Windows platform: |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 969 | bugs #1409451, #1476160, #1548182, #1602769, #1717322. |
Elliott Hughes | d07d5a7 | 2009-09-25 16:04:37 -0700 | [diff] [blame] | 970 | - Build fixes for various platforms: |
| 971 | HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. |
| 972 | All Unix: #1554618 (refreshed config.sub/config.guess). |
| 973 | #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, |
| 974 | without relying on GNU-Make specific features. |
| 975 | #1647805: Patched configure.in to work better with Intel compiler. |
| 976 | - Fixes to Makefile.in to have make check work correctly: |
| 977 | bugs #1408143, #1535603, #1536684. |
| 978 | - Added Open Watcom support: patch #1523242. |
| 979 | |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 980 | Release 2.0.0 Wed Jan 11 2006 |
| 981 | - We no longer use the "check" library for C unit testing; we |
| 982 | always use the (partial) internal implementation of the API. |
| 983 | - Report XML_NS setting via XML_GetFeatureList(). |
| 984 | - Fixed headers for use from C++. |
| 985 | - XML_GetCurrentLineNumber() and XML_GetCurrentColumnNumber() |
| 986 | now return unsigned integers. |
| 987 | - Added XML_LARGE_SIZE switch to enable 64-bit integers for |
| 988 | byte indexes and line/column numbers. |
| 989 | - Updated to use libtool 1.5.22 (the most recent). |
| 990 | - Added support for AmigaOS. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 991 | - Some mostly minor bug fixes. SF issues include: #1006708, |
| 992 | #1021776, #1023646, #1114960, #1156398, #1221160, #1271642. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 993 | |
| 994 | Release 1.95.8 Fri Jul 23 2004 |
| 995 | - Major new feature: suspend/resume. Handlers can now request |
| 996 | that a parse be suspended for later resumption or aborted |
| 997 | altogether. See "Temporarily Stopping Parsing" in the |
| 998 | documentation for more details. |
| 999 | - Some mostly minor bug fixes, but compilation should no |
| 1000 | longer generate warnings on most platforms. SF issues |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1001 | include: #827319, #840173, #846309, #888329, #896188, #923913, |
| 1002 | #928113, #961698, #985192. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1003 | |
| 1004 | Release 1.95.7 Mon Oct 20 2003 |
| 1005 | - Fixed enum XML_Status issue (reported on SourceForge many |
| 1006 | times), so compilers that are properly picky will be happy. |
| 1007 | - Introduced an XMLCALL macro to control the calling |
| 1008 | convention used by the Expat API; this macro should be used |
| 1009 | to annotate prototypes and definitions of callback |
| 1010 | implementations in code compiled with a calling convention |
| 1011 | other than the default convention for the host platform. |
| 1012 | - Improved ability to build without the configure-generated |
| 1013 | expat_config.h header. This is useful for applications |
| 1014 | which embed Expat rather than linking in the library. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1015 | - Fixed a variety of bugs: see SF issues #458907, #609603, |
| 1016 | #676844, #679754, #692878, #692964, #695401, #699323, #699487, |
| 1017 | #820946. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1018 | - Improved hash table lookups. |
| 1019 | - Added more regression tests and improved documentation. |
| 1020 | |
| 1021 | Release 1.95.6 Tue Jan 28 2003 |
| 1022 | - Added XML_FreeContentModel(). |
| 1023 | - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree(). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1024 | - Fixed a variety of bugs: see SF issues #615606, #616863, |
| 1025 | #618199, #653180, #673791. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1026 | - Enhanced the regression test suite. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1027 | - Man page improvements: includes SF issue #632146. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1028 | |
| 1029 | Release 1.95.5 Fri Sep 6 2002 |
| 1030 | - Added XML_UseForeignDTD() for improved SAX2 support. |
| 1031 | - Added XML_GetFeatureList(). |
| 1032 | - Defined XML_Bool type and the values XML_TRUE and XML_FALSE. |
| 1033 | - Use an incomplete struct instead of a void* for the parser |
| 1034 | (may not retain). |
| 1035 | - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected. |
| 1036 | - Finally fixed bug where default handler would report DTD |
| 1037 | events that were already handled by another handler. |
| 1038 | Initial patch contributed by Darryl Miles. |
| 1039 | - Removed unnecessary DllMain() function that caused static |
| 1040 | linking into a DLL to be difficult. |
| 1041 | - Added VC++ projects for building static libraries. |
| 1042 | - Reduced line-length for all source code and headers to be |
| 1043 | no longer than 80 characters, to help with AS/400 support. |
| 1044 | - Reduced memory copying during parsing (SF patch #600964). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1045 | - Fixed a variety of bugs: see SF issues #580793, #434664, |
| 1046 | #483514, #580503, #581069, #584041, #584183, #584832, #585537, |
| 1047 | #596555, #596678, #598352, #598944, #599715, #600479, #600971. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1048 | |
| 1049 | Release 1.95.4 Fri Jul 12 2002 |
| 1050 | - Added support for VMS, contributed by Craig Berry. See |
| 1051 | vms/README.vms for more information. |
| 1052 | - Added Mac OS (classic) support, with a makefile for MPW, |
| 1053 | contributed by Thomas Wegner and Daryle Walker. |
| 1054 | - Added Borland C++ Builder 5 / BCC 5.5 support, contributed |
| 1055 | by Patrick McConnell (SF patch #538032). |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1056 | - Fixed a variety of bugs: see SF issues #441449, #563184, |
| 1057 | #564342, #566334, #566901, #569461, #570263, #575168, #579196. |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1058 | - Made skippedEntityHandler conform to SAX2 (see source comment) |
| 1059 | - Re-implemented WFC: Entity Declared from XML 1.0 spec and |
| 1060 | added a new error "entity declared in parameter entity": |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1061 | see SF bug report #569461 and SF patch #578161 |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1062 | - Re-implemented section 5.1 from XML 1.0 spec: |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1063 | see SF bug report #570263 and SF patch #578161 |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1064 | |
| 1065 | Release 1.95.3 Mon Jun 3 2002 |
| 1066 | - Added a project to the MSVC workspace to create a wchar_t |
| 1067 | version of the library; the DLLs are named libexpatw.dll. |
| 1068 | - Changed the name of the Windows DLLs from expat.dll to |
| 1069 | libexpat.dll; this fixes SF bug #432456. |
| 1070 | - Added the XML_ParserReset() API function. |
| 1071 | - Fixed XML_SetReturnNSTriplet() to work for element names. |
| 1072 | - Made the XML_UNICODE builds usable (thanks, Karl!). |
| 1073 | - Allow xmlwf to read from standard input. |
| 1074 | - Install a man page for xmlwf on Unix systems. |
Elliott Hughes | 35e432d | 2012-09-09 14:23:38 -0700 | [diff] [blame] | 1075 | - Fixed many bugs; see SF bug reports #231864, #461380, #464837, |
| 1076 | #466885, #469226, #477667, #484419, #487840, #494749, #496505, |
| 1077 | #547350. Other bugs which we can't test as easily may also |
The Android Open Source Project | b80e287 | 2009-03-03 19:29:30 -0800 | [diff] [blame] | 1078 | have been fixed, especially in the area of build support. |
| 1079 | |
| 1080 | Release 1.95.2 Fri Jul 27 2001 |
| 1081 | - More changes to make MSVC happy with the build; add a single |
| 1082 | workspace to support both the library and xmlwf application. |
| 1083 | - Added a Windows installer for Windows users; includes |
| 1084 | xmlwf.exe. |
| 1085 | - Added compile-time constants that can be used to determine the |
| 1086 | Expat version |
| 1087 | - Removed a lot of GNU-specific dependencies to aide portability |
| 1088 | among the various Unix flavors. |
| 1089 | - Fix the UTF-8 BOM bug. |
| 1090 | - Cleaned up warning messages for several compilers. |
| 1091 | - Added the -Wall, -Wstrict-prototypes options for GCC. |
| 1092 | |
| 1093 | Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000 |
| 1094 | - Changes to get expat to build under Microsoft compiler |
| 1095 | - Removed all aborts and instead return an UNEXPECTED_STATE error. |
| 1096 | - Fixed a bug where a stray '%' in an entity value would cause an |
| 1097 | abort. |
| 1098 | - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for |
| 1099 | finding this oversight. |
| 1100 | - Changed default patterns in lib/Makefile.in to fit non-GNU makes |
| 1101 | Thanks to robin@unrated.net for reporting and providing an |
| 1102 | account to test on. |
| 1103 | - The reference had the wrong label for XML_SetStartNamespaceDecl. |
| 1104 | Reported by an anonymous user. |
| 1105 | |
| 1106 | Release 1.95.0 Fri Sep 29 2000 |
| 1107 | - XML_ParserCreate_MM |
| 1108 | Allows you to set a memory management suite to replace the |
| 1109 | standard malloc,realloc, and free. |
| 1110 | - XML_SetReturnNSTriplet |
| 1111 | If you turn this feature on when namespace processing is in |
| 1112 | effect, then qualified, prefixed element and attribute names |
| 1113 | are returned as "uri|name|prefix" where '|' is whatever |
| 1114 | separator character is used in namespace processing. |
| 1115 | - Merged in features from perl-expat |
| 1116 | o XML_SetElementDeclHandler |
| 1117 | o XML_SetAttlistDeclHandler |
| 1118 | o XML_SetXmlDeclHandler |
| 1119 | o XML_SetEntityDeclHandler |
| 1120 | o StartDoctypeDeclHandler takes 3 additional parameters: |
| 1121 | sysid, pubid, has_internal_subset |
| 1122 | o Many paired handler setters (like XML_SetElementHandler) |
| 1123 | now have corresponding individual handler setters |
| 1124 | o XML_GetInputContext for getting the input context of |
| 1125 | the current parse position. |
| 1126 | - Added reference material |
| 1127 | - Packaged into a distribution that builds a sharable library |