xref: /freebsd/contrib/expat/Changes (revision 058ac3e8063366dafa634d9107642e12b038bf09)
1NOTE: We are looking for help with a few things:
2      https://github.com/libexpat/libexpat/labels/help%20wanted
3      If you can help, please get in touch.  Thanks!
4
5Release 2.5.0 Tue October 25 2022
6        Security fixes:
7  #616 #649 #650  CVE-2022-43680 -- Fix heap use-after-free after overeager
8                    destruction of a shared DTD in function
9                    XML_ExternalEntityParserCreate in out-of-memory situations.
10                    Expected impact is denial of service or potentially
11                    arbitrary code execution.
12
13        Bug fixes:
14       #612 #645  Fix curruption from undefined entities
15       #613 #654  Fix case when parsing was suspended while processing nested
16                    entities
17  #616 #652 #653  Stop leaking opening tag bindings after a closing tag
18                    mismatch error where a parser is reset through
19                    XML_ParserReset and then reused to parse
20            #656  CMake: Fix generation of pkg-config file
21            #658  MinGW|CMake: Fix static library name
22
23        Other changes:
24            #663  Protect header expat_config.h from multiple inclusion
25            #666  examples: Make use of XML_GetBuffer and be more
26                    consistent across examples
27            #648  Address compiler warnings
28       #667 #668  Version info bumped from 9:9:8 to 9:10:8;
29                    see https://verbump.de/ for what these numbers do
30
31        Special thanks to:
32            Jann Horn
33            Mark Brand
34            Osyotr
35            Rhodri James
36                 and
37            Google Project Zero
38
39Release 2.4.9 Tue September 20 2022
40        Security fixes:
41       #629 #640  CVE-2022-40674 -- Heap use-after-free vulnerability in
42                    function doContent. Expected impact is denial of service
43                    or potentially arbitrary code execution.
44
45        Bug fixes:
46            #634  MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0
47            #614  docs: Fix documentation on effect of switch XML_DTD on
48                    symbol visibility in doc/reference.html
49
50        Other changes:
51            #638  MinGW: Make fix-xmltest-log.sh drop more Wine bug output
52       #596 #625  Autotools: Sync CMake templates with CMake 3.22
53            #608  CMake: Migrate from use of CMAKE_*_POSTFIX to
54                    dedicated variables EXPAT_*_POSTFIX to stop affecting
55                    other projects
56       #597 #599  Windows|CMake: Add missing -DXML_STATIC to test runners
57                    and fuzzers
58       #512 #621  Windows|CMake: Render .def file from a template to fix
59                    linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON
60       #611 #621  MinGW|CMake: Apply MSVC .def file when linking
61       #622 #624  MinGW|CMake: Sync library name with GNU Autotools,
62                    i.e. produce libexpat-1.dll rather than libexpat.dll
63                    by default.  Filename libexpat.dll.a is unaffected.
64            #632  MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in
65                    toolchain file "cmake/mingw-toolchain.cmake" to avoid
66                    error "windres: Command not found" on e.g. Ubuntu 20.04
67       #597 #627  CMake: Unify inconsistent use of set() and option() in
68                    context of public build time options to take need for
69                    set(.. FORCE) in projects using Expat by means of
70                    add_subdirectory(..) off Expat's users' shoulders
71       #626 #641  Stop exporting API symbols when building a static library
72            #644  Resolve use of deprecated "fgrep" by "grep -F"
73            #620  CMake: Make documentation on variables a bit more consistent
74            #636  CMake: Drop leading whitespace from a #cmakedefine line in
75                    file expat_config.h.cmake
76            #594  xmlwf: Fix harmless variable mix-up in function nsattcmp
77  #592 #593 #610  Address Cppcheck warnings
78            #643  Address Clang 15 compiler warnings
79       #642 #644  Version info bumped from 9:8:8 to 9:9:8;
80                    see https://verbump.de/ for what these numbers do
81
82        Infrastructure:
83       #597 #598  CI: Windows: Start covering MSVC 2022
84            #619  CI: macOS: Migrate off deprecated macOS 10.15
85            #632  CI: Linux: Make migration off deprecated Ubuntu 18.04 work
86            #643  CI: Upgrade Clang from 14 to 15
87            #637  apply-clang-format.sh: Add support for BSD find
88            #633  coverage.sh: Exclude MinGW headers
89            #635  coverage.sh: Fix name collision for -funsigned-char
90
91        Special thanks to:
92            David Faure
93            Felix Wilhelm
94            Frank Bergmann
95            Rhodri James
96            Rosen Penev
97            Thijs Schreijer
98            Vincent Torri
99                 and
100            Google Project Zero
101
102Release 2.4.8 Mon March 28 2022
103        Other changes:
104            #587  pkg-config: Move "-lm" to section "Libs.private"
105            #587  CMake|MSVC: Fix pkg-config section "Libs"
106        #55 #582  CMake|macOS: Start using linker arguments
107                    "-compatibility_version <version>" and
108                    "-current_version <version>" in a way compatible with
109                    GNU Libtool
110       #590 #591  Version info bumped from 9:7:8 to 9:8:8;
111                    see https://verbump.de/ for what these numbers do
112
113        Infrastructure:
114            #589  CI: Upgrade Clang from 13 to 14
115
116        Special thanks to:
117            evpobr
118            Kai Pastor
119            Sam James
120
121Release 2.4.7 Fri March 4 2022
122        Bug fixes:
123       #572 #577  Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
124                    with regard to all valid URI characters (RFC 3986),
125                    i.e. the following set (excluding whitespace):
126                    ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz
127                    0123456789 % -._~ :/?#[]@ !$&'()*+,;=
128
129        Other changes:
130  #555 #570 #581  CMake|Windows: Store Expat version in the DLL
131            #577  Document consequences of namespace separator choices not just
132                    in doc/reference.html but also in header <expat.h>
133            #577  Document Expat's lack of validation of namespace URIs against
134                    RFC 3986, and that the XML 1.0r4 specification doesn't
135                    require Expat to validate namespace URIs, and that Expat
136                    may do more in that regard in future releases.
137                    If you find need for strict RFC 3986 URI validation on
138                    application level today, https://uriparser.github.io/ may
139                    be of interest.
140            #579  Fix documentation of XML_EndDoctypeDeclHandler in <expat.h>
141            #575  Document that a call to XML_FreeContentModel can be done at
142                    a later time from outside the element declaration handler
143            #574  Make hardcoded namespace URIs easier to find in code
144            #573  Update documentation on use of XML_POOR_ENTOPY on Solaris
145       #569 #571  tests: Resolve use of macros NAN and INFINITY for GNU G++
146                    4.8.2 on Solaris.
147       #578 #580  Version info bumped from 9:6:8 to 9:7:8;
148                    see https://verbump.de/ for what these numbers do
149
150        Special thanks to:
151            Jeffrey Walton
152            Johnny Jazeix
153            Thijs Schreijer
154
155Release 2.4.6 Sun February 20 2022
156        Bug fixes:
157            #566  Fix a regression introduced by the fix for CVE-2022-25313
158                    in release 2.4.5 that affects applications that (1)
159                    call function XML_SetElementDeclHandler and (2) are
160                    parsing XML that contains nested element declarations
161                    (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
162
163        Other changes:
164       #567 #568  Version info bumped from 9:5:8 to 9:6:8;
165                    see https://verbump.de/ for what these numbers do
166
167        Special thanks to:
168            Matt Sergeant
169            Samanta Navarro
170            Sergei Trofimovich
171                 and
172            NixOS
173            Perl XML::Parser
174
175Release 2.4.5 Fri February 18 2022
176        Security fixes:
177            #562  CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8
178                    sequences (e.g. from start tag names) to the XML
179                    processing application on top of Expat can cause
180                    arbitrary damage (e.g. code execution) depending
181                    on how invalid UTF-8 is handled inside the XML
182                    processor; validation was not their job but Expat's.
183                    Exploits with code execution are known to exist.
184            #561  CVE-2022-25236 -- Passing (one or more) namespace separator
185                    characters in "xmlns[:prefix]" attribute values
186                    made Expat send malformed tag names to the XML
187                    processor on top of Expat which can cause
188                    arbitrary damage (e.g. code execution) depending
189                    on such unexpectable cases are handled inside the XML
190                    processor; validation was not their job but Expat's.
191                    Exploits with code execution are known to exist.
192            #558  CVE-2022-25313 -- Fix stack exhaustion in doctype parsing
193                    that could be triggered by e.g. a 2 megabytes
194                    file with a large number of opening braces.
195                    Expected impact is denial of service or potentially
196                    arbitrary code execution.
197            #560  CVE-2022-25314 -- Fix integer overflow in function copyString;
198                    only affects the encoding name parameter at parser creation
199                    time which is often hardcoded (rather than user input),
200                    takes a value in the gigabytes to trigger, and a 64-bit
201                    machine.  Expected impact is denial of service.
202            #559  CVE-2022-25315 -- Fix integer overflow in function storeRawNames;
203                    needs input in the gigabytes and a 64-bit machine.
204                    Expected impact is denial of service or potentially
205                    arbitrary code execution.
206
207        Other changes:
208       #557 #564  Version info bumped from 9:4:8 to 9:5:8;
209                    see https://verbump.de/ for what these numbers do
210
211        Special thanks to:
212            Ivan Fratric
213            Samanta Navarro
214                 and
215            Google Project Zero
216            JetBrains
217
218Release 2.4.4 Sun January 30 2022
219        Security fixes:
220            #550  CVE-2022-23852 -- Fix signed integer overflow
221                    (undefined behavior) in function XML_GetBuffer
222                    (that is also called by function XML_Parse internally)
223                    for when XML_CONTEXT_BYTES is defined to >0 (which is both
224                    common and default).
225                    Impact is denial of service or more.
226            #551  CVE-2022-23990 -- Fix unsigned integer overflow in function
227                    doProlog triggered by large content in element type
228                    declarations when there is an element declaration handler
229                    present (from a prior call to XML_SetElementDeclHandler).
230                    Impact is denial of service or more.
231
232        Bug fixes:
233       #544 #545  xmlwf: Fix a memory leak on output file opening error
234
235        Other changes:
236            #546  Autotools: Fix broken CMake support under Cygwin
237            #554  Windows: Add missing files to the installer to fix
238                    compilation with CMake from installed sources
239       #552 #554  Version info bumped from 9:3:8 to 9:4:8;
240                    see https://verbump.de/ for what these numbers do
241
242        Special thanks to:
243            Carlo Bramini
244            hwt0415
245            Roland Illig
246            Samanta Navarro
247                 and
248            Clang LeakSan and the Clang team
249
250Release 2.4.3 Sun January 16 2022
251        Security fixes:
252       #531 #534  CVE-2021-45960 -- Fix issues with left shifts by >=29 places
253                    resulting in
254                      a) realloc acting as free
255                      b) realloc allocating too few bytes
256                      c) undefined behavior
257                    depending on architecture and precise value
258                    for XML documents with >=2^27+1 prefixed attributes
259                    on a single XML tag a la
260                    "<r xmlns:a='[..]' a:a123='[..]' [..] />"
261                    where XML_ParserCreateNS is used to create the parser
262                    (which needs argument "-n" when running xmlwf).
263                    Impact is denial of service, or more.
264       #532 #538  CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
265                    on variable m_groupSize in function doProlog leading
266                    to realloc acting as free.
267                    Impact is denial of service or more.
268            #539  CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
269                    near memory allocation at multiple places.  Mitre assigned
270                    a dedicated CVE for each involved internal C function:
271                    - CVE-2022-22822 for function addBinding
272                    - CVE-2022-22823 for function build_model
273                    - CVE-2022-22824 for function defineAttribute
274                    - CVE-2022-22825 for function lookup
275                    - CVE-2022-22826 for function nextScaffoldPart
276                    - CVE-2022-22827 for function storeAtts
277                    Impact is denial of service or more.
278
279        Other changes:
280            #535  CMake: Make call to file(GENERATE [..]) work for CMake <3.19
281            #541  Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin
282                    and MSYS2 by not going through Wine on these platforms
283       #527 #528  Address compiler warnings
284       #533 #543  Version info bumped from 9:2:8 to 9:3:8;
285                    see https://verbump.de/ for what these numbers do
286
287        Infrastructure:
288            #536  CI: Check for realistic minimum CMake version
289       #529 #539  CI: Cover compilation with -m32
290            #529  CI: Store coverage reports as artifacts for download
291            #528  CI: Upgrade Clang from 11 to 13
292
293        Special thanks to:
294            An anonymous whitehat
295            Christopher Degawa
296            J. Peter Mugaas
297            Tyson Smith
298                 and
299            GCC Farm Project
300            Trend Micro Zero Day Initiative
301
302Release 2.4.2 Sun December 19 2021
303        Other changes:
304       #509 #510  Link againgst libm for function "isnan"
305       #513 #514  Include expat_config.h as early as possible
306            #498  Autotools: Include files with release archives:
307                    - buildconf.sh
308                    - fuzz/*.c
309       #507 #519  Autotools: Sync CMake templates with CMake 3.20
310       #495 #524  CMake: MinGW: Fix pkg-config section "Libs" for
311                    - non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug)
312                    - multi-config CMake generators (e.g. Ninja Multi-Config)
313       #502 #503  docs: Document that function XML_GetBuffer may return NULL
314                    when asking for a buffer of 0 (zero) bytes size
315       #522 #523  docs: Fix return value docs for both
316                    XML_SetBillionLaughsAttackProtection* functions
317       #525 #526  Version info bumped from 9:1:8 to 9:2:8;
318                    see https://verbump.de/ for what these numbers do
319
320        Special thanks to:
321            Dong-hee Na
322            Joergen Ibsen
323            Kai Pastor
324
325Release 2.4.1 Sun May 23 2021
326        Bug fixes:
327       #488 #490  Autotools: Fix installed header expat_config.h for multilib
328                    systems; regression introduced in 2.4.0 by pull request #486
329
330        Other changes:
331       #491 #492  Version info bumped from 9:0:8 to 9:1:8;
332                    see https://verbump.de/ for what these numbers do
333
334        Special thanks to:
335            Gentoo's QA check "multilib_check_headers"
336
337Release 2.4.0 Sun May 23 2021
338        Security fixes:
339   #34 #466 #484  CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks
340                    (denial-of-service; flavors targeting CPU time or RAM or both,
341                    leveraging general entities or parameter entities or both)
342                    by tracking and limiting the input amplification factor
343                    (<amplification> := (<direct> + <indirect>) / <direct>).
344                    By conservative default, amplification up to a factor of 100.0
345                    is tolerated and rejection only starts after 8 MiB of output bytes
346                    (=<direct> + <indirect>) have been processed.
347                    The fix adds the following to the API:
348                    - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to
349                      signals this specific condition.
350                    - Two new API functions ..
351                      - XML_SetBillionLaughsAttackProtectionMaximumAmplification and
352                      - XML_SetBillionLaughsAttackProtectionActivationThreshold
353                      .. to further tighten billion laughs protection parameters
354                      when desired.  Please see file "doc/reference.html" for details.
355                      If you ever need to increase the defaults for non-attack XML
356                      payload, please file a bug report with libexpat.
357                    - Two new XML_FEATURE_* constants ..
358                      - that can be queried using the XML_GetFeatureList function, and
359                      - that are shown in "xmlwf -v" output.
360                    - Two new environment variable switches ..
361                      - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and
362                      - EXPAT_ENTITY_DEBUG=(0|1)
363                      .. for runtime debugging of accounting and entity processing.
364                      Specific behavior of these values may change in the future.
365                    - Two new command line arguments "-a FACTOR" and "-b BYTES"
366                      for xmlwf to further tighten billion laughs protection
367                      parameters when desired.
368                      If you ever need to increase the defaults for non-attack XML
369                      payload, please file a bug report with libexpat.
370
371        Bug fixes:
372       #332 #470  For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake)
373                    or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault
374                    for UTF-16 payloads containing CDATA sections.
375       #485 #486  Autotools: Fix generated CMake files for non-64bit and
376                    non-Linux platforms (e.g. macOS and MinGW in particular)
377                    that were introduced with release 2.3.0
378
379        Other changes:
380       #468 #469  xmlwf: Improve help output and the xmlwf man page
381            #463  xmlwf: Improve maintainability through some refactoring
382            #477  xmlwf: Fix man page DocBook validity
383            #456  Autotools: Sync CMake templates with CMake 3.18
384       #458 #459  CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR
385                    and CMAKE_INSTALL_INCLUDEDIR
386       #471 #481  CMake: Add support for standard variable BUILD_SHARED_LIBS
387            #457  Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters
388            #467  Resolve macro HAVE_EXPAT_CONFIG_H
389            #472  Delete unused legacy helper file "conftools/PrintPath"
390       #473 #483  Improve attribution
391  #464 #465 #477  doc/reference.html: Fix XHTML validity
392       #475 #478  doc/reference.html: Replace the 90s look by OK.css
393            #479  Version info bumped from 8:0:7 to 9:0:8
394                    due to addition of new symbols and error codes;
395                    see https://verbump.de/ for what these numbers do
396
397        Infrastructure:
398            #456  CI: Enable periodic runs
399            #457  CI: Start covering the list of exported symbols
400            #474  CI: Isolate coverage task
401       #476 #482  CI: Adapt to breaking changes in image "ubuntu-18.04"
402            #477  CI: Cover well-formedness and DocBook/XHTML validity
403                    of doc/reference.html and doc/xmlwf.xml
404
405        Special thanks to:
406            Dimitry Andric
407            Eero Helenius
408            Nick Wellnhofer
409            Rhodri James
410            Tomas Korbar
411            Yury Gribov
412                 and
413            Clang LeakSan
414            JetBrains
415            OSS-Fuzz
416
417Release 2.3.0 Thu March 25 2021
418        Bug fixes:
419            #438  When calling XML_ParseBuffer without a prior successful call to
420                    XML_GetBuffer as a user, no longer trigger undefined behavior
421                    (by adding an integer to a NULL pointer) but rather return
422                    XML_STATUS_ERROR and set the error code to (new) code
423                    XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
424                    of Clang 11 (but not Clang 9).
425            #444  xmlwf: Exit status 2 was used for both:
426                    - malformed input files (documented) and
427                    - invalid command-line arguments (undocumented).
428                    The case of invalid command-line arguments now
429                    has its own exit status 4, resolving the ambiguity.
430
431        Other changes:
432            #439  xmlwf: Add argument -k to allow continuing after
433                    non-fatal errors
434            #439  xmlwf: Add section about exit status to the -h help output
435  #422 #426 #447  Windows: Drop support for Visual Studio <=14.0/2015
436            #434  Windows: CMake: Detect unsupported Visual Studio at
437                    configure time (rather than at compile time)
438       #382 #428  testrunner: Make verbose mode (argument "-v") report
439                    about passed tests, and make default mode report about
440                    failures, as well.
441            #442  CMake: Call "enable_language(CXX)" prior to tinkering
442                    with CMAKE_CXX_* variables
443            #448  Document use of libexpat from a CMake-based project
444            #451  Autotools: Install CMake files as generated by CMake 3.19.6
445                    so that users with "find_package(expat [..] CONFIG [..])"
446                    are served on distributions that are *not* using the CMake
447                    build system inside for libexpat packaging
448       #436 #437  Autotools: Drop obsolescent macro AC_HEADER_STDC
449       #450 #452  Autotools: Resolve use of obsolete macro AC_CONFIG_HEADER
450            #441  Address compiler warnings
451            #443  Version info bumped from 7:12:6 to 8:0:7
452                    due to addition of error code XML_ERROR_NO_BUFFER
453                    (see https://verbump.de/ for what these numbers do)
454
455        Infrastructure:
456       #435 #446  Replace Travis CI by GitHub Actions
457
458        Special thanks to:
459            Alexander Richardson
460            Oleksandr Popovych
461            Thomas Beutlich
462            Tim Bray
463                 and
464            Clang LeakSan, Clang 11 UBSan and the Clang team
465
466Release 2.2.10 Sat October 3 2020
467        Bug fixes:
468  #390 #395 #398  Fix undefined behavior during parsing caused by
469                    pointer arithmetic with NULL pointers
470       #404 #405  Fix reading uninitialized variable during parsing
471            #406  xmlwf: Add missing check for malloc NULL return
472
473        Other changes:
474            #396  Windows: Drop support for Visual Studio <=8.0/2005
475            #409  Windows: Add missing file "Changes" to the installer
476                    to fix compilation with CMake from installed sources
477            #403  xmlwf: Document exit codes in xmlwf manpage and
478                    exit with code 3 (rather than code 1) for output errors
479                    when used with "-d DIRECTORY"
480       #356 #359  MinGW: Provide declaration of rand_s for mingwrt <5.3.0
481       #383 #392  Autotools: Use -Werror while configure tests the compiler
482                    for supported compile flags to avoid false positives
483  #383 #393 #394  Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS,
484                    e.g. ensure that they have the last word over flags added
485                    while running ./configure
486            #360  CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis
487                    on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
488            #360  CMake: Detect and deny unsupported build combinations
489                    involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
490            #360  CMake: Install pre-compiled shipped xmlwf.1 manpage in case
491                    of -DEXPAT_BUILD_DOCS=OFF
492  #375 #380 #419  CMake: Fix use of Expat by means of add_subdirectory
493       #407 #408  CMake: Keep expat target name constant at "expat"
494                    (i.e. refrain from using the target name to control
495                    build artifact filenames)
496            #385  CMake: Fix compilation with -DEXPAT_SHARED_LIBS=OFF for
497                    Windows
498                  CMake: Expose man page compilation as target "xmlwf-manpage"
499       #413 #414  CMake: Introduce option EXPAT_BUILD_PKGCONFIG
500                    to control generation of pkg-config file "expat.pc"
501            #424  CMake: Add minimalistic support for building binary packages
502                    with CMake target "package"; based on CPack
503            #366  CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with
504                    default OFF to build fuzzer code against OSS-Fuzz and
505                    related environment variable LIB_FUZZING_ENGINE
506            #354  Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF, each
507    #354 #355 ..
508       #356 #412  Address compiler warnings
509       #368 #369  Address pngcheck warnings with doc/*.png images
510            #425  Version info bumped from 7:11:6 to 7:12:6
511
512        Special thanks to:
513            asavah
514            Ben Wagner
515            Bhargava Shastry
516            Frank Landgraf
517            Jeffrey Walton
518            Joe Orton
519            Kleber Tarcísio
520            Ma Lin
521            Maciej Sroczyński
522            Mohammed Khajapasha
523            Vadim Zeitlin
524                 and
525            Cppcheck 2.0 and the Cppcheck team
526
527Release 2.2.9 Wed September 25 2019
528        Other changes:
529                  examples: Drop executable bits from elements.c
530            #349  Windows: Change the name of the Windows DLLs from expat*.dll
531                    to libexpat*.dll once more (regression from 2.2.8, first
532                    fixed in 1.95.3, issue #61 on SourceForge today,
533                    was issue #432456 back then); needs a fix due
534                    case-insensitive file systems on Windows and the fact that
535                    Perl's XML::Parser::Expat compiles into Expat.dll.
536            #347  Windows: Only define _CRT_RAND_S if not defined
537                  Version info bumped from 7:10:6 to 7:11:6
538
539        Special thanks to:
540            Ben Wagner
541
542Release 2.2.8 Fri September 13 2019
543        Security fixes:
544       #317 #318  CVE-2019-15903 -- Fix heap overflow triggered by
545                    XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber),
546                    and deny internal entities closing the doctype;
547                    fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43
548
549        Bug fixes:
550            #240  Fix cases where XML_StopParser did not have any effect
551                    when called from inside of an end element handler
552            #341  xmlwf: Fix exit code for operation without "-d DIRECTORY";
553                    previously, only "-d DIRECTORY" would give you a proper
554                    exit code:
555                      # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $?
556                      2
557                      # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $?
558                      0
559                    Now both cases return exit code 2.
560
561        Other changes:
562       #299 #302  Windows: Replace LoadLibrary hack to access
563                    unofficial API function SystemFunction036 (RtlGenRandom)
564                    by using official API function rand_s (needs WinXP+)
565            #325  Windows: Drop support for Visual Studio <=7.1/2003
566                    and document supported compilers in README.md
567            #286  Windows: Remove COM code from xmlwf; in case it turns
568                    out needed later, there will be a dedicated repository
569                    below https://github.com/libexpat/ for that code
570            #322  Windows: Remove explicit MSVC solution and project files.
571                    You can generate Visual Studio solution files through
572                    CMake, e.g.: cmake -G"Visual Studio 15 2017" .
573            #338  xmlwf: Make "xmlwf -h" help output more friendly
574            #339  examples: Improve elements.c
575       #244 #264  Autotools: Add argument --enable-xml-attr-info
576       #239 #301  Autotools: Add arguments
577                    --with-getrandom
578                    --without-getrandom
579                    --with-sys-getrandom
580                    --without-sys-getrandom
581       #312 #343  Autotools: Fix linking issues with "./configure LD=clang"
582                  Autotools: Fix "make run-xmltest" for out-of-source builds
583       #329 #336  CMake: Pull all options from Expat <=2.2.7 into namespace
584                    prefix EXPAT_ with the exception of DOCBOOK_TO_MAN:
585                    - BUILD_doc            -> EXPAT_BUILD_DOCS (plural)
586                    - BUILD_examples       -> EXPAT_BUILD_EXAMPLES
587                    - BUILD_shared         -> EXPAT_SHARED_LIBS
588                    - BUILD_tests          -> EXPAT_BUILD_TESTS
589                    - BUILD_tools          -> EXPAT_BUILD_TOOLS
590                    - DOCBOOK_TO_MAN       -> DOCBOOK_TO_MAN (unchanged)
591                    - INSTALL              -> EXPAT_ENABLE_INSTALL
592                    - MSVC_USE_STATIC_CRT  -> EXPAT_MSVC_STATIC_CRT
593                    - USE_libbsd           -> EXPAT_WITH_LIBBSD
594                    - WARNINGS_AS_ERRORS   -> EXPAT_WARNINGS_AS_ERRORS
595                    - XML_CONTEXT_BYTES    -> EXPAT_CONTEXT_BYTES
596                    - XML_DEV_URANDOM      -> EXPAT_DEV_URANDOM
597                    - XML_DTD              -> EXPAT_DTD
598                    - XML_NS               -> EXPAT_NS
599                    - XML_UNICODE          -> EXPAT_CHAR_TYPE=ushort (!)
600                    - XML_UNICODE_WCHAR_T  -> EXPAT_CHAR_TYPE=wchar_t (!)
601       #244 #264  CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF),
602                    default OFF
603            #326  CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF),
604                    default OFF
605            #328  CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF),
606                    default OFF
607       #239 #277  CMake: Add arguments
608                    -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO
609                    -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO
610            #326  CMake: Install expat_config.h to include directory
611            #326  CMake: Generate and install configuration files for
612                    future find_package(expat [..] CONFIG [..])
613                  CMake: Now produces a summary of applied configuration
614                  CMake: Require C++ compiler only when tests are enabled
615            #330  CMake: Fix compilation for 16bit character types,
616                    i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON)
617            #265  CMake: Fix linking with MinGW
618            #330  CMake: Add full support for MinGW; to enable, use
619                    -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake
620            #330  CMake: Port "make run-xmltest" from GNU Autotools to CMake
621            #316  CMake: Windows: Make binary postfix match MSVC
622                    Old: expat[d].lib
623                    New: expat[w][d][MD|MT].lib
624                  CMake: Migrate files from Windows to Unix line endings
625            #308  CMake: Integrate OSS-Fuzz fuzzers, option
626                    -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF
627             #14  Drop an OpenVMS support leftover
628    #235 #268 ..
629    #270 #310 ..
630  #313 #331 #333  Address compiler warnings
631    #282 #283 ..
632       #284 #285  Address cppcheck warnings
633       #294 #295  Address Clang Static Analyzer warnings
634        #24 #293  Mass-apply clang-format 9 (and ensure conformance during CI)
635                  Version info bumped from 7:9:6 to 7:10:6
636
637        Special thanks to:
638            David Loffredo
639            Joonun Jang
640            Kishore Kunche
641            Marco Maggi
642            Mitch Phillips
643            Mohammed Khajapasha
644            Rolf Ade
645            xantares
646            Zhongyuan Zhou
647
648Release 2.2.7 Wed June 19 2019
649        Security fixes:
650       #186 #262  CVE-2018-20843 -- Fix extraction of namespace prefixes from
651                    XML names; XML names with multiple colons could end up in
652                    the wrong namespace, and take a high amount of RAM and CPU
653                    resources while processing, opening the door to
654                    use for denial-of-service attacks
655
656        Other changes:
657       #195 #197  Autotools/CMake: Utilize -fvisibility=hidden to stop
658                    exporting non-API symbols
659            #227  Autotools: Add --without-examples and --without-tests
660            #228  Autotools: Modernize configure.ac
661       #245 #246  Autotools: Fix check for -fvisibility=hidden for Clang
662       #247 #248  Autotools: Fix compilation for lack of docbook2x-man
663       #236 #258  Autotools: Produce .tar.{gz,lz,xz} release archives
664            #212  CMake: Make libdir of pkgconfig expat.pc support multilib
665       #158 #263  CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR
666            #219  Remove fallback to bcopy, assume that memmove(3) exists
667            #257  Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD)
668            #243  Windows: Fix syntax of .def module definition files
669                  Version info bumped from 7:8:6 to 7:9:6
670
671        Special thanks to:
672            Benjamin Peterson
673            Caolán McNamara
674            Hanno Böck
675            KangLin
676            Kishore Kunche
677            Marco Maggi
678            Rhodri James
679            Sebastian Dröge
680            userwithuid
681            Yury Gribov
682
683Release 2.2.6 Sun August 12 2018
684        Bug fixes:
685       #170 #206  Avoid doing arithmetic with NULL pointers in XML_GetBuffer
686       #204 #205  Fix 2.2.5 regression with suspend-resume while parsing
687                    a document like '<root/>'
688
689        Other changes:
690       #165 #168  Autotools: Fix docbook-related configure syntax error
691            #166  Autotools: Avoid grep option `-q` for Solaris
692            #167  Autotools: Support
693                    ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation"
694       #159 #167  Autotools: Support DOCBOOK_TO_MAN command which produces
695                    xmlwf.1 rather than XMLWF.1; also covers case insensitive
696                    file systems
697            #181  Autotools: Drop -rpath option passed to libtool
698            #188  Autotools: Detect and deny SGML docbook2man as ours is XML
699            #188  Autotools/CMake: Support command db2x_docbook2man as well
700            #174  CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF
701       #184 #185  CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF
702       #207 #208  CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T,
703                    both defaulting to OFF
704            #175  CMake: Prefer check_symbol_exists over check_function_exists
705            #176  CMake: Create the same pkg-config file as with GNU Autotools
706       #178 #179  CMake: Use GNUInstallDirs module to set proper defaults for
707                    install directories
708            #208  CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM
709            #180  Windows: Fix compilation of test suite for Visual Studio 2008
710  #131 #173 #202  Address compiler warnings
711  #187 #190 #200  Fix miscellaneous typos
712                  Version info bumped from 7:7:6 to 7:8:6
713
714        Special thanks to:
715            Anton Maklakov
716            Benjamin Peterson
717            Brad King
718            Franek Korta
719            Frank Rast
720            Joe Orton
721            luzpaz
722            Pedro Vicente
723            Rainer Jung
724            Rhodri James
725            Rolf Ade
726            Rolf Eike Beer
727            Thomas Beutlich
728            Tomasz Kłoczko
729
730Release 2.2.5 Tue October 31 2017
731        Bug fixes:
732              #8  If the parser runs out of memory, make sure its internal
733                    state reflects the memory it actually has, not the memory
734                    it wanted to have.
735             #11  The default handler wasn't being called when it should for
736                    a SYSTEM or PUBLIC doctype if an entity declaration handler
737                    was registered.
738       #137 #138  Fix a case of mistakenly reported parsing success where
739                    XML_StopParser was called from an element handler
740            #162  Function XML_ErrorString was returning NULL rather than
741                    a message for code XML_ERROR_INVALID_ARGUMENT
742                    introduced with release 2.2.1
743
744        Other changes:
745            #106  xmlwf: Add argument -N adding notation declarations
746        #75 #106  Test suite: Resolve expected failure cases where xmlwf
747                    output was incomplete
748            #127  Windows: Fix test suite compilation
749       #126 #127  Windows: Fix compilation for Visual Studio 2012
750                  Windows: Upgrade shipped project files to Visual Studio 2017
751        #33 #132  tests: Mass-fix compilation for XML_UNICODE_WCHAR_T
752            #129  examples: Fix compilation for XML_UNICODE_WCHAR_T
753            #130  benchmark: Fix compilation for XML_UNICODE_WCHAR_T
754            #144  xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs
755                    Windows or MinGW for 2-byte wchar_t
756              #9  Address two Clang Static Analyzer false positives
757             #59  Resolve troublesome macros hiding parser struct membership
758                    and dereferencing that pointer
759              #6  Resolve superfluous internal malloc/realloc switch
760       #153 #155  Improve docbook2x-man detection
761            #160  Undefine NDEBUG in the test suite (rather than rejecting it)
762            #161  Address compiler warnings
763                  Version info bumped from 7:6:6 to 7:7:6
764
765        Special thanks to:
766            Benbuck Nason
767            Hans Wennborg
768            José Gutiérrez de la Concha
769            Pedro Monreal Gonzalez
770            Rhodri James
771            Rolf Ade
772            Stephen Groat
773                 and
774            Core Infrastructure Initiative
775
776Release 2.2.4 Sat August 19 2017
777        Bug fixes:
778            #115  Fix copying of partial characters for UTF-8 input
779
780        Other changes:
781            #109  Fix "make check" for non-x86 architectures that default
782                    to unsigned type char (-128..127 rather than 0..255)
783            #109  coverage.sh: Cover -funsigned-char
784                  Autotools: Introduce --without-xmlwf argument
785             #65  Autotools: Replace handwritten Makefile with GNU Automake
786             #43  CMake: Auto-detect high quality entropy extractors, add new
787                    option USE_libbsd=ON to use arc4random_buf of libbsd
788             #74  CMake: Add -fno-strict-aliasing only where supported
789            #114  CMake: Always honor manually set BUILD_* options
790            #114  CMake: Compile man page if docbook2x-man is available, only
791            #117  Include file tests/xmltest.log.expected in source tarball
792                    (required for "make run-xmltest")
793            #117  Include (existing) Visual Studio 2013 files in source tarball
794                  Improve test suite error output
795            #111  Fix some typos in documentation
796                  Version info bumped from 7:5:6 to 7:6:6
797
798        Special thanks to:
799            Jakub Wilk
800            Joe Orton
801            Lin Tian
802            Rolf Eike Beer
803
804Release 2.2.3 Wed August 2 2017
805        Security fixes:
806             #82  CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
807                    using Steve Holme's LoadLibrary wrapper for/of cURL
808
809        Bug fixes:
810             #85  Fix a dangling pointer issue related to realloc
811
812        Other changes:
813                  Increase code coverage
814             #91  Linux: Allow getrandom to fail if nonblocking pool has not
815                    yet been initialized and read /dev/urandom then, instead.
816                    This is in line with what recent Python does.
817             #81  Pre-10.7/Lion macOS: Support entropy from arc4random
818             #86  Check that a UTF-16 encoding in an XML declaration has the
819                    right endianness
820        #4 #5 #7  Recover correctly when some reallocations fail
821                  Repair "./configure && make" for systems without any
822                    provider of high quality entropy
823                    and try reading /dev/urandom on those
824                  Ensure that user-defined character encodings have converter
825                    functions when they are needed
826                  Fix mis-leading description of argument -c in xmlwf.1
827                  Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
828                    for CloudABI
829            #100  Fix use of SIPHASH_MAIN in siphash.h
830             #23  Test suite: Fix memory leaks
831                  Version info bumped from 7:4:6 to 7:5:6
832
833        Special thanks to:
834            Chanho Park
835            Joe Orton
836            Pascal Cuoq
837            Rhodri James
838            Simon McVittie
839            Vadim Zeitlin
840            Viktor Szakats
841                 and
842            Core Infrastructure Initiative
843
844Release 2.2.2 Wed July 12 2017
845        Security fixes:
846             #43  Protect against compilation without any source of high
847                    quality entropy enabled, e.g. with CMake build system;
848                    commit ff0207e6076e9828e536b8d9cd45c9c92069b895
849             #60  Windows with _UNICODE:
850                    Unintended use of LoadLibraryW with a non-wide string
851                    resulted in failure to load advapi32.dll and degradation
852                    in quality of used entropy when compiled with _UNICODE for
853                    Windows; you can launch existing binaries with
854                    EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the
855                    quality of entropy used during runtime; commits
856                    * 95b95032f907ef1cd17ee7a9a1768010a825d61d
857                    * 73a5a2e9c081f49f2d775cf7ced864158b68dc80
858   [MOX-006]      Fix non-NULL parser parameter validation in XML_Parse;
859                    resulted in NULL dereference, previously;
860                    commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe
861
862        Bug fixes:
863             #69  Fix improper use of unsigned long long integer literals
864
865        Other changes:
866             #73  Start requiring a C99 compiler
867             #49  Fix "==" Bashism in configure script
868             #50  Fix too eager getrandom detection for Debian GNU/kFreeBSD
869             #52    and macOS
870             #51  Address lack of stdint.h in Visual Studio 2003 to 2008
871             #58  Address compile warnings
872             #68  Fix "./buildconf.sh && ./configure" for some versions
873                    of Dash for /bin/sh
874             #72  CMake: Ease use of Expat in context of a parent project
875                    with multiple CMakeLists.txt files
876             #72  CMake: Resolve mistaken executable permissions
877             #76  Address compile warning with -DNDEBUG (not recommended!)
878             #77  Address compile warning about macro redefinition
879
880        Special thanks to:
881            Alexander Bluhm
882            Ben Boeckel
883            Cătălin Răceanu
884            Kerin Millar
885            László Böszörményi
886            S. P. Zeidler
887            Segev Finer
888            Václav Slavík
889            Victor Stinner
890            Viktor Szakats
891                 and
892            Radically Open Security
893
894Release 2.2.1 Sat June 17 2017
895        Security fixes:
896                  CVE-2017-9233 -- External entity infinite loop DoS
897                    Details: https://libexpat.github.io/doc/cve-2017-9233/
898                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
899   [MOX-002]      CVE-2016-9063 -- Detect integer overflow; commit
900                    d4f735b88d9932bd5039df2335eefdd0723dbe20
901                    (Fixed version of existing downstream patches!)
902   (SF.net) #539  Fix regression from fix to CVE-2016-0718 cutting off
903                    longer tag names; commits
904                    * 896b6c1fd3b842f377d1b62135dccf0a579cf65d
905                    * af507cef2c93cb8d40062a0abe43a4f4e9158fb2
906             #16    * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd
907             #25  More integer overflow detection (function poolGrow); commits
908                    * 810b74e4703dcfdd8f404e3cb177d44684775143
909                    * 44178553f3539ce69d34abee77a05e879a7982ac
910   [MOX-002]      Detect overflow from len=INT_MAX call to XML_Parse; commits
911                    * 4be2cb5afcc018d996f34bbbce6374b7befad47f
912                    * 7e5b71b748491b6e459e5c9a1d090820f94544d8
913   [MOX-005] #30  Use high quality entropy for hash initialization:
914                    * arc4random_buf on BSD, systems with libbsd
915                      (when configured with --with-libbsd), CloudABI
916                    * RtlGenRandom on Windows XP / Server 2003 and later
917                    * getrandom on Linux 3.17+
918                    In a way, that's still part of CVE-2016-5300.
919                    https://github.com/libexpat/libexpat/pull/30/commits
920   [MOX-005]      For the low quality entropy extraction fallback code,
921                    the parser instance address can no longer leak, commit
922                    04ad658bd3079dd15cb60fc67087900f0ff4b083
923   [MOX-003]      Prevent use of uninitialised variable; commit
924   [MOX-004]        a4dc944f37b664a3ca7199c624a98ee37babdb4b
925                  Add missing parameter validation to public API functions
926                    and dedicated error code XML_ERROR_INVALID_ARGUMENT:
927   [MOX-006]        * NULL checks; commits
928                      * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many)
929                      * 9ed727064b675b7180c98cb3d4f75efba6966681
930                      * 6a747c837c50114dfa413994e07c0ba477be4534
931                    * Negative length (XML_Parse); commit
932   [MOX-002]          70db8d2538a10f4c022655d6895e4c3e78692e7f
933   [MOX-001] #35  Change hash algorithm to William Ahern's version of SipHash
934                    to go further with fixing CVE-2012-0876.
935                    https://github.com/libexpat/libexpat/pull/39/commits
936
937        Bug fixes:
938             #32  Fix sharing of hash salt across parsers;
939                    relevant where XML_ExternalEntityParserCreate is called
940                    prior to XML_Parse, in particular (e.g. FBReader)
941             #28  xmlwf: Auto-disable use of memory-mapping (and parsing
942                    as a single chunk) for files larger than ~1 GB (2^30 bytes)
943                    rather than failing with error "out of memory"
944              #3  Fix double free after malloc failure in DTD code; commit
945                    7ae9c3d3af433cd4defe95234eae7dc8ed15637f
946             #17  Fix memory leak on parser error for unbound XML attribute
947                    prefix with new namespaces defined in the same tag;
948                    found by Google's OSS-Fuzz; commits
949                    * 16f87daae5a16132e479e4f71862128c7a915c73
950                    * b47dbc9745932c160893d433220e462bd605f8cd
951                  xmlwf on Windows: Add missing calls to CloseHandle
952
953        New features:
954             #30  Introduced environment switch EXPAT_ENTROPY_DEBUG=1
955                    for runtime debugging of entropy extraction
956
957        Other changes:
958                  Increase code coverage
959             #33  Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2;
960                    XML_UNICODE_WCHAR_T was never meant to be used outside
961                    of Windows; 4-byte wchar_t is common on Linux
962   (SF.net) #538  Start using -fno-strict-aliasing
963   (SF.net) #540  Support compilation against cloudlibc of CloudABI
964                  Allow MinGW cross-compilation
965   (SF.net) #534  CMake: Introduce option "BUILD_doc" (enabled by default)
966                    to bypass compilation of the xmlwf.1 man page
967   (SF.net)  pr2  CMake: Introduce option "INSTALL" (enabled by default)
968                    to bypass installation of expat files
969                  CMake: Fix ninja support
970                  Autotools: Add parameters --enable-xml-context [COUNT]
971                    and --disable-xml-context; default of context of 1024
972                    bytes enabled unchanged
973             #14  Drop AmigaOS 4.x code and includes
974             #14  Drop ancient build systems:
975                    * Borland C++ Builder
976                    * OpenVMS
977                    * Open Watcom
978                    * Visual Studio 6.0
979                    * Pre-X Mac OS (MPW Makefile)
980                    If you happen to rely on some of these, please get in
981                    touch for joining with maintenance.
982             #10  Move from WIN32 to _WIN32
983             #13  Fix "make run-xmltest" order instability
984                  Address compile warnings
985                  Bump version info from 7:2:6 to 7:3:6
986                  Add AUTHORS file
987
988        Infrastructure:
989              #1  Migrate from SourceForge to GitHub (except downloads):
990                    https://github.com/libexpat/
991              #1  Re-create http://libexpat.org/ project website
992                  Start utilizing Travis CI
993
994        Special thanks to:
995            Andy Wang
996            Don Lewis
997            Ed Schouten
998            Karl Waclawek
999            Pascal Cuoq
1000            Rhodri James
1001            Sergei Nikulov
1002            Tobias Taschner
1003            Viktor Szakats
1004                 and
1005            Core Infrastructure Initiative
1006            Mozilla Foundation (MOSS Track 3: Secure Open Source)
1007            Radically Open Security
1008
1009Release 2.2.0 Tue June 21 2016
1010        Security fixes:
1011            #537  CVE-2016-0718 -- Fix crash on malformed input
1012                  CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
1013                                   CVE-2015-2716 introduced with Expat 2.1.1
1014            #499  CVE-2016-5300 -- Use more entropy for hash initialization
1015                                   than the original fix to CVE-2012-0876
1016            #519  CVE-2012-6702 -- Resolve troublesome internal call to srand
1017                                   that was introduced with Expat 2.1.0
1018                                   when addressing CVE-2012-0876 (issue #496)
1019
1020        Bug fixes:
1021                  Fix uninitialized reads of size 1
1022                    (e.g. in little2_updatePosition)
1023                  Fix detection of UTF-8 character boundaries
1024
1025        Other changes:
1026            #532  Fix compilation for Visual Studio 2010 (keyword "C99")
1027                  Autotools: Resolve use of "$<" to better support bmake
1028                  Autotools: Add QA script "qa.sh" (and make target "qa")
1029                  Autotools: Respect CXXFLAGS if given
1030                  Autotools: Fix "make run-xmltest"
1031                  Autotools: Have "make run-xmltest" check for expected output
1032             p90  CMake: Fix static build (BUILD_shared=OFF) on Windows
1033            #536  CMake: Add soversion, support -DNO_SONAME=yes to bypass
1034            #323  CMake: Add suffix "d" to differentiate debug from release
1035                  CMake: Define WIN32 with CMake on Windows
1036                  Annotate memory allocators for GCC
1037                  Address all currently known compile warnings
1038                  Make sure that API symbols remain visible despite
1039                    -fvisibility=hidden
1040                  Remove executable flag from source files
1041                  Resolve COMPILED_FROM_DSP in favor of WIN32
1042
1043        Special thanks to:
1044            Björn Lindahl
1045            Christian Heimes
1046            Cristian Rodríguez
1047            Daniel Krügler
1048            Gustavo Grieco
1049            Karl Waclawek
1050            László Böszörményi
1051            Marco Grassi
1052            Pascal Cuoq
1053            Sergei Nikulov
1054            Thomas Beutlich
1055            Warren Young
1056            Yann Droneaud
1057
1058Release 2.1.1 Sat March 12 2016
1059        Security fixes:
1060            #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer
1061
1062        Bug fixes:
1063            #502: Fix potential null pointer dereference
1064            #520: Symbol XML_SetHashSalt was not exported
1065            Output of "xmlwf -h" was incomplete
1066
1067        Other changes:
1068            #503: Document behavior of calling XML_SetHashSalt with salt 0
1069            Minor improvements to man page xmlwf(1)
1070            Improvements to the experimental CMake build system
1071            libtool now invoked with --verbose
1072
1073Release 2.1.0 Sat March 24 2012
1074        - Security fixes:
1075          #2958794: CVE-2012-1148 - Memory leak in poolGrow.
1076          #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
1077          #3496608: CVE-2012-0876 - Hash DOS attack.
1078          #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
1079          #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
1080        - Bug Fixes:
1081          #1742315: Harmful XML_ParserCreateNS suggestion.
1082          #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
1083          #1983953, 2517952, 2517962, 2649838:
1084                Build modifications using autoreconf instead of buildconf.sh.
1085          #2815947, #2884086: OBJEXT and EXEEXT support while building.
1086          #2517938: xmlwf should return non-zero exit status if not well-formed.
1087          #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
1088          #2855609: Dangling positionPtr after error.
1089          #2990652: CMake support.
1090          #3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
1091          #3206497: Uninitialized memory returned from XML_Parse.
1092          #3287849: make check fails on mingw-w64.
1093        - Patches:
1094          #1749198: pkg-config support.
1095          #3010222: Fix for bug #3010819.
1096          #3312568: CMake support.
1097          #3446384: Report byte offsets for attr names and values.
1098        - New Features / API changes:
1099          Added new API member XML_SetHashSalt() that allows setting an initial
1100                value (salt) for hash calculations. This is part of the fix for
1101                bug #3496608 to randomize hash parameters.
1102          When compiled with XML_ATTR_INFO defined, adds new API member
1103                XML_GetAttributeInfo() that allows retrieving the byte
1104                offsets for attribute names and values (patch #3446384).
1105          Added CMake build system.
1106                See bug #2990652 and patch #3312568.
1107          Added run-benchmark target to Makefile.in - relies on testdata module
1108                present in the same relative location as in the repository.
1109
1110Release 2.0.1 Tue June 5 2007
1111        - Fixed bugs #1515266, #1515600: The character data handler's calling
1112          of XML_StopParser() was not handled properly; if the parser was
1113          stopped and the handler set to NULL, the parser would segfault.
1114        - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed
1115          some character constants to be ASCII encoded.
1116        - Minor cleanups of the test harness.
1117        - Fixed xmlwf bug #1513566: "out of memory" error on file size zero.
1118        - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call.
1119        - Fixes and improvements for Windows platform:
1120          bugs #1409451, #1476160, #1548182, #1602769, #1717322.
1121        - Build fixes for various platforms:
1122          HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180.
1123          All Unix: #1554618 (refreshed config.sub/config.guess).
1124                    #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT,
1125                    without relying on GNU-Make specific features.
1126          #1647805: Patched configure.in to work better with Intel compiler.
1127        - Fixes to Makefile.in to have make check work correctly:
1128          bugs #1408143, #1535603, #1536684.
1129        - Added Open Watcom support: patch #1523242.
1130
1131Release 2.0.0 Wed Jan 11 2006
1132        - We no longer use the "check" library for C unit testing; we
1133          always use the (partial) internal implementation of the API.
1134        - Report XML_NS setting via XML_GetFeatureList().
1135        - Fixed headers for use from C++.
1136        - XML_GetCurrentLineNumber() and  XML_GetCurrentColumnNumber()
1137          now return unsigned integers.
1138        - Added XML_LARGE_SIZE switch to enable 64-bit integers for
1139          byte indexes and line/column numbers.
1140        - Updated to use libtool 1.5.22 (the most recent).
1141        - Added support for AmigaOS.
1142        - Some mostly minor bug fixes. SF issues include: #1006708,
1143          #1021776, #1023646, #1114960, #1156398, #1221160, #1271642.
1144
1145Release 1.95.8 Fri Jul 23 2004
1146        - Major new feature: suspend/resume.  Handlers can now request
1147          that a parse be suspended for later resumption or aborted
1148          altogether.  See "Temporarily Stopping Parsing" in the
1149          documentation for more details.
1150        - Some mostly minor bug fixes, but compilation should no
1151          longer generate warnings on most platforms.  SF issues
1152          include: #827319, #840173, #846309, #888329, #896188, #923913,
1153          #928113, #961698, #985192.
1154
1155Release 1.95.7 Mon Oct 20 2003
1156        - Fixed enum XML_Status issue (reported on SourceForge many
1157          times), so compilers that are properly picky will be happy.
1158        - Introduced an XMLCALL macro to control the calling
1159          convention used by the Expat API; this macro should be used
1160          to annotate prototypes and definitions of callback
1161          implementations in code compiled with a calling convention
1162          other than the default convention for the host platform.
1163        - Improved ability to build without the configure-generated
1164          expat_config.h header.  This is useful for applications
1165          which embed Expat rather than linking in the library.
1166        - Fixed a variety of bugs: see SF issues #458907, #609603,
1167          #676844, #679754, #692878, #692964, #695401, #699323, #699487,
1168          #820946.
1169        - Improved hash table lookups.
1170        - Added more regression tests and improved documentation.
1171
1172Release 1.95.6 Tue Jan 28 2003
1173        - Added XML_FreeContentModel().
1174        - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree().
1175        - Fixed a variety of bugs: see SF issues #615606, #616863,
1176          #618199, #653180, #673791.
1177        - Enhanced the regression test suite.
1178        - Man page improvements: includes SF issue #632146.
1179
1180Release 1.95.5 Fri Sep 6 2002
1181        - Added XML_UseForeignDTD() for improved SAX2 support.
1182        - Added XML_GetFeatureList().
1183        - Defined XML_Bool type and the values XML_TRUE and XML_FALSE.
1184        - Use an incomplete struct instead of a void* for the parser
1185          (may not retain).
1186        - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected.
1187        - Finally fixed bug where default handler would report DTD
1188          events that were already handled by another handler.
1189          Initial patch contributed by Darryl Miles.
1190        - Removed unnecessary DllMain() function that caused static
1191          linking into a DLL to be difficult.
1192        - Added VC++ projects for building static libraries.
1193        - Reduced line-length for all source code and headers to be
1194          no longer than 80 characters, to help with AS/400 support.
1195        - Reduced memory copying during parsing (SF patch #600964).
1196        - Fixed a variety of bugs: see SF issues #580793, #434664,
1197          #483514, #580503, #581069, #584041, #584183, #584832, #585537,
1198          #596555, #596678, #598352, #598944, #599715, #600479, #600971.
1199
1200Release 1.95.4 Fri Jul 12 2002
1201        - Added support for VMS, contributed by Craig Berry.  See
1202          vms/README.vms for more information.
1203        - Added Mac OS (classic) support, with a makefile for MPW,
1204          contributed by Thomas Wegner and Daryle Walker.
1205        - Added Borland C++ Builder 5 / BCC 5.5 support, contributed
1206          by Patrick McConnell (SF patch #538032).
1207        - Fixed a variety of bugs: see SF issues #441449, #563184,
1208          #564342, #566334, #566901, #569461, #570263, #575168, #579196.
1209        - Made skippedEntityHandler conform to SAX2 (see source comment)
1210        - Re-implemented WFC: Entity Declared from XML 1.0 spec and
1211          added a new error "entity declared in parameter entity":
1212          see SF bug report #569461 and SF patch #578161
1213        - Re-implemented section 5.1 from XML 1.0 spec:
1214          see SF bug report #570263 and SF patch #578161
1215
1216Release 1.95.3 Mon Jun 3 2002
1217        - Added a project to the MSVC workspace to create a wchar_t
1218          version of the library; the DLLs are named libexpatw.dll.
1219        - Changed the name of the Windows DLLs from expat.dll to
1220          libexpat.dll; this fixes SF bug #432456.
1221        - Added the XML_ParserReset() API function.
1222        - Fixed XML_SetReturnNSTriplet() to work for element names.
1223        - Made the XML_UNICODE builds usable (thanks, Karl!).
1224        - Allow xmlwf to read from standard input.
1225        - Install a man page for xmlwf on Unix systems.
1226        - Fixed many bugs; see SF bug reports #231864, #461380, #464837,
1227          #466885, #469226, #477667, #484419, #487840, #494749, #496505,
1228          #547350.  Other bugs which we can't test as easily may also
1229          have been fixed, especially in the area of build support.
1230
1231Release 1.95.2 Fri Jul 27 2001
1232        - More changes to make MSVC happy with the build; add a single
1233          workspace to support both the library and xmlwf application.
1234        - Added a Windows installer for Windows users; includes
1235          xmlwf.exe.
1236        - Added compile-time constants that can be used to determine the
1237          Expat version
1238        - Removed a lot of GNU-specific dependencies to aide portability
1239          among the various Unix flavors.
1240        - Fix the UTF-8 BOM bug.
1241        - Cleaned up warning messages for several compilers.
1242        - Added the -Wall, -Wstrict-prototypes options for GCC.
1243
1244Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000
1245        - Changes to get expat to build under Microsoft compiler
1246        - Removed all aborts and instead return an UNEXPECTED_STATE error.
1247        - Fixed a bug where a stray '%' in an entity value would cause an
1248          abort.
1249        - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for
1250          finding this oversight.
1251        - Changed default patterns in lib/Makefile.in to fit non-GNU makes
1252          Thanks to robin@unrated.net for reporting and providing an
1253          account to test on.
1254        - The reference had the wrong label for XML_SetStartNamespaceDecl.
1255          Reported by an anonymous user.
1256
1257Release 1.95.0 Fri Sep 29 2000
1258        - XML_ParserCreate_MM
1259                Allows you to set a memory management suite to replace the
1260                standard malloc,realloc, and free.
1261        - XML_SetReturnNSTriplet
1262                If you turn this feature on when namespace processing is in
1263                effect, then qualified, prefixed element and attribute names
1264                are returned as "uri|name|prefix" where '|' is whatever
1265                separator character is used in namespace processing.
1266        - Merged in features from perl-expat
1267                o XML_SetElementDeclHandler
1268                o XML_SetAttlistDeclHandler
1269                o XML_SetXmlDeclHandler
1270                o XML_SetEntityDeclHandler
1271                o StartDoctypeDeclHandler takes 3 additional parameters:
1272                        sysid, pubid, has_internal_subset
1273                o Many paired handler setters (like XML_SetElementHandler)
1274                  now have corresponding individual handler setters
1275                o XML_GetInputContext for getting the input context of
1276                  the current parse position.
1277        - Added reference material
1278        - Packaged into a distribution that builds a sharable library
1279