diff options
| author | Akim Demaille <akim.demaille@gmail.com> | 2020-08-30 16:15:39 +0200 |
|---|---|---|
| committer | Akim Demaille <akim.demaille@gmail.com> | 2020-09-02 21:37:23 +0200 |
| commit | 3da17724ad5a789292dac5187ebb885d6ea4da04 (patch) | |
| tree | 2e69d1b98398e5ba5401064fbace4cc219b57096 /NEWS | |
| parent | 68e3e442f9cef1960979a7f3e6b7e929312fa6d4 (diff) | |
| download | bison-3da17724ad5a789292dac5187ebb885d6ea4da04.tar.gz | |
doc: updates
* NEWS, TODO: here.
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 20 |
1 files changed, 18 insertions, 2 deletions
@@ -2,9 +2,24 @@ GNU Bison NEWS * Noteworthy changes in release ?.? (????-??-??) [?] + This release of Bison fixes all known bugs reported for Bison in MITRE's + Common Vulnerabilities and Exposures (CVE) system. These vulnerabilities + are only about bison-the-program itself, not the generated code. + + Although these bugs are typically irrelevant to how Bison is used, they + are worth fixing if only to give users peace of mind. + + There is no known vulnerability in the generated parsers. + ** Bug fixes - Push parsers use YYMALLOC/YYFREE instead of direct calls to malloc/free. + Push parsers always use YYMALLOC/YYFREE (no direct calls to malloc/free). + + Portability issues of the test suite, and of bison itself. + + Some unlikely crashes found by fuzzing have been fixed. This is only + about bison itself, not the generated parsers. + * Noteworthy changes in release 3.7.1 (2020-08-02) [stable] @@ -560,7 +575,8 @@ GNU Bison NEWS \005) with incorrect styling. Fixes for similar issues with unexpectedly short lines (e.g., the file was changed between parsing and diagnosing). - Several unlikely crashes found by fuzzing have been fixed. + Some unlikely crashes found by fuzzing have been fixed. This is only + about bison itself, not the generated parsers. * Noteworthy changes in release 3.5.2 (2020-02-13) [stable] |