summaryrefslogtreecommitdiff
path: root/expat/Changes
blob: cfc83a09dae37a455682bca4241d0b813e797580 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
NOTE: We are looking for help with a few things:
      https://github.com/libexpat/libexpat/labels/help%20wanted
      If you can help, please get in touch.  Thanks!

Release 2.4.9 Tue September 20 2022
        Security fixes:
       #629 #640  CVE-2022-40674 -- Heap use-after-free vulnerability in
                    function doContent. Expected impact is denial of service
                    or potentially arbitrary code execution.

        Bug fixes:
            #634  MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0
            #614  docs: Fix documentation on effect of switch XML_DTD on
                    symbol visibility in doc/reference.html

        Other changes:
            #638  MinGW: Make fix-xmltest-log.sh drop more Wine bug output
       #596 #625  Autotools: Sync CMake templates with CMake 3.22
            #608  CMake: Migrate from use of CMAKE_*_POSTFIX to
                    dedicated variables EXPAT_*_POSTFIX to stop affecting
                    other projects
       #597 #599  Windows|CMake: Add missing -DXML_STATIC to test runners
                    and fuzzers
       #512 #621  Windows|CMake: Render .def file from a template to fix
                    linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON
       #611 #621  MinGW|CMake: Apply MSVC .def file when linking
       #622 #624  MinGW|CMake: Sync library name with GNU Autotools,
                    i.e. produce libexpat-1.dll rather than libexpat.dll
                    by default.  Filename libexpat.dll.a is unaffected.
            #632  MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in
                    toolchain file "cmake/mingw-toolchain.cmake" to avoid
                    error "windres: Command not found" on e.g. Ubuntu 20.04
       #597 #627  CMake: Unify inconsistent use of set() and option() in
                    context of public build time options to take need for
                    set(.. FORCE) in projects using Expat by means of
                    add_subdirectory(..) off Expat's users' shoulders
       #626 #641  Stop exporting API symbols when building a static library
            #644  Resolve use of deprecated "fgrep" by "grep -F"
            #620  CMake: Make documentation on variables a bit more consistent
            #636  CMake: Drop leading whitespace from a #cmakedefine line in
                    file expat_config.h.cmake
            #594  xmlwf: Fix harmless variable mix-up in function nsattcmp
  #592 #593 #610  Address Cppcheck warnings
            #643  Address Clang 15 compiler warnings
       #642 #644  Version info bumped from 9:8:8 to 9:9:8;
                    see https://verbump.de/ for what these numbers do

        Infrastructure:
       #597 #598  CI: Windows: Start covering MSVC 2022
            #619  CI: macOS: Migrate off deprecated macOS 10.15
            #632  CI: Linux: Make migration off deprecated Ubuntu 18.04 work
            #643  CI: Upgrade Clang from 14 to 15
            #637  apply-clang-format.sh: Add support for BSD find
            #633  coverage.sh: Exclude MinGW headers
            #635  coverage.sh: Fix name collision for -funsigned-char

        Special thanks to:
            David Faure
            Felix Wilhelm
            Frank Bergmann
            Rhodri James
            Rosen Penev
            Thijs Schreijer
            Vincent Torri
                 and
            Google Project Zero

Release 2.4.8 Mon March 28 2022
        Other changes:
            #587  pkg-config: Move "-lm" to section "Libs.private"
            #587  CMake|MSVC: Fix pkg-config section "Libs"
        #55 #582  CMake|macOS: Start using linker arguments
                    "-compatibility_version <version>" and
                    "-current_version <version>" in a way compatible with
                    GNU Libtool
       #590 #591  Version info bumped from 9:7:8 to 9:8:8;
                    see https://verbump.de/ for what these numbers do

        Infrastructure:
            #589  CI: Upgrade Clang from 13 to 14

        Special thanks to:
            evpobr
            Kai Pastor
            Sam James

Release 2.4.7 Fri March 4 2022
        Bug fixes:
       #572 #577  Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
                    with regard to all valid URI characters (RFC 3986),
                    i.e. the following set (excluding whitespace):
                    ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz
                    0123456789 % -._~ :/?#[]@ !$&'()*+,;=

        Other changes:
  #555 #570 #581  CMake|Windows: Store Expat version in the DLL
            #577  Document consequences of namespace separator choices not just
                    in doc/reference.html but also in header <expat.h>
            #577  Document Expat's lack of validation of namespace URIs against
                    RFC 3986, and that the XML 1.0r4 specification doesn't
                    require Expat to validate namespace URIs, and that Expat
                    may do more in that regard in future releases.
                    If you find need for strict RFC 3986 URI validation on
                    application level today, https://uriparser.github.io/ may
                    be of interest.
            #579  Fix documentation of XML_EndDoctypeDeclHandler in <expat.h>
            #575  Document that a call to XML_FreeContentModel can be done at
                    a later time from outside the element declaration handler
            #574  Make hardcoded namespace URIs easier to find in code
            #573  Update documentation on use of XML_POOR_ENTOPY on Solaris
       #569 #571  tests: Resolve use of macros NAN and INFINITY for GNU G++
                    4.8.2 on Solaris.
       #578 #580  Version info bumped from 9:6:8 to 9:7:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Jeffrey Walton
            Johnny Jazeix
            Thijs Schreijer

Release 2.4.6 Sun February 20 2022
        Bug fixes:
            #566  Fix a regression introduced by the fix for CVE-2022-25313
                    in release 2.4.5 that affects applications that (1)
                    call function XML_SetElementDeclHandler and (2) are
                    parsing XML that contains nested element declarations
                    (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").

        Other changes:
       #567 #568  Version info bumped from 9:5:8 to 9:6:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Matt Sergeant
            Samanta Navarro
            Sergei Trofimovich
                 and
            NixOS
            Perl XML::Parser

Release 2.4.5 Fri February 18 2022
        Security fixes:
            #562  CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8
                    sequences (e.g. from start tag names) to the XML
                    processing application on top of Expat can cause
                    arbitrary damage (e.g. code execution) depending
                    on how invalid UTF-8 is handled inside the XML
                    processor; validation was not their job but Expat's.
                    Exploits with code execution are known to exist.
            #561  CVE-2022-25236 -- Passing (one or more) namespace separator
                    characters in "xmlns[:prefix]" attribute values
                    made Expat send malformed tag names to the XML
                    processor on top of Expat which can cause
                    arbitrary damage (e.g. code execution) depending
                    on such unexpectable cases are handled inside the XML
                    processor; validation was not their job but Expat's.
                    Exploits with code execution are known to exist.
            #558  CVE-2022-25313 -- Fix stack exhaustion in doctype parsing
                    that could be triggered by e.g. a 2 megabytes
                    file with a large number of opening braces.
                    Expected impact is denial of service or potentially
                    arbitrary code execution.
            #560  CVE-2022-25314 -- Fix integer overflow in function copyString;
                    only affects the encoding name parameter at parser creation
                    time which is often hardcoded (rather than user input),
                    takes a value in the gigabytes to trigger, and a 64-bit
                    machine.  Expected impact is denial of service.
            #559  CVE-2022-25315 -- Fix integer overflow in function storeRawNames;
                    needs input in the gigabytes and a 64-bit machine.
                    Expected impact is denial of service or potentially
                    arbitrary code execution.

        Other changes:
       #557 #564  Version info bumped from 9:4:8 to 9:5:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Ivan Fratric
            Samanta Navarro
                 and
            Google Project Zero
            JetBrains

Release 2.4.4 Sun January 30 2022
        Security fixes:
            #550  CVE-2022-23852 -- Fix signed integer overflow
                    (undefined behavior) in function XML_GetBuffer
                    (that is also called by function XML_Parse internally)
                    for when XML_CONTEXT_BYTES is defined to >0 (which is both
                    common and default).
                    Impact is denial of service or more.
            #551  CVE-2022-23990 -- Fix unsigned integer overflow in function
                    doProlog triggered by large content in element type
                    declarations when there is an element declaration handler
                    present (from a prior call to XML_SetElementDeclHandler).
                    Impact is denial of service or more.

        Bug fixes:
       #544 #545  xmlwf: Fix a memory leak on output file opening error

        Other changes:
            #546  Autotools: Fix broken CMake support under Cygwin
            #554  Windows: Add missing files to the installer to fix
                    compilation with CMake from installed sources
       #552 #554  Version info bumped from 9:3:8 to 9:4:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Carlo Bramini
            hwt0415
            Roland Illig
            Samanta Navarro
                 and
            Clang LeakSan and the Clang team

Release 2.4.3 Sun January 16 2022
        Security fixes:
       #531 #534  CVE-2021-45960 -- Fix issues with left shifts by >=29 places
                    resulting in
                      a) realloc acting as free
                      b) realloc allocating too few bytes
                      c) undefined behavior
                    depending on architecture and precise value
                    for XML documents with >=2^27+1 prefixed attributes
                    on a single XML tag a la
                    "<r xmlns:a='[..]' a:a123='[..]' [..] />"
                    where XML_ParserCreateNS is used to create the parser
                    (which needs argument "-n" when running xmlwf).
                    Impact is denial of service, or more.
       #532 #538  CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
                    on variable m_groupSize in function doProlog leading
                    to realloc acting as free.
                    Impact is denial of service or more.
            #539  CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
                    near memory allocation at multiple places.  Mitre assigned
                    a dedicated CVE for each involved internal C function:
                    - CVE-2022-22822 for function addBinding
                    - CVE-2022-22823 for function build_model
                    - CVE-2022-22824 for function defineAttribute
                    - CVE-2022-22825 for function lookup
                    - CVE-2022-22826 for function nextScaffoldPart
                    - CVE-2022-22827 for function storeAtts
                    Impact is denial of service or more.

        Other changes:
            #535  CMake: Make call to file(GENERATE [..]) work for CMake <3.19
            #541  Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin
                    and MSYS2 by not going through Wine on these platforms
       #527 #528  Address compiler warnings
       #533 #543  Version info bumped from 9:2:8 to 9:3:8;
                    see https://verbump.de/ for what these numbers do

        Infrastructure:
            #536  CI: Check for realistic minimum CMake version
       #529 #539  CI: Cover compilation with -m32
            #529  CI: Store coverage reports as artifacts for download
            #528  CI: Upgrade Clang from 11 to 13

        Special thanks to:
            An anonymous whitehat
            Christopher Degawa
            J. Peter Mugaas
            Tyson Smith
                 and
            GCC Farm Project
            Trend Micro Zero Day Initiative

Release 2.4.2 Sun December 19 2021
        Other changes:
       #509 #510  Link againgst libm for function "isnan"
       #513 #514  Include expat_config.h as early as possible
            #498  Autotools: Include files with release archives:
                    - buildconf.sh
                    - fuzz/*.c
       #507 #519  Autotools: Sync CMake templates with CMake 3.20
       #495 #524  CMake: MinGW: Fix pkg-config section "Libs" for
                    - non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug)
                    - multi-config CMake generators (e.g. Ninja Multi-Config)
       #502 #503  docs: Document that function XML_GetBuffer may return NULL
                    when asking for a buffer of 0 (zero) bytes size
       #522 #523  docs: Fix return value docs for both
                    XML_SetBillionLaughsAttackProtection* functions
       #525 #526  Version info bumped from 9:1:8 to 9:2:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Dong-hee Na
            Joergen Ibsen
            Kai Pastor

Release 2.4.1 Sun May 23 2021
        Bug fixes:
       #488 #490  Autotools: Fix installed header expat_config.h for multilib
                    systems; regression introduced in 2.4.0 by pull request #486

        Other changes:
       #491 #492  Version info bumped from 9:0:8 to 9:1:8;
                    see https://verbump.de/ for what these numbers do

        Special thanks to:
            Gentoo's QA check "multilib_check_headers"

Release 2.4.0 Sun May 23 2021
        Security fixes:
   #34 #466 #484  CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks
                    (denial-of-service; flavors targeting CPU time or RAM or both,
                    leveraging general entities or parameter entities or both)
                    by tracking and limiting the input amplification factor
                    (<amplification> := (<direct> + <indirect>) / <direct>).
                    By conservative default, amplification up to a factor of 100.0
                    is tolerated and rejection only starts after 8 MiB of output bytes
                    (=<direct> + <indirect>) have been processed.
                    The fix adds the following to the API:
                    - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to
                      signals this specific condition.
                    - Two new API functions ..
                      - XML_SetBillionLaughsAttackProtectionMaximumAmplification and
                      - XML_SetBillionLaughsAttackProtectionActivationThreshold
                      .. to further tighten billion laughs protection parameters
                      when desired.  Please see file "doc/reference.html" for details.
                      If you ever need to increase the defaults for non-attack XML
                      payload, please file a bug report with libexpat.
                    - Two new XML_FEATURE_* constants ..
                      - that can be queried using the XML_GetFeatureList function, and
                      - that are shown in "xmlwf -v" output.
                    - Two new environment variable switches ..
                      - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and
                      - EXPAT_ENTITY_DEBUG=(0|1)
                      .. for runtime debugging of accounting and entity processing.
                      Specific behavior of these values may change in the future.
                    - Two new command line arguments "-a FACTOR" and "-b BYTES"
                      for xmlwf to further tighten billion laughs protection
                      parameters when desired.
                      If you ever need to increase the defaults for non-attack XML
                      payload, please file a bug report with libexpat.

        Bug fixes:
       #332 #470  For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake)
                    or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault
                    for UTF-16 payloads containing CDATA sections.
       #485 #486  Autotools: Fix generated CMake files for non-64bit and
                    non-Linux platforms (e.g. macOS and MinGW in particular)
                    that were introduced with release 2.3.0

        Other changes:
       #468 #469  xmlwf: Improve help output and the xmlwf man page
            #463  xmlwf: Improve maintainability through some refactoring
            #477  xmlwf: Fix man page DocBook validity
            #456  Autotools: Sync CMake templates with CMake 3.18
       #458 #459  CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR
                    and CMAKE_INSTALL_INCLUDEDIR
       #471 #481  CMake: Add support for standard variable BUILD_SHARED_LIBS
            #457  Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters
            #467  Resolve macro HAVE_EXPAT_CONFIG_H
            #472  Delete unused legacy helper file "conftools/PrintPath"
       #473 #483  Improve attribution
  #464 #465 #477  doc/reference.html: Fix XHTML validity
       #475 #478  doc/reference.html: Replace the 90s look by OK.css
            #479  Version info bumped from 8:0:7 to 9:0:8
                    due to addition of new symbols and error codes;
                    see https://verbump.de/ for what these numbers do

        Infrastructure:
            #456  CI: Enable periodic runs
            #457  CI: Start covering the list of exported symbols
            #474  CI: Isolate coverage task
       #476 #482  CI: Adapt to breaking changes in image "ubuntu-18.04"
            #477  CI: Cover well-formedness and DocBook/XHTML validity
                    of doc/reference.html and doc/xmlwf.xml

        Special thanks to:
            Dimitry Andric
            Eero Helenius
            Nick Wellnhofer
            Rhodri James
            Tomas Korbar
            Yury Gribov
                 and
            Clang LeakSan
            JetBrains
            OSS-Fuzz

Release 2.3.0 Thu March 25 2021
        Bug fixes:
            #438  When calling XML_ParseBuffer without a prior successful call to
                    XML_GetBuffer as a user, no longer trigger undefined behavior
                    (by adding an integer to a NULL pointer) but rather return
                    XML_STATUS_ERROR and set the error code to (new) code
                    XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
                    of Clang 11 (but not Clang 9).
            #444  xmlwf: Exit status 2 was used for both:
                    - malformed input files (documented) and
                    - invalid command-line arguments (undocumented).
                    The case of invalid command-line arguments now
                    has its own exit status 4, resolving the ambiguity.

        Other changes:
            #439  xmlwf: Add argument -k to allow continuing after
                    non-fatal errors
            #439  xmlwf: Add section about exit status to the -h help output
  #422 #426 #447  Windows: Drop support for Visual Studio <=14.0/2015
            #434  Windows: CMake: Detect unsupported Visual Studio at
                    configure time (rather than at compile time)
       #382 #428  testrunner: Make verbose mode (argument "-v") report
                    about passed tests, and make default mode report about
                    failures, as well.
            #442  CMake: Call "enable_language(CXX)" prior to tinkering
                    with CMAKE_CXX_* variables
            #448  Document use of libexpat from a CMake-based project
            #451  Autotools: Install CMake files as generated by CMake 3.19.6
                    so that users with "find_package(expat [..] CONFIG [..])"
                    are served on distributions that are *not* using the CMake
                    build system inside for libexpat packaging
       #436 #437  Autotools: Drop obsolescent macro AC_HEADER_STDC
       #450 #452  Autotools: Resolve use of obsolete macro AC_CONFIG_HEADER
            #441  Address compiler warnings
            #443  Version info bumped from 7:12:6 to 8:0:7
                    due to addition of error code XML_ERROR_NO_BUFFER
                    (see https://verbump.de/ for what these numbers do)

        Infrastructure:
       #435 #446  Replace Travis CI by GitHub Actions

        Special thanks to:
            Alexander Richardson
            Oleksandr Popovych
            Thomas Beutlich
            Tim Bray
                 and
            Clang LeakSan, Clang 11 UBSan and the Clang team

Release 2.2.10 Sat October 3 2020
        Bug fixes:
  #390 #395 #398  Fix undefined behavior during parsing caused by
                    pointer arithmetic with NULL pointers
       #404 #405  Fix reading uninitialized variable during parsing
            #406  xmlwf: Add missing check for malloc NULL return

        Other changes:
            #396  Windows: Drop support for Visual Studio <=8.0/2005
            #409  Windows: Add missing file "Changes" to the installer
                    to fix compilation with CMake from installed sources
            #403  xmlwf: Document exit codes in xmlwf manpage and
                    exit with code 3 (rather than code 1) for output errors
                    when used with "-d DIRECTORY"
       #356 #359  MinGW: Provide declaration of rand_s for mingwrt <5.3.0
       #383 #392  Autotools: Use -Werror while configure tests the compiler
                    for supported compile flags to avoid false positives
  #383 #393 #394  Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS,
                    e.g. ensure that they have the last word over flags added
                    while running ./configure
            #360  CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis
                    on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
            #360  CMake: Detect and deny unsupported build combinations
                    involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t)
            #360  CMake: Install pre-compiled shipped xmlwf.1 manpage in case
                    of -DEXPAT_BUILD_DOCS=OFF
  #375 #380 #419  CMake: Fix use of Expat by means of add_subdirectory
       #407 #408  CMake: Keep expat target name constant at "expat"
                    (i.e. refrain from using the target name to control
                    build artifact filenames)
            #385  CMake: Fix compilation with -DEXPAT_SHARED_LIBS=OFF for
                    Windows
                  CMake: Expose man page compilation as target "xmlwf-manpage"
       #413 #414  CMake: Introduce option EXPAT_BUILD_PKGCONFIG
                    to control generation of pkg-config file "expat.pc"
            #424  CMake: Add minimalistic support for building binary packages
                    with CMake target "package"; based on CPack
            #366  CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with
                    default OFF to build fuzzer code against OSS-Fuzz and
                    related environment variable LIB_FUZZING_ENGINE
            #354  Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF, each
    #354 #355 ..
       #356 #412  Address compiler warnings
       #368 #369  Address pngcheck warnings with doc/*.png images
            #425  Version info bumped from 7:11:6 to 7:12:6

        Special thanks to:
            asavah
            Ben Wagner
            Bhargava Shastry
            Frank Landgraf
            Jeffrey Walton
            Joe Orton
            Kleber Tarcísio
            Ma Lin
            Maciej Sroczyński
            Mohammed Khajapasha
            Vadim Zeitlin
                 and
            Cppcheck 2.0 and the Cppcheck team

Release 2.2.9 Wed September 25 2019
        Other changes:
                  examples: Drop executable bits from elements.c
            #349  Windows: Change the name of the Windows DLLs from expat*.dll
                    to libexpat*.dll once more (regression from 2.2.8, first
                    fixed in 1.95.3, issue #61 on SourceForge today,
                    was issue #432456 back then); needs a fix due
                    case-insensitive file systems on Windows and the fact that
                    Perl's XML::Parser::Expat compiles into Expat.dll.
            #347  Windows: Only define _CRT_RAND_S if not defined
                  Version info bumped from 7:10:6 to 7:11:6

        Special thanks to:
            Ben Wagner

Release 2.2.8 Fri September 13 2019
        Security fixes:
       #317 #318  CVE-2019-15903 -- Fix heap overflow triggered by
                    XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber),
                    and deny internal entities closing the doctype;
                    fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43

        Bug fixes:
            #240  Fix cases where XML_StopParser did not have any effect
                    when called from inside of an end element handler
            #341  xmlwf: Fix exit code for operation without "-d DIRECTORY";
                    previously, only "-d DIRECTORY" would give you a proper
                    exit code:
                      # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $?
                      2
                      # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $?
                      0
                    Now both cases return exit code 2.

        Other changes:
       #299 #302  Windows: Replace LoadLibrary hack to access
                    unofficial API function SystemFunction036 (RtlGenRandom)
                    by using official API function rand_s (needs WinXP+)
            #325  Windows: Drop support for Visual Studio <=7.1/2003
                    and document supported compilers in README.md
            #286  Windows: Remove COM code from xmlwf; in case it turns
                    out needed later, there will be a dedicated repository
                    below https://github.com/libexpat/ for that code
            #322  Windows: Remove explicit MSVC solution and project files.
                    You can generate Visual Studio solution files through
                    CMake, e.g.: cmake -G"Visual Studio 15 2017" .
            #338  xmlwf: Make "xmlwf -h" help output more friendly
            #339  examples: Improve elements.c
       #244 #264  Autotools: Add argument --enable-xml-attr-info
       #239 #301  Autotools: Add arguments
                    --with-getrandom
                    --without-getrandom
                    --with-sys-getrandom
                    --without-sys-getrandom
       #312 #343  Autotools: Fix linking issues with "./configure LD=clang"
                  Autotools: Fix "make run-xmltest" for out-of-source builds
       #329 #336  CMake: Pull all options from Expat <=2.2.7 into namespace
                    prefix EXPAT_ with the exception of DOCBOOK_TO_MAN:
                    - BUILD_doc            -> EXPAT_BUILD_DOCS (plural)
                    - BUILD_examples       -> EXPAT_BUILD_EXAMPLES
                    - BUILD_shared         -> EXPAT_SHARED_LIBS
                    - BUILD_tests          -> EXPAT_BUILD_TESTS
                    - BUILD_tools          -> EXPAT_BUILD_TOOLS
                    - DOCBOOK_TO_MAN       -> DOCBOOK_TO_MAN (unchanged)
                    - INSTALL              -> EXPAT_ENABLE_INSTALL
                    - MSVC_USE_STATIC_CRT  -> EXPAT_MSVC_STATIC_CRT
                    - USE_libbsd           -> EXPAT_WITH_LIBBSD
                    - WARNINGS_AS_ERRORS   -> EXPAT_WARNINGS_AS_ERRORS
                    - XML_CONTEXT_BYTES    -> EXPAT_CONTEXT_BYTES
                    - XML_DEV_URANDOM      -> EXPAT_DEV_URANDOM
                    - XML_DTD              -> EXPAT_DTD
                    - XML_NS               -> EXPAT_NS
                    - XML_UNICODE          -> EXPAT_CHAR_TYPE=ushort (!)
                    - XML_UNICODE_WCHAR_T  -> EXPAT_CHAR_TYPE=wchar_t (!)
       #244 #264  CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF),
                    default OFF
            #326  CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF),
                    default OFF
            #328  CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF),
                    default OFF
       #239 #277  CMake: Add arguments
                    -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO
                    -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO
            #326  CMake: Install expat_config.h to include directory
            #326  CMake: Generate and install configuration files for
                    future find_package(expat [..] CONFIG [..])
                  CMake: Now produces a summary of applied configuration
                  CMake: Require C++ compiler only when tests are enabled
            #330  CMake: Fix compilation for 16bit character types,
                    i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON)
            #265  CMake: Fix linking with MinGW
            #330  CMake: Add full support for MinGW; to enable, use
                    -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake
            #330  CMake: Port "make run-xmltest" from GNU Autotools to CMake
            #316  CMake: Windows: Make binary postfix match MSVC
                    Old: expat[d].lib
                    New: expat[w][d][MD|MT].lib
                  CMake: Migrate files from Windows to Unix line endings
            #308  CMake: Integrate OSS-Fuzz fuzzers, option
                    -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF
             #14  Drop an OpenVMS support leftover
    #235 #268 ..
    #270 #310 ..
  #313 #331 #333  Address compiler warnings
    #282 #283 ..
       #284 #285  Address cppcheck warnings
       #294 #295  Address Clang Static Analyzer warnings
        #24 #293  Mass-apply clang-format 9 (and ensure conformance during CI)
                  Version info bumped from 7:9:6 to 7:10:6

        Special thanks to:
            David Loffredo
            Joonun Jang
            Kishore Kunche
            Marco Maggi
            Mitch Phillips
            Mohammed Khajapasha
            Rolf Ade
            xantares
            Zhongyuan Zhou

Release 2.2.7 Wed June 19 2019
        Security fixes:
       #186 #262  CVE-2018-20843 -- Fix extraction of namespace prefixes from
                    XML names; XML names with multiple colons could end up in
                    the wrong namespace, and take a high amount of RAM and CPU
                    resources while processing, opening the door to
                    use for denial-of-service attacks

        Other changes:
       #195 #197  Autotools/CMake: Utilize -fvisibility=hidden to stop
                    exporting non-API symbols
            #227  Autotools: Add --without-examples and --without-tests
            #228  Autotools: Modernize configure.ac
       #245 #246  Autotools: Fix check for -fvisibility=hidden for Clang
       #247 #248  Autotools: Fix compilation for lack of docbook2x-man
       #236 #258  Autotools: Produce .tar.{gz,lz,xz} release archives
            #212  CMake: Make libdir of pkgconfig expat.pc support multilib
       #158 #263  CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR
            #219  Remove fallback to bcopy, assume that memmove(3) exists
            #257  Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD)
            #243  Windows: Fix syntax of .def module definition files
                  Version info bumped from 7:8:6 to 7:9:6

        Special thanks to:
            Benjamin Peterson
            Caolán McNamara
            Hanno Böck
            KangLin
            Kishore Kunche
            Marco Maggi
            Rhodri James
            Sebastian Dröge
            userwithuid
            Yury Gribov

Release 2.2.6 Sun August 12 2018
        Bug fixes:
       #170 #206  Avoid doing arithmetic with NULL pointers in XML_GetBuffer
       #204 #205  Fix 2.2.5 regression with suspend-resume while parsing
                    a document like '<root/>'

        Other changes:
       #165 #168  Autotools: Fix docbook-related configure syntax error
            #166  Autotools: Avoid grep option `-q` for Solaris
            #167  Autotools: Support
                    ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation"
       #159 #167  Autotools: Support DOCBOOK_TO_MAN command which produces
                    xmlwf.1 rather than XMLWF.1; also covers case insensitive
                    file systems
            #181  Autotools: Drop -rpath option passed to libtool
            #188  Autotools: Detect and deny SGML docbook2man as ours is XML
            #188  Autotools/CMake: Support command db2x_docbook2man as well
            #174  CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF
       #184 #185  CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF
       #207 #208  CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T,
                    both defaulting to OFF
            #175  CMake: Prefer check_symbol_exists over check_function_exists
            #176  CMake: Create the same pkg-config file as with GNU Autotools
       #178 #179  CMake: Use GNUInstallDirs module to set proper defaults for
                    install directories
            #208  CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM
            #180  Windows: Fix compilation of test suite for Visual Studio 2008
  #131 #173 #202  Address compiler warnings
  #187 #190 #200  Fix miscellaneous typos
                  Version info bumped from 7:7:6 to 7:8:6

        Special thanks to:
            Anton Maklakov
            Benjamin Peterson
            Brad King
            Franek Korta
            Frank Rast
            Joe Orton
            luzpaz
            Pedro Vicente
            Rainer Jung
            Rhodri James
            Rolf Ade
            Rolf Eike Beer
            Thomas Beutlich
            Tomasz Kłoczko

Release 2.2.5 Tue October 31 2017
        Bug fixes:
              #8  If the parser runs out of memory, make sure its internal
                    state reflects the memory it actually has, not the memory
                    it wanted to have.
             #11  The default handler wasn't being called when it should for
                    a SYSTEM or PUBLIC doctype if an entity declaration handler
                    was registered.
       #137 #138  Fix a case of mistakenly reported parsing success where
                    XML_StopParser was called from an element handler
            #162  Function XML_ErrorString was returning NULL rather than
                    a message for code XML_ERROR_INVALID_ARGUMENT
                    introduced with release 2.2.1

        Other changes:
            #106  xmlwf: Add argument -N adding notation declarations
        #75 #106  Test suite: Resolve expected failure cases where xmlwf
                    output was incomplete
            #127  Windows: Fix test suite compilation
       #126 #127  Windows: Fix compilation for Visual Studio 2012
                  Windows: Upgrade shipped project files to Visual Studio 2017
        #33 #132  tests: Mass-fix compilation for XML_UNICODE_WCHAR_T
            #129  examples: Fix compilation for XML_UNICODE_WCHAR_T
            #130  benchmark: Fix compilation for XML_UNICODE_WCHAR_T
            #144  xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs
                    Windows or MinGW for 2-byte wchar_t
              #9  Address two Clang Static Analyzer false positives
             #59  Resolve troublesome macros hiding parser struct membership
                    and dereferencing that pointer
              #6  Resolve superfluous internal malloc/realloc switch
       #153 #155  Improve docbook2x-man detection
            #160  Undefine NDEBUG in the test suite (rather than rejecting it)
            #161  Address compiler warnings
                  Version info bumped from 7:6:6 to 7:7:6

        Special thanks to:
            Benbuck Nason
            Hans Wennborg
            José Gutiérrez de la Concha
            Pedro Monreal Gonzalez
            Rhodri James
            Rolf Ade
            Stephen Groat
                 and
            Core Infrastructure Initiative

Release 2.2.4 Sat August 19 2017
        Bug fixes:
            #115  Fix copying of partial characters for UTF-8 input

        Other changes:
            #109  Fix "make check" for non-x86 architectures that default
                    to unsigned type char (-128..127 rather than 0..255)
            #109  coverage.sh: Cover -funsigned-char
                  Autotools: Introduce --without-xmlwf argument
             #65  Autotools: Replace handwritten Makefile with GNU Automake
             #43  CMake: Auto-detect high quality entropy extractors, add new
                    option USE_libbsd=ON to use arc4random_buf of libbsd
             #74  CMake: Add -fno-strict-aliasing only where supported
            #114  CMake: Always honor manually set BUILD_* options
            #114  CMake: Compile man page if docbook2x-man is available, only
            #117  Include file tests/xmltest.log.expected in source tarball
                    (required for "make run-xmltest")
            #117  Include (existing) Visual Studio 2013 files in source tarball
                  Improve test suite error output
            #111  Fix some typos in documentation
                  Version info bumped from 7:5:6 to 7:6:6

        Special thanks to:
            Jakub Wilk
            Joe Orton
            Lin Tian
            Rolf Eike Beer

Release 2.2.3 Wed August 2 2017
        Security fixes:
             #82  CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
                    using Steve Holme's LoadLibrary wrapper for/of cURL

        Bug fixes:
             #85  Fix a dangling pointer issue related to realloc

        Other changes:
                  Increase code coverage
             #91  Linux: Allow getrandom to fail if nonblocking pool has not
                    yet been initialized and read /dev/urandom then, instead.
                    This is in line with what recent Python does.
             #81  Pre-10.7/Lion macOS: Support entropy from arc4random
             #86  Check that a UTF-16 encoding in an XML declaration has the
                    right endianness
        #4 #5 #7  Recover correctly when some reallocations fail
                  Repair "./configure && make" for systems without any
                    provider of high quality entropy
                    and try reading /dev/urandom on those
                  Ensure that user-defined character encodings have converter
                    functions when they are needed
                  Fix mis-leading description of argument -c in xmlwf.1
                  Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
                    for CloudABI
            #100  Fix use of SIPHASH_MAIN in siphash.h
             #23  Test suite: Fix memory leaks
                  Version info bumped from 7:4:6 to 7:5:6

        Special thanks to:
            Chanho Park
            Joe Orton
            Pascal Cuoq
            Rhodri James
            Simon McVittie
            Vadim Zeitlin
            Viktor Szakats
                 and
            Core Infrastructure Initiative

Release 2.2.2 Wed July 12 2017
        Security fixes:
             #43  Protect against compilation without any source of high
                    quality entropy enabled, e.g. with CMake build system;
                    commit ff0207e6076e9828e536b8d9cd45c9c92069b895
             #60  Windows with _UNICODE:
                    Unintended use of LoadLibraryW with a non-wide string
                    resulted in failure to load advapi32.dll and degradation
                    in quality of used entropy when compiled with _UNICODE for
                    Windows; you can launch existing binaries with
                    EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the
                    quality of entropy used during runtime; commits
                    * 95b95032f907ef1cd17ee7a9a1768010a825d61d
                    * 73a5a2e9c081f49f2d775cf7ced864158b68dc80
   [MOX-006]      Fix non-NULL parser parameter validation in XML_Parse;
                    resulted in NULL dereference, previously;
                    commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe

        Bug fixes:
             #69  Fix improper use of unsigned long long integer literals

        Other changes:
             #73  Start requiring a C99 compiler
             #49  Fix "==" Bashism in configure script
             #50  Fix too eager getrandom detection for Debian GNU/kFreeBSD
             #52    and macOS
             #51  Address lack of stdint.h in Visual Studio 2003 to 2008
             #58  Address compile warnings
             #68  Fix "./buildconf.sh && ./configure" for some versions
                    of Dash for /bin/sh
             #72  CMake: Ease use of Expat in context of a parent project
                    with multiple CMakeLists.txt files
             #72  CMake: Resolve mistaken executable permissions
             #76  Address compile warning with -DNDEBUG (not recommended!)
             #77  Address compile warning about macro redefinition

        Special thanks to:
            Alexander Bluhm
            Ben Boeckel
            Cătălin Răceanu
            Kerin Millar
            László Böszörményi
            S. P. Zeidler
            Segev Finer
            Václav Slavík
            Victor Stinner
            Viktor Szakats
                 and
            Radically Open Security

Release 2.2.1 Sat June 17 2017
        Security fixes:
                  CVE-2017-9233 -- External entity infinite loop DoS
                    Details: https://libexpat.github.io/doc/cve-2017-9233/
                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
   [MOX-002]      CVE-2016-9063 -- Detect integer overflow; commit
                    d4f735b88d9932bd5039df2335eefdd0723dbe20
                    (Fixed version of existing downstream patches!)
   (SF.net) #539  Fix regression from fix to CVE-2016-0718 cutting off
                    longer tag names; commits
                    * 896b6c1fd3b842f377d1b62135dccf0a579cf65d
                    * af507cef2c93cb8d40062a0abe43a4f4e9158fb2
             #16    * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd
             #25  More integer overflow detection (function poolGrow); commits
                    * 810b74e4703dcfdd8f404e3cb177d44684775143
                    * 44178553f3539ce69d34abee77a05e879a7982ac
   [MOX-002]      Detect overflow from len=INT_MAX call to XML_Parse; commits
                    * 4be2cb5afcc018d996f34bbbce6374b7befad47f
                    * 7e5b71b748491b6e459e5c9a1d090820f94544d8
   [MOX-005] #30  Use high quality entropy for hash initialization:
                    * arc4random_buf on BSD, systems with libbsd
                      (when configured with --with-libbsd), CloudABI
                    * RtlGenRandom on Windows XP / Server 2003 and later
                    * getrandom on Linux 3.17+
                    In a way, that's still part of CVE-2016-5300.
                    https://github.com/libexpat/libexpat/pull/30/commits
   [MOX-005]      For the low quality entropy extraction fallback code,
                    the parser instance address can no longer leak, commit
                    04ad658bd3079dd15cb60fc67087900f0ff4b083
   [MOX-003]      Prevent use of uninitialised variable; commit
   [MOX-004]        a4dc944f37b664a3ca7199c624a98ee37babdb4b
                  Add missing parameter validation to public API functions
                    and dedicated error code XML_ERROR_INVALID_ARGUMENT:
   [MOX-006]        * NULL checks; commits
                      * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many)
                      * 9ed727064b675b7180c98cb3d4f75efba6966681
                      * 6a747c837c50114dfa413994e07c0ba477be4534
                    * Negative length (XML_Parse); commit
   [MOX-002]          70db8d2538a10f4c022655d6895e4c3e78692e7f
   [MOX-001] #35  Change hash algorithm to William Ahern's version of SipHash
                    to go further with fixing CVE-2012-0876.
                    https://github.com/libexpat/libexpat/pull/39/commits

        Bug fixes:
             #32  Fix sharing of hash salt across parsers;
                    relevant where XML_ExternalEntityParserCreate is called
                    prior to XML_Parse, in particular (e.g. FBReader)
             #28  xmlwf: Auto-disable use of memory-mapping (and parsing
                    as a single chunk) for files larger than ~1 GB (2^30 bytes)
                    rather than failing with error "out of memory"
              #3  Fix double free after malloc failure in DTD code; commit
                    7ae9c3d3af433cd4defe95234eae7dc8ed15637f
             #17  Fix memory leak on parser error for unbound XML attribute
                    prefix with new namespaces defined in the same tag;
                    found by Google's OSS-Fuzz; commits
                    * 16f87daae5a16132e479e4f71862128c7a915c73
                    * b47dbc9745932c160893d433220e462bd605f8cd
                  xmlwf on Windows: Add missing calls to CloseHandle

        New features:
             #30  Introduced environment switch EXPAT_ENTROPY_DEBUG=1
                    for runtime debugging of entropy extraction

        Other changes:
                  Increase code coverage
             #33  Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2;
                    XML_UNICODE_WCHAR_T was never meant to be used outside
                    of Windows; 4-byte wchar_t is common on Linux
   (SF.net) #538  Start using -fno-strict-aliasing
   (SF.net) #540  Support compilation against cloudlibc of CloudABI
                  Allow MinGW cross-compilation
   (SF.net) #534  CMake: Introduce option "BUILD_doc" (enabled by default)
                    to bypass compilation of the xmlwf.1 man page
   (SF.net)  pr2  CMake: Introduce option "INSTALL" (enabled by default)
                    to bypass installation of expat files
                  CMake: Fix ninja support
                  Autotools: Add parameters --enable-xml-context [COUNT]
                    and --disable-xml-context; default of context of 1024
                    bytes enabled unchanged
             #14  Drop AmigaOS 4.x code and includes
             #14  Drop ancient build systems:
                    * Borland C++ Builder
                    * OpenVMS
                    * Open Watcom
                    * Visual Studio 6.0
                    * Pre-X Mac OS (MPW Makefile)
                    If you happen to rely on some of these, please get in
                    touch for joining with maintenance.
             #10  Move from WIN32 to _WIN32
             #13  Fix "make run-xmltest" order instability
                  Address compile warnings
                  Bump version info from 7:2:6 to 7:3:6
                  Add AUTHORS file

        Infrastructure:
              #1  Migrate from SourceForge to GitHub (except downloads):
                    https://github.com/libexpat/
              #1  Re-create http://libexpat.org/ project website
                  Start utilizing Travis CI

        Special thanks to:
            Andy Wang
            Don Lewis
            Ed Schouten
            Karl Waclawek
            Pascal Cuoq
            Rhodri James
            Sergei Nikulov
            Tobias Taschner
            Viktor Szakats
                 and
            Core Infrastructure Initiative
            Mozilla Foundation (MOSS Track 3: Secure Open Source)
            Radically Open Security

Release 2.2.0 Tue June 21 2016
        Security fixes:
            #537  CVE-2016-0718 -- Fix crash on malformed input
                  CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
                                   CVE-2015-2716 introduced with Expat 2.1.1
            #499  CVE-2016-5300 -- Use more entropy for hash initialization
                                   than the original fix to CVE-2012-0876
            #519  CVE-2012-6702 -- Resolve troublesome internal call to srand
                                   that was introduced with Expat 2.1.0
                                   when addressing CVE-2012-0876 (issue #496)

        Bug fixes:
                  Fix uninitialized reads of size 1
                    (e.g. in little2_updatePosition)
                  Fix detection of UTF-8 character boundaries

        Other changes:
            #532  Fix compilation for Visual Studio 2010 (keyword "C99")
                  Autotools: Resolve use of "$<" to better support bmake
                  Autotools: Add QA script "qa.sh" (and make target "qa")
                  Autotools: Respect CXXFLAGS if given
                  Autotools: Fix "make run-xmltest"
                  Autotools: Have "make run-xmltest" check for expected output
             p90  CMake: Fix static build (BUILD_shared=OFF) on Windows
            #536  CMake: Add soversion, support -DNO_SONAME=yes to bypass
            #323  CMake: Add suffix "d" to differentiate debug from release
                  CMake: Define WIN32 with CMake on Windows
                  Annotate memory allocators for GCC
                  Address all currently known compile warnings
                  Make sure that API symbols remain visible despite
                    -fvisibility=hidden
                  Remove executable flag from source files
                  Resolve COMPILED_FROM_DSP in favor of WIN32

        Special thanks to:
            Björn Lindahl
            Christian Heimes
            Cristian Rodríguez
            Daniel Krügler
            Gustavo Grieco
            Karl Waclawek
            László Böszörményi
            Marco Grassi
            Pascal Cuoq
            Sergei Nikulov
            Thomas Beutlich
            Warren Young
            Yann Droneaud

Release 2.1.1 Sat March 12 2016
        Security fixes:
            #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer

        Bug fixes:
            #502: Fix potential null pointer dereference
            #520: Symbol XML_SetHashSalt was not exported
            Output of "xmlwf -h" was incomplete

        Other changes:
            #503: Document behavior of calling XML_SetHashSalt with salt 0
            Minor improvements to man page xmlwf(1)
            Improvements to the experimental CMake build system
            libtool now invoked with --verbose

Release 2.1.0 Sat March 24 2012
        - Security fixes:
          #2958794: CVE-2012-1148 - Memory leak in poolGrow.
          #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
          #3496608: CVE-2012-0876 - Hash DOS attack.
          #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
          #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
        - Bug Fixes:
          #1742315: Harmful XML_ParserCreateNS suggestion.
          #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
          #1983953, 2517952, 2517962, 2649838: 
                Build modifications using autoreconf instead of buildconf.sh.
          #2815947, #2884086: OBJEXT and EXEEXT support while building.
          #2517938: xmlwf should return non-zero exit status if not well-formed.
          #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
          #2855609: Dangling positionPtr after error.
          #2990652: CMake support.
          #3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
          #3206497: Uninitialized memory returned from XML_Parse.
          #3287849: make check fails on mingw-w64.
        - Patches:
          #1749198: pkg-config support.
          #3010222: Fix for bug #3010819.
          #3312568: CMake support.
          #3446384: Report byte offsets for attr names and values.
        - New Features / API changes:
          Added new API member XML_SetHashSalt() that allows setting an initial
                value (salt) for hash calculations. This is part of the fix for
                bug #3496608 to randomize hash parameters.
          When compiled with XML_ATTR_INFO defined, adds new API member
                XML_GetAttributeInfo() that allows retrieving the byte
                offsets for attribute names and values (patch #3446384).
          Added CMake build system.
                See bug #2990652 and patch #3312568.
          Added run-benchmark target to Makefile.in - relies on testdata module
                present in the same relative location as in the repository.
          
Release 2.0.1 Tue June 5 2007
        - Fixed bugs #1515266, #1515600: The character data handler's calling
          of XML_StopParser() was not handled properly; if the parser was
          stopped and the handler set to NULL, the parser would segfault.
        - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed
          some character constants to be ASCII encoded.
        - Minor cleanups of the test harness.
        - Fixed xmlwf bug #1513566: "out of memory" error on file size zero.
        - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call.
        - Fixes and improvements for Windows platform:
          bugs #1409451, #1476160, #1548182, #1602769, #1717322.
        - Build fixes for various platforms:
          HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180.
          All Unix: #1554618 (refreshed config.sub/config.guess).
                    #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT,
                    without relying on GNU-Make specific features.
          #1647805: Patched configure.in to work better with Intel compiler.
        - Fixes to Makefile.in to have make check work correctly:
          bugs #1408143, #1535603, #1536684.
        - Added Open Watcom support: patch #1523242.

Release 2.0.0 Wed Jan 11 2006
        - We no longer use the "check" library for C unit testing; we
          always use the (partial) internal implementation of the API.
        - Report XML_NS setting via XML_GetFeatureList().
        - Fixed headers for use from C++.
        - XML_GetCurrentLineNumber() and  XML_GetCurrentColumnNumber()
          now return unsigned integers.
        - Added XML_LARGE_SIZE switch to enable 64-bit integers for
          byte indexes and line/column numbers.
        - Updated to use libtool 1.5.22 (the most recent).
        - Added support for AmigaOS.
        - Some mostly minor bug fixes. SF issues include: #1006708,
          #1021776, #1023646, #1114960, #1156398, #1221160, #1271642.

Release 1.95.8 Fri Jul 23 2004
        - Major new feature: suspend/resume.  Handlers can now request
          that a parse be suspended for later resumption or aborted
          altogether.  See "Temporarily Stopping Parsing" in the
          documentation for more details.
        - Some mostly minor bug fixes, but compilation should no
          longer generate warnings on most platforms.  SF issues
          include: #827319, #840173, #846309, #888329, #896188, #923913,
          #928113, #961698, #985192.

Release 1.95.7 Mon Oct 20 2003
        - Fixed enum XML_Status issue (reported on SourceForge many
          times), so compilers that are properly picky will be happy.
        - Introduced an XMLCALL macro to control the calling
          convention used by the Expat API; this macro should be used
          to annotate prototypes and definitions of callback
          implementations in code compiled with a calling convention
          other than the default convention for the host platform.
        - Improved ability to build without the configure-generated
          expat_config.h header.  This is useful for applications
          which embed Expat rather than linking in the library.
        - Fixed a variety of bugs: see SF issues #458907, #609603,
          #676844, #679754, #692878, #692964, #695401, #699323, #699487,
          #820946.
        - Improved hash table lookups.
        - Added more regression tests and improved documentation.

Release 1.95.6 Tue Jan 28 2003
        - Added XML_FreeContentModel().
        - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree().
        - Fixed a variety of bugs: see SF issues #615606, #616863,
          #618199, #653180, #673791.
        - Enhanced the regression test suite.
        - Man page improvements: includes SF issue #632146.

Release 1.95.5 Fri Sep 6 2002
        - Added XML_UseForeignDTD() for improved SAX2 support.
        - Added XML_GetFeatureList().
        - Defined XML_Bool type and the values XML_TRUE and XML_FALSE.
        - Use an incomplete struct instead of a void* for the parser
          (may not retain).
        - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected.
        - Finally fixed bug where default handler would report DTD
          events that were already handled by another handler.
          Initial patch contributed by Darryl Miles.
        - Removed unnecessary DllMain() function that caused static
          linking into a DLL to be difficult.
        - Added VC++ projects for building static libraries.
        - Reduced line-length for all source code and headers to be
          no longer than 80 characters, to help with AS/400 support.
        - Reduced memory copying during parsing (SF patch #600964).
        - Fixed a variety of bugs: see SF issues #580793, #434664,
          #483514, #580503, #581069, #584041, #584183, #584832, #585537,
          #596555, #596678, #598352, #598944, #599715, #600479, #600971.

Release 1.95.4 Fri Jul 12 2002
        - Added support for VMS, contributed by Craig Berry.  See
          vms/README.vms for more information.
        - Added Mac OS (classic) support, with a makefile for MPW,
          contributed by Thomas Wegner and Daryle Walker.
        - Added Borland C++ Builder 5 / BCC 5.5 support, contributed
          by Patrick McConnell (SF patch #538032).
        - Fixed a variety of bugs: see SF issues #441449, #563184,
          #564342, #566334, #566901, #569461, #570263, #575168, #579196.
        - Made skippedEntityHandler conform to SAX2 (see source comment)
        - Re-implemented WFC: Entity Declared from XML 1.0 spec and
          added a new error "entity declared in parameter entity":
          see SF bug report #569461 and SF patch #578161
        - Re-implemented section 5.1 from XML 1.0 spec:
          see SF bug report #570263 and SF patch #578161

Release 1.95.3 Mon Jun 3 2002
        - Added a project to the MSVC workspace to create a wchar_t
          version of the library; the DLLs are named libexpatw.dll.
        - Changed the name of the Windows DLLs from expat.dll to
          libexpat.dll; this fixes SF bug #432456.
        - Added the XML_ParserReset() API function.
        - Fixed XML_SetReturnNSTriplet() to work for element names.
        - Made the XML_UNICODE builds usable (thanks, Karl!).
        - Allow xmlwf to read from standard input.
        - Install a man page for xmlwf on Unix systems.
        - Fixed many bugs; see SF bug reports #231864, #461380, #464837,
          #466885, #469226, #477667, #484419, #487840, #494749, #496505,
          #547350.  Other bugs which we can't test as easily may also
          have been fixed, especially in the area of build support.

Release 1.95.2 Fri Jul 27 2001
        - More changes to make MSVC happy with the build; add a single
          workspace to support both the library and xmlwf application.
        - Added a Windows installer for Windows users; includes
          xmlwf.exe.
        - Added compile-time constants that can be used to determine the
          Expat version
        - Removed a lot of GNU-specific dependencies to aide portability
          among the various Unix flavors.
        - Fix the UTF-8 BOM bug.
        - Cleaned up warning messages for several compilers.
        - Added the -Wall, -Wstrict-prototypes options for GCC.

Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000
        - Changes to get expat to build under Microsoft compiler
        - Removed all aborts and instead return an UNEXPECTED_STATE error.
        - Fixed a bug where a stray '%' in an entity value would cause an
          abort.
        - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for
          finding this oversight.
        - Changed default patterns in lib/Makefile.in to fit non-GNU makes
          Thanks to robin@unrated.net for reporting and providing an
          account to test on.
        - The reference had the wrong label for XML_SetStartNamespaceDecl.
          Reported by an anonymous user.

Release 1.95.0 Fri Sep 29 2000
        - XML_ParserCreate_MM
                Allows you to set a memory management suite to replace the
                standard malloc,realloc, and free.
        - XML_SetReturnNSTriplet
                If you turn this feature on when namespace processing is in
                effect, then qualified, prefixed element and attribute names
                are returned as "uri|name|prefix" where '|' is whatever
                separator character is used in namespace processing.
        - Merged in features from perl-expat
                o XML_SetElementDeclHandler
                o XML_SetAttlistDeclHandler
                o XML_SetXmlDeclHandler
                o XML_SetEntityDeclHandler
                o StartDoctypeDeclHandler takes 3 additional parameters:
                        sysid, pubid, has_internal_subset
                o Many paired handler setters (like XML_SetElementHandler)
                  now have corresponding individual handler setters
                o XML_GetInputContext for getting the input context of
                  the current parse position.
        - Added reference material
        - Packaged into a distribution that builds a sharable library