summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* Merge pull request #564 from libexpat/issue-557-prepare-releaseR_2_4_5Sebastian Pipping2022-02-1814-20/+40
|\
| * Set expected release date for 2.4.5Sebastian Pipping2022-02-182-2/+2
| * Sync file headersSebastian Pipping2022-02-183-3/+3
| * Bump version to 2.4.5Sebastian Pipping2022-02-188-13/+13
| * Bump version info from 9:4:8 to 9:5:8Sebastian Pipping2022-02-183-2/+6
| * Changes: Document #558 #559 #560Sebastian Pipping2022-02-181-0/+16
|/
* Merge pull request #562 from libexpat/utf8-securitySebastian Pipping2022-02-184-12/+127
|\
| * Changes: Document CVE-2022-25235Sebastian Pipping2022-02-181-0/+7
| * tests: Cover missing validation of encoding (CVE-2022-25235)Sebastian Pipping2022-02-181-0/+109
| * lib: Add comments to BT_LEAD* cases where encoding has already been validatedSebastian Pipping2022-02-181-5/+5
| * lib: Add missing validation of encoding (CVE-2022-25235)Sebastian Pipping2022-02-181-2/+6
| * lib: Drop unused macro UTF8_GET_NAMINGSebastian Pipping2022-02-181-5/+0
|/
* Merge pull request #561 from libexpat/namesep-securitySebastian Pipping2022-02-183-4/+59
|\
| * Changes: Document CVE-2022-25236Sebastian Pipping2022-02-161-0/+16
| * tests: Cover CVE-2022-25236Sebastian Pipping2022-02-161-0/+30
| * lib: Protect against malicious namespace declarations (CVE-2022-25236)Sebastian Pipping2022-02-161-0/+11
| * lib: Fix (harmless) use of uninitialized memorySebastian Pipping2022-02-161-4/+2
* | Merge pull request #560 from ferivoz/copySebastian Pipping2022-02-181-1/+1
|\ \
| * | Prevent integer overflow in copyStringSamanta Navarro2022-02-151-1/+1
* | | Merge pull request #559 from ferivoz/rawnamesSebastian Pipping2022-02-181-1/+6
|\ \ \
| * | | Prevent integer overflow in storeRawNamesSamanta Navarro2022-02-151-1/+6
| |/ /
* | | Merge pull request #558 from ferivoz/modelSebastian Pipping2022-02-181-37/+79
|\ \ \ | |_|/ |/| |
| * | Prevent stack exhaustion in build_modelSamanta Navarro2022-02-151-37/+79
| |/
* | Merge pull request #563 from libexpat/extend-mailmapSebastian Pipping2022-02-1510-9/+10
|\ \ | |/ |/|
| * Sync file headersSebastian Pipping2022-02-159-9/+9
| * Extend .mailmapSebastian Pipping2022-02-151-0/+1
|/
* Merge pull request #554 from libexpat/issue-552-prepare-releaseR_2_4_4Sebastian Pipping2022-01-3016-22/+36
|\
| * win32: Add missing files to the installerSebastian Pipping2022-01-292-0/+7
| * doc: Drop unused file valid-xhtml10.pngSebastian Pipping2022-01-293-2/+0
| * .gitignore: Add missingSebastian Pipping2022-01-292-0/+2
| * xmlwf.xml: Adapt note to current practiceSebastian Pipping2022-01-291-1/+1
| * Set expected release date for 2.4.4Sebastian Pipping2022-01-292-2/+2
| * Sync file headersSebastian Pipping2022-01-293-2/+3
| * Bump version to 2.4.4Sebastian Pipping2022-01-298-13/+13
| * Bump version info from 9:3:8 to 9:4:8Sebastian Pipping2022-01-293-2/+4
| * Changes: Document #546Sebastian Pipping2022-01-291-0/+4
|/
* Stop casting void* results from calls to .malloc_fcn (#553)czentgr2022-01-291-8/+8
* Merge pull request #551 from libexpat/prevent-doprolog-overflowSebastian Pipping2022-01-262-2/+14
|\
| * Changes: Document CVE-2022-23990Sebastian Pipping2022-01-261-0/+6
| * lib: Prevent integer overflow in doProlog (CVE-2022-23990)Sebastian Pipping2022-01-261-2/+8
|/
* Merge pull request #545 from libexpat/issue-544-fix-xmlwf-memleak-on-file-ope...Sebastian Pipping2022-01-242-2/+8
|\
| * xmlwf: Fix a memory leak on output file opening errorSebastian Pipping2022-01-242-2/+8
|/
* Merge pull request #550 from libexpat/prevent-getbuffer-overflowSebastian Pipping2022-01-243-0/+44
|\
| * Changes: Document CVE-2022-23852prevent-getbuffer-overflowSebastian Pipping2022-01-241-0/+12
| * tests: Cover integer overflow in XML_GetBuffer (CVE-2022-23852)Sebastian Pipping2022-01-241-0/+27
| * lib: Detect and prevent integer overflow in XML_GetBuffer (CVE-2022-23852)Samanta Navarro2022-01-241-0/+5
|/
* Merge pull request #548 from ferivoz/typosSebastian Pipping2022-01-223-4/+4
|\
| * Fix typosSamanta Navarro2022-01-223-4/+4
|/
* [>=2.3.0] Autotools: Fix broken CMake support under Cygwin (#546)Carlo Bramini2022-01-202-3/+11
* Merge branch 'issue-533-prepare-release' (#533)R_2_4_3Sebastian Pipping2022-01-1616-31/+36
|\
View Lorry Controller Status