blob: e8c0224b0fb15c1815ebd0aa28983a5019bd4cae (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
Changelog
=========
defusedxml 0.4
--------------
*Release date: ??-???-2013*
- As per http://seclists.org/oss-sec/2013/q1/340 please REJECT
CVE-2013-0278, CVE-2013-0279 and CVE-2013-0280 and use CVE-2013-1664,
CVE-2013-1665 for OpenStack/etc.
defusedxml 0.3
--------------
*Release date: 19-Feb-2013*
- Improve documentation
defusedxml 0.2
--------------
*Release date: 15-Feb-2013*
- Rename ExternalEntitiesForbidden to ExternalReferenceForbidden
- Rename defusedxml.lxml.check_dtd() to check_docinfo()
- Unify argument names in callbacks
- Add arguments and formatted representation to exceptions
- Add forbid_external argument to all functions and classs
- More tests
- LOTS of documentation
- Add example code for other languages (Ruby, Perl, PHP) and parsers (Genshi)
- Add protection against XML and gzip attacks to xmlrpclib
defusedxml 0.1
--------------
*Release date: 08-Feb-2013*
- Initial and internal release for PSRT review
|