summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* tests: Resolve use of macros NAN and INFINITY for GNU G++ 4.8.2resolve-use-of-macros-nan-and-infinitySebastian Pipping2022-02-232-3/+22
* Merge pull request #568 from libexpat/issue-567-prepare-releaseR_2_4_6Sebastian Pipping2022-02-2011-18/+22
|\
| * Set expected release date for 2.4.6Sebastian Pipping2022-02-202-2/+2
| * Bump version to 2.4.6Sebastian Pipping2022-02-208-13/+13
| * Bump version info from 9:5:8 to 9:6:8Sebastian Pipping2022-02-203-2/+6
| * Changes: Finalize entry on #566Sebastian Pipping2022-02-201-1/+1
|/
* Merge pull request #566 from ferivoz/model-regressionSebastian Pipping2022-02-203-32/+140
|\
| * Changes: Document regression from CVE-2022-25313 fixSebastian Pipping2022-02-201-0/+16
| * tests: Protect against nested element declaration model regressionsSebastian Pipping2022-02-201-0/+77
| * Fix build_model regression.Samanta Navarro2022-02-201-32/+47
|/
* Merge pull request #564 from libexpat/issue-557-prepare-releaseR_2_4_5Sebastian Pipping2022-02-1814-20/+40
|\
| * Set expected release date for 2.4.5Sebastian Pipping2022-02-182-2/+2
| * Sync file headersSebastian Pipping2022-02-183-3/+3
| * Bump version to 2.4.5Sebastian Pipping2022-02-188-13/+13
| * Bump version info from 9:4:8 to 9:5:8Sebastian Pipping2022-02-183-2/+6
| * Changes: Document #558 #559 #560Sebastian Pipping2022-02-181-0/+16
|/
* Merge pull request #562 from libexpat/utf8-securitySebastian Pipping2022-02-184-12/+127
|\
| * Changes: Document CVE-2022-25235Sebastian Pipping2022-02-181-0/+7
| * tests: Cover missing validation of encoding (CVE-2022-25235)Sebastian Pipping2022-02-181-0/+109
| * lib: Add comments to BT_LEAD* cases where encoding has already been validatedSebastian Pipping2022-02-181-5/+5
| * lib: Add missing validation of encoding (CVE-2022-25235)Sebastian Pipping2022-02-181-2/+6
| * lib: Drop unused macro UTF8_GET_NAMINGSebastian Pipping2022-02-181-5/+0
|/
* Merge pull request #561 from libexpat/namesep-securitySebastian Pipping2022-02-183-4/+59
|\
| * Changes: Document CVE-2022-25236Sebastian Pipping2022-02-161-0/+16
| * tests: Cover CVE-2022-25236Sebastian Pipping2022-02-161-0/+30
| * lib: Protect against malicious namespace declarations (CVE-2022-25236)Sebastian Pipping2022-02-161-0/+11
| * lib: Fix (harmless) use of uninitialized memorySebastian Pipping2022-02-161-4/+2
* | Merge pull request #560 from ferivoz/copySebastian Pipping2022-02-181-1/+1
|\ \
| * | Prevent integer overflow in copyStringSamanta Navarro2022-02-151-1/+1
* | | Merge pull request #559 from ferivoz/rawnamesSebastian Pipping2022-02-181-1/+6
|\ \ \
| * | | Prevent integer overflow in storeRawNamesSamanta Navarro2022-02-151-1/+6
| |/ /
* | | Merge pull request #558 from ferivoz/modelSebastian Pipping2022-02-181-37/+79
|\ \ \ | |_|/ |/| |
| * | Prevent stack exhaustion in build_modelSamanta Navarro2022-02-151-37/+79
| |/
* | Merge pull request #563 from libexpat/extend-mailmapSebastian Pipping2022-02-1510-9/+10
|\ \ | |/ |/|
| * Sync file headersSebastian Pipping2022-02-159-9/+9
| * Extend .mailmapSebastian Pipping2022-02-151-0/+1
|/
* Merge pull request #554 from libexpat/issue-552-prepare-releaseR_2_4_4Sebastian Pipping2022-01-3016-22/+36
|\
| * win32: Add missing files to the installerSebastian Pipping2022-01-292-0/+7
| * doc: Drop unused file valid-xhtml10.pngSebastian Pipping2022-01-293-2/+0
| * .gitignore: Add missingSebastian Pipping2022-01-292-0/+2
| * xmlwf.xml: Adapt note to current practiceSebastian Pipping2022-01-291-1/+1
| * Set expected release date for 2.4.4Sebastian Pipping2022-01-292-2/+2
| * Sync file headersSebastian Pipping2022-01-293-2/+3
| * Bump version to 2.4.4Sebastian Pipping2022-01-298-13/+13
| * Bump version info from 9:3:8 to 9:4:8Sebastian Pipping2022-01-293-2/+4
| * Changes: Document #546Sebastian Pipping2022-01-291-0/+4
|/
* Stop casting void* results from calls to .malloc_fcn (#553)czentgr2022-01-291-8/+8
* Merge pull request #551 from libexpat/prevent-doprolog-overflowSebastian Pipping2022-01-262-2/+14
|\
| * Changes: Document CVE-2022-23990Sebastian Pipping2022-01-261-0/+6
| * lib: Prevent integer overflow in doProlog (CVE-2022-23990)Sebastian Pipping2022-01-261-2/+8
|/
View Lorry Controller Status