summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG13
-rw-r--r--sqlparse/__init__.py2
2 files changed, 12 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 41a4c2a..7be71b6 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,14 @@
-Development Version
--------------------
+Release 0.4.2 (Sep 10, 2021)
+----------------------------
+
+Notable Changes
+
+* IMPORTANT: This release fixes a security vulnerability in the
+ strip comments filter. In this filter a regular expression that was
+ vulnerable to ReDOS (Regular Expression Denial of Service) was
+ used.
+ The vulnerability was discovered by @erik-krogh and @yoff from
+ GitHub Security Lab (GHSL). Thanks for reporting!
Enhancements
diff --git a/sqlparse/__init__.py b/sqlparse/__init__.py
index bb9b88a..9cab9d2 100644
--- a/sqlparse/__init__.py
+++ b/sqlparse/__init__.py
@@ -16,7 +16,7 @@ from sqlparse import filters
from sqlparse import formatter
-__version__ = '0.4.2.dev0'
+__version__ = '0.4.2'
__all__ = ['engine', 'filters', 'formatter', 'sql', 'tokens', 'cli']
View Lorry Controller Status