Cart
[Home] [By Thread] [By Date] [Recent Entries]
Hi! Expat 2.2.1 has been released. It's a security release with a variety of security fixes, for instance: An infinite loop denial-of-service fix (that Rhodri James wrote more about [1]), introduction of SipHash against sophisticated hash flooding, use of OS-specific high quality entropy providers like getrandom, integer overflow fixes, and more. We also got better code coverage, moved all but the downloads from SourceForge to GitHub, ... but maybe have a look at the detailed change log [2] yourself :) So if you control copies of Expat somewhere, please get them updated. Let me use the occasion to point out that we are looking for help with a few things Expat. There are tickets with details up here [3]. If you can help, please get in touch. Thanks and best Sebastian [1] https://libexpat.github.io/doc/cve-2017-9233/ [2] https://github.com/libexpat/libexpat/blob/master/expat/Changes [3] https://github.com/libexpat/libexpat/labels/help%20wanted [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] |
