This is an automated email from the ASF dual-hosted git repository. scantor pushed a commit to branch xerces-3.2 in repository https://gitbox.apache.org/repos/asf/xerces-c.git
The following commit(s) were added to refs/heads/xerces-3.2 by this push: new 53c164114 Update version and site material. 53c164114 is described below commit 53c16411466bf90c62617831fe92ed0f41e70882 Author: Scott Cantor <canto...@osu.edu> AuthorDate: Wed Dec 13 11:32:06 2023 -0500 Update version and site material. --- .gitignore | 6 ++++++ configure.ac | 2 +- doc/html/secadv/CVE-2018-1311.txt | 3 +-- doc/releases.xml | 2 +- doc/releases_archive.xml | 9 +++++++++ doc/secadv.xml | 9 +++------ 6 files changed, 21 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 84516529a..be8916095 100644 --- a/.gitignore +++ b/.gitignore @@ -39,6 +39,12 @@ src/XercesCConfigVersion.cmake src/xercesc/util/version.rc # build generated files +.autotools +.cproject +.project +.settings/ +build/ +doc/html/ .libs/ *.dir/ x64/ diff --git a/configure.ac b/configure.ac index d0b316bdf..4af542a29 100644 --- a/configure.ac +++ b/configure.ac @@ -24,7 +24,7 @@ # AC_PREREQ(2.60) -AC_INIT([xerces-c],[3.2.4]) +AC_INIT([xerces-c],[3.2.5]) INTERFACE_VERSION=3.2 GRAMMAR_SERIALIZATION_LEVEL=7 diff --git a/doc/html/secadv/CVE-2018-1311.txt b/doc/html/secadv/CVE-2018-1311.txt index 3cc3ebf7b..c43e57356 100644 --- a/doc/html/secadv/CVE-2018-1311.txt +++ b/doc/html/secadv/CVE-2018-1311.txt @@ -7,8 +7,7 @@ Severity: High Vendor: The Apache Software Foundation -Versions Affected: Apache Xerces-C XML Parser library -(all known versions including 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4) +Versions Affected: Apache Xerces-C XML Parser library < 3.2.5 Description: The Xerces-C XML parser contains a use-after-free error triggered during the scanning of external DTDs. diff --git a/doc/releases.xml b/doc/releases.xml index 99d182295..dbf16d384 100644 --- a/doc/releases.xml +++ b/doc/releases.xml @@ -36,7 +36,7 @@ please refer to <jump href="releases_plan.html">Releases Plan</jump>. <s2 title="Release Information for &XercesCName; &XercesCLatest;"> <p>For a list of bug fixes in &XercesCName; &XercesCLatest;, see the -<jump href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&styleName=Text&projectId=10510">Release Notes</jump> +<jump href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12352411&styleName=Text&projectId=10510">Release Notes</jump> </p> </s2> diff --git a/doc/releases_archive.xml b/doc/releases_archive.xml index e3cce9a10..1c5cf6c95 100644 --- a/doc/releases_archive.xml +++ b/doc/releases_archive.xml @@ -21,6 +21,7 @@ <s1 title="Releases Archive"> <s2 title="Release Information for earlier releases"> <ul> + <li><link anchor="Release324">Release Information for &XercesCName; 3.2.4</link></li> <li><link anchor="Release323">Release Information for &XercesCName; 3.2.3</link></li> <li><link anchor="Release322">Release Information for &XercesCName; 3.2.2</link></li> <li><link anchor="Release321">Release Information for &XercesCName; 3.2.1</link></li> @@ -56,6 +57,14 @@ </ul> </s2> +<anchor name="Release324"/> +<s2 title="Release Information for &XercesCName; 3.2.4"> + +<p>For a list of bug fixes in &XercesCName; 3.2.4, see the +<jump href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&projectId=10510">Release Notes</jump> +</p> +</s2> + <anchor name="Release323"/> <s2 title="Release Information for &XercesCName; 3.2.3"> diff --git a/doc/secadv.xml b/doc/secadv.xml index 54dda5dcf..fca26990a 100644 --- a/doc/secadv.xml +++ b/doc/secadv.xml @@ -20,12 +20,9 @@ <s1 title="Security Advisories"> -<s2 title="Unaddressed Advisories"> - -<p>The following security advisories apply to current versions of -Xerces-C and have not been fixed, in most cases due to insufficient -expertise or resources:</p> - +<s2 title="Addressed in 3.2.5 and Later Releases"> +<p>The following security advisories apply to versions of +Xerces-C older than V3.2.5:</p> <ul> <li><jump href="secadv/CVE-2018-1311.txt">CVE-2018-1311: Apache Xerces-C use-after-free vulnerability scanning external DTD</jump></li> </ul> --------------------------------------------------------------------- To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org For additional commands, e-mail: c-dev-h...@xerces.apache.org