(xerces-c) branch xerces-3.2 updated: Update version and site material.

Wed, 13 Dec 2023 08:32:58 -0800 

This is an automated email from the ASF dual-hosted git repository.

scantor pushed a commit to branch xerces-3.2
in repository https://gitbox.apache.org/repos/asf/xerces-c.git


The following commit(s) were added to refs/heads/xerces-3.2 by this push:
     new 53c164114 Update version and site material.
53c164114 is described below

commit 53c16411466bf90c62617831fe92ed0f41e70882
Author: Scott Cantor <canto...@osu.edu>
AuthorDate: Wed Dec 13 11:32:06 2023 -0500

    Update version and site material.
---
 .gitignore                        | 6 ++++++
 configure.ac                      | 2 +-
 doc/html/secadv/CVE-2018-1311.txt | 3 +--
 doc/releases.xml                  | 2 +-
 doc/releases_archive.xml          | 9 +++++++++
 doc/secadv.xml                    | 9 +++------
 6 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/.gitignore b/.gitignore
index 84516529a..be8916095 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,6 +39,12 @@ src/XercesCConfigVersion.cmake
 src/xercesc/util/version.rc
 
 # build generated files
+.autotools
+.cproject
+.project
+.settings/
+build/
+doc/html/
 .libs/
 *.dir/
 x64/
diff --git a/configure.ac b/configure.ac
index d0b316bdf..4af542a29 100644
--- a/configure.ac
+++ b/configure.ac
@@ -24,7 +24,7 @@
 #
 
 AC_PREREQ(2.60)
-AC_INIT([xerces-c],[3.2.4])
+AC_INIT([xerces-c],[3.2.5])
 INTERFACE_VERSION=3.2
 GRAMMAR_SERIALIZATION_LEVEL=7
 
diff --git a/doc/html/secadv/CVE-2018-1311.txt 
b/doc/html/secadv/CVE-2018-1311.txt
index 3cc3ebf7b..c43e57356 100644
--- a/doc/html/secadv/CVE-2018-1311.txt
+++ b/doc/html/secadv/CVE-2018-1311.txt
@@ -7,8 +7,7 @@ Severity: High
 
 Vendor: The Apache Software Foundation
 
-Versions Affected: Apache Xerces-C XML Parser library
-(all known versions including 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4)
+Versions Affected: Apache Xerces-C XML Parser library < 3.2.5
 
 Description: The Xerces-C XML parser contains a use-after-free error
 triggered during the scanning of external DTDs.
diff --git a/doc/releases.xml b/doc/releases.xml
index 99d182295..dbf16d384 100644
--- a/doc/releases.xml
+++ b/doc/releases.xml
@@ -36,7 +36,7 @@ please refer to <jump href="releases_plan.html">Releases 
Plan</jump>.
 <s2 title="Release Information for &XercesCName; &XercesCLatest;">
 
 <p>For a list of bug fixes in &XercesCName; &XercesCLatest;, see the
-<jump 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&amp;styleName=Text&amp;projectId=10510";>Release
 Notes</jump>
+<jump 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12352411&amp;styleName=Text&amp;projectId=10510";>Release
 Notes</jump>
 </p>
 
 </s2>
diff --git a/doc/releases_archive.xml b/doc/releases_archive.xml
index e3cce9a10..1c5cf6c95 100644
--- a/doc/releases_archive.xml
+++ b/doc/releases_archive.xml
@@ -21,6 +21,7 @@
 <s1 title="Releases Archive">
     <s2 title="Release Information for earlier releases">
       <ul>
+        <li><link anchor="Release324">Release Information for &XercesCName; 
3.2.4</link></li>
         <li><link anchor="Release323">Release Information for &XercesCName; 
3.2.3</link></li>
         <li><link anchor="Release322">Release Information for &XercesCName; 
3.2.2</link></li>
         <li><link anchor="Release321">Release Information for &XercesCName; 
3.2.1</link></li>
@@ -56,6 +57,14 @@
       </ul>
     </s2>
 
+<anchor name="Release324"/>
+<s2 title="Release Information for &XercesCName; 3.2.4">
+
+<p>For a list of bug fixes in &XercesCName; 3.2.4, see the
+<jump 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&amp;projectId=10510";>Release
 Notes</jump>
+</p>
+</s2>
+
 <anchor name="Release323"/>
 <s2 title="Release Information for &XercesCName; 3.2.3">
 
diff --git a/doc/secadv.xml b/doc/secadv.xml
index 54dda5dcf..fca26990a 100644
--- a/doc/secadv.xml
+++ b/doc/secadv.xml
@@ -20,12 +20,9 @@
 
 <s1 title="Security Advisories">
 
-<s2 title="Unaddressed Advisories">
-
-<p>The following security advisories apply to current versions of
-Xerces-C and have not been fixed, in most cases due to insufficient
-expertise or resources:</p>
-
+<s2 title="Addressed in 3.2.5 and Later Releases">
+<p>The following security advisories apply to versions of
+Xerces-C older than V3.2.5:</p>
 <ul>
   <li><jump href="secadv/CVE-2018-1311.txt">CVE-2018-1311: Apache Xerces-C 
use-after-free vulnerability scanning external DTD</jump></li>
 </ul>


---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

Reply via email to