This is an automated email from the ASF dual-hosted git repository.
scantor pushed a commit to branch xerces-3.2
in repository https://gitbox.apache.org/repos/asf/xerces-c.git
The following commit(s) were added to refs/heads/xerces-3.2 by this push:
new 53c164114 Update version and site material.
53c164114 is described below
commit 53c16411466bf90c62617831fe92ed0f41e70882
Author: Scott Cantor <[email protected]>
AuthorDate: Wed Dec 13 11:32:06 2023 -0500
Update version and site material.
---
.gitignore | 6 ++++++
configure.ac | 2 +-
doc/html/secadv/CVE-2018-1311.txt | 3 +--
doc/releases.xml | 2 +-
doc/releases_archive.xml | 9 +++++++++
doc/secadv.xml | 9 +++------
6 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/.gitignore b/.gitignore
index 84516529a..be8916095 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,6 +39,12 @@ src/XercesCConfigVersion.cmake
src/xercesc/util/version.rc
# build generated files
+.autotools
+.cproject
+.project
+.settings/
+build/
+doc/html/
.libs/
*.dir/
x64/
diff --git a/configure.ac b/configure.ac
index d0b316bdf..4af542a29 100644
--- a/configure.ac
+++ b/configure.ac
@@ -24,7 +24,7 @@
#
AC_PREREQ(2.60)
-AC_INIT([xerces-c],[3.2.4])
+AC_INIT([xerces-c],[3.2.5])
INTERFACE_VERSION=3.2
GRAMMAR_SERIALIZATION_LEVEL=7
diff --git a/doc/html/secadv/CVE-2018-1311.txt
b/doc/html/secadv/CVE-2018-1311.txt
index 3cc3ebf7b..c43e57356 100644
--- a/doc/html/secadv/CVE-2018-1311.txt
+++ b/doc/html/secadv/CVE-2018-1311.txt
@@ -7,8 +7,7 @@ Severity: High
Vendor: The Apache Software Foundation
-Versions Affected: Apache Xerces-C XML Parser library
-(all known versions including 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4)
+Versions Affected: Apache Xerces-C XML Parser library < 3.2.5
Description: The Xerces-C XML parser contains a use-after-free error
triggered during the scanning of external DTDs.
diff --git a/doc/releases.xml b/doc/releases.xml
index 99d182295..dbf16d384 100644
--- a/doc/releases.xml
+++ b/doc/releases.xml
@@ -36,7 +36,7 @@ please refer to <jump href="releases_plan.html">Releases
Plan</jump>.
<s2 title="Release Information for &XercesCName; &XercesCLatest;">
<p>For a list of bug fixes in &XercesCName; &XercesCLatest;, see the
-<jump
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&styleName=Text&projectId=10510";>Release
Notes</jump>
+<jump
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12352411&styleName=Text&projectId=10510";>Release
Notes</jump>
</p>
</s2>
diff --git a/doc/releases_archive.xml b/doc/releases_archive.xml
index e3cce9a10..1c5cf6c95 100644
--- a/doc/releases_archive.xml
+++ b/doc/releases_archive.xml
@@ -21,6 +21,7 @@
<s1 title="Releases Archive">
<s2 title="Release Information for earlier releases">
<ul>
+ <li><link anchor="Release324">Release Information for &XercesCName;
3.2.4</link></li>
<li><link anchor="Release323">Release Information for &XercesCName;
3.2.3</link></li>
<li><link anchor="Release322">Release Information for &XercesCName;
3.2.2</link></li>
<li><link anchor="Release321">Release Information for &XercesCName;
3.2.1</link></li>
@@ -56,6 +57,14 @@
</ul>
</s2>
+<anchor name="Release324"/>
+<s2 title="Release Information for &XercesCName; 3.2.4">
+
+<p>For a list of bug fixes in &XercesCName; 3.2.4, see the
+<jump
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12350542&projectId=10510";>Release
Notes</jump>
+</p>
+</s2>
+
<anchor name="Release323"/>
<s2 title="Release Information for &XercesCName; 3.2.3">
diff --git a/doc/secadv.xml b/doc/secadv.xml
index 54dda5dcf..fca26990a 100644
--- a/doc/secadv.xml
+++ b/doc/secadv.xml
@@ -20,12 +20,9 @@
<s1 title="Security Advisories">
-<s2 title="Unaddressed Advisories">
-
-<p>The following security advisories apply to current versions of
-Xerces-C and have not been fixed, in most cases due to insufficient
-expertise or resources:</p>
-
+<s2 title="Addressed in 3.2.5 and Later Releases">
+<p>The following security advisories apply to versions of
+Xerces-C older than V3.2.5:</p>
<ul>
<li><jump href="secadv/CVE-2018-1311.txt">CVE-2018-1311: Apache Xerces-C
use-after-free vulnerability scanning external DTD</jump></li>
</ul>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
