From: Sebastian Pipping <sebastian@pipping.org>
Date: Wed, 28 Aug 2019 14:30:27 +0000 (+0200)
Subject: Changes: Document doctype closing heap overflow
X-Git-Tag: R_2_2_8~18^2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4406ffb998db5a334fe98a30caf82dba555d5547;p=libexpat

Changes: Document doctype closing heap overflow
---

diff --git a/expat/Changes b/expat/Changes
index 74b4806e..28c0c5d5 100644
--- a/expat/Changes
+++ b/expat/Changes
@@ -3,6 +3,11 @@ NOTE: We are looking for help with a few things:
       If you can help, please get in touch.  Thanks!
 
 Release x.x.x xxx xxx xx xxxx
+        Security fixes:
+       #317 #318  Fix heap overflow triggered by XML_GetCurrentLineNumber
+                    (or XML_GetCurrentColumnNumber), and deny internal entities
+                    closing the doctype
+
         Bug fixes:
             #240  Fix cases where XML_StopParser did not have any effect
                     when called from inside of an end element handler
@@ -42,6 +47,7 @@ Release x.x.x xxx xxx xx xxxx
 
         Special thanks to:
             David Loffredo
+            Joonun Jang
             Khajapasha Mohammed
             Kishore Kunche
             Marco Maggi