‘Expat’ Archive

Expat 2.2.4 released 2017-08-23 No Comments

Expat 2.2.4 has recently been released. It features one major bugfix regarding files encoded as UTF-8, and improvements to the build system. If you are using a more ancient version of Visual Studio like 2012, please check the post-2.2.4 commits in Git for related fixes to compilation. Also, founding of Rhodri’s work on Expat by […]

Expat 2.2.3 released, includes security fixes for Windows 2017-08-02 No Comments

Just a quick note that Expat 2.2.3 has been released. For Windows users, it fixes DLL hijacking (CVE-2017-11742). On Linux, extracting entropy for Hash DoS protection no longer blocks, which affected D-Bus and systems that are low on entropy early in the boot process. For more details, please check the change log.

Expat 2.2.2 released 2017-07-14 No Comments

(This article first appeared on XML.com.) A few weeks after release 2.2.1 of the free software XML parsing library Expat, version 2.2.2 now improves on few rough edges (mostly related to compilation) but also fixes security issues. Windows binaries compiled with _UNICODE now use proper entropy for seeding the SipHash algorithm. On Unix-like platforms, accidentally […]

Expat 2.2.1 with security fixes has been released 2017-06-18 No Comments

Expat 2.2.1 has been released. It’s a security release with a variety of security fixes, for instance: An infinite loop denial-of-service fix (that Rhodri James wrote more about), introduction of SipHash against sophisticated hash flooding, use of OS-specific high quality entropy providers like getrandom, integer overflow fixes, and more. We also got better code coverage, […]

Expat 2.0.1 released 2007-06-06 No Comments

Release 2.0.1 of the Expat XML parser is a bugfix release resolving both code and build related issues. Updating is recommended, please see change log for details. Download Changelog