poi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From uschind...@apache.org
Subject svn commit: r1617724 - /poi/site/src/documentation/content/xdocs/status.xml
Date Wed, 13 Aug 2014 13:10:19 GMT
Author: uschindler
Date: Wed Aug 13 13:10:18 2014
New Revision: 1617724

URL: http://svn.apache.org/r1617724
Log:
Add CVE numbers

Modified:
    poi/site/src/documentation/content/xdocs/status.xml

Modified: poi/site/src/documentation/content/xdocs/status.xml
URL: http://svn.apache.org/viewvc/poi/site/src/documentation/content/xdocs/status.xml?rev=1617724&r1=1617723&r2=1617724&view=diff
==============================================================================
--- poi/site/src/documentation/content/xdocs/status.xml (original)
+++ poi/site/src/documentation/content/xdocs/status.xml Wed Aug 13 13:10:18 2014
@@ -42,21 +42,21 @@
     </release>
     -->
 
-    <release version="3.11-beta2" date="2014-08-20">
+    <release version="3.11-beta2" date="2014-??-??">
         <action dev="PD" type="fix" fixes-bug="56812">For XSLF Pictures, provide a
way to get the URI of externally linked pictures</action>
-        <action dev="PD" type="fix" fixes-bug="54764">On supported XML parser versions
(Xerces or JVM built-in, XMLBeans 2.6), enforce sensible limits on entity expansion in OOXML
files, and ensure that subsequent normal files still pass fine</action>
+        <action dev="PD" type="fix" fixes-bug="54764">On supported XML parser versions
(Xerces or JVM built-in, XMLBeans 2.6), enforce sensible limits on entity expansion in OOXML
files, and ensure that subsequent normal files still pass fine (CVE-2014-3574)</action>
         <action dev="PD" type="fix">Recommended Apache XMLBeans version increased to
2.6.0 (any version from 2.3.0 or later will work though)</action>
         <action dev="PD" type="fix" fixes-bug="56800">Provide a helpful exception,
XLSBUnsupportedException, if XSSFWorkbook is passed a .xlsb file</action>
         <action dev="US" type="fix" fixes-bug="56814">Switch from dom4j to JAXP</action>
     </release>
 
-    <release version="3.10.1" date="2014-08-20">
-        <action dev="PD" type="fix" fixes-bug="54764">On supported XML parser versions
(Xerces or JVM built-in, XMLBeans 2.6), enforce sensible limits on entity expansion in OOXML
files, and ensure that subsequent normal files still pass fine</action>
-        <action dev="PD" type="fix" fixes-bug="56164">Tidy up the OPC SAX setup code
with a new common Helper, preventing external entity expansion</action>
+    <release version="3.10.1" date="2014-08-18">
+        <action dev="PD" type="fix" fixes-bug="54764">On supported XML parser versions
(Xerces or JVM built-in, XMLBeans 2.6), enforce sensible limits on entity expansion in OOXML
files, and ensure that subsequent normal files still pass fine (CVE-2014-3574)</action>
+        <action dev="PD" type="fix" fixes-bug="56164">Tidy up the OPC SAX setup code
with a new common Helper, preventing external entity expansion (CVE-2014-3529)</action>
     </release>
 
     <release version="3.11-beta1" date="2014-08-04">
-        <action dev="PD" type="fix" fixes-bug="56164">Tidy up the OPC SAX setup code
with a new common Helper, preventing external entity expansion</action>
+        <action dev="PD" type="fix" fixes-bug="56164">Tidy up the OPC SAX setup code
with a new common Helper, preventing external entity expansion (CVE-2014-3529)</action>
         <action dev="PD" type="fix" fixes-bug="55196">Correct XWPF createTOC handling
of short style names</action>
         <action dev="PD" type="fix" fixes-bug="55050">If the start+end row and cell
are the same on an AreaPtg, avoid inverting the relative flag</action>
         <action dev="PD" type="fix" fixes-bug="54725">HWPF where no parent style CHP
exists, use an empty set when processing the style to avoid a NPE</action>



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org


Mime
View raw message