From df2f7ac740a9befccd8c580f3f0062c8c95266ab Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Mon, 31 May 2010 21:00:28 -0700 Subject: [PATCH] Release 4.1.1. Signed-off-by: Edward Z. Yang --- .htaccess.in | 4 +-- current-hashes.txt | 12 +++---- current.ent | 4 +-- live | 2 +- news/2010/0531-4.1.1-released.txt | 29 +++++++++++++++++ news/2010/0531-4.1.1-released.xhtml | 37 ++++++++++++++++++++++ release.txt | 13 ++++---- releases/htmlpurifier-4.1.1-lite.tar.gz.sig | Bin 0 -> 72 bytes releases/htmlpurifier-4.1.1-lite.zip.sig | Bin 0 -> 72 bytes releases/htmlpurifier-4.1.1-standalone.tar.gz.sig | Bin 0 -> 72 bytes releases/htmlpurifier-4.1.1-standalone.zip.sig | Bin 0 -> 72 bytes releases/htmlpurifier-4.1.1.tar.gz.sig | Bin 0 -> 72 bytes releases/htmlpurifier-4.1.1.zip.sig | Bin 0 -> 72 bytes 13 files changed, 83 insertions(+), 18 deletions(-) rewrite current-hashes.txt (89%) create mode 100644 news/2010/0531-4.1.1-released.txt create mode 100644 news/2010/0531-4.1.1-released.xhtml create mode 100644 releases/htmlpurifier-4.1.1-lite.tar.gz.sig create mode 100644 releases/htmlpurifier-4.1.1-lite.zip.sig create mode 100644 releases/htmlpurifier-4.1.1-standalone.tar.gz.sig create mode 100644 releases/htmlpurifier-4.1.1-standalone.zip.sig create mode 100644 releases/htmlpurifier-4.1.1.tar.gz.sig create mode 100644 releases/htmlpurifier-4.1.1.zip.sig diff --git a/.htaccess.in b/.htaccess.in index a662ff9..ddbd8fa 100644 --- a/.htaccess.in +++ b/.htaccess.in @@ -8,9 +8,9 @@ RewriteRule (^|/)\.git/ - [F] # Old release warning rewrites RewriteCond %{REQUEST_METHOD} !=POST -RewriteCond %{REQUEST_URI} !/htmlpurifier-4\.1\.0(\.|-standalone|-lite) +RewriteCond %{REQUEST_URI} !/htmlpurifier-4\.1\.1(\.|-standalone|-lite) RewriteCond %{REQUEST_URI} !/htmlpurifier-trunk(\.|-standalone|-lite) -RewriteCond %{REQUEST_URI} !/phorum-htmlpurifier-4\.1\.0\. +RewriteCond %{REQUEST_URI} !/phorum-htmlpurifier-4\.1\.1\. RewriteCond %{REQUEST_URI} !\.sig$ RewriteRule ^releases/(htmlpurifier-|phorum-) releases/warning.html [N] diff --git a/current-hashes.txt b/current-hashes.txt dissimilarity index 89% index 0b8dabb..0e9d455 100644 --- a/current-hashes.txt +++ b/current-hashes.txt @@ -1,6 +1,6 @@ -b79dd5daaf9bc342699bd0c0ea957eecbf8e34d1 htmlpurifier-4.1.0-lite.tar.gz -f09bed948ceb51729444cc69f3efee8fdf413fd8 htmlpurifier-4.1.0-lite.zip -1def78850cfe0ab82c092efe5db76a33ef6ce0fb htmlpurifier-4.1.0-standalone.tar.gz -1267dbe169075fb3df7dbbf403ca0c8a68dc54c5 htmlpurifier-4.1.0-standalone.zip -e8f6f8f6d03cebcaed87cf335467ebf58223578d htmlpurifier-4.1.0.tar.gz -972368029049af460c07378e77df4ca88240e193 htmlpurifier-4.1.0.zip +f51260159386f643eb53d4a7eabf737526335c30 htmlpurifier-4.1.1-lite.tar.gz +c5362a029e860604c13aac6d56bdb326026a5cae htmlpurifier-4.1.1-lite.zip +dc2cc8cbd0a345e4d8c87b20602fa9dc393f122c htmlpurifier-4.1.1-standalone.tar.gz +27ec68ee2d65312aa6c20f1c9820ee8cccf73888 htmlpurifier-4.1.1-standalone.zip +b8e43a4837fd37397e04c41b54af5e684cbf8457 htmlpurifier-4.1.1.tar.gz +61bf9b526378c8dca5c4203e7a7edc2cd878f5e1 htmlpurifier-4.1.1.zip diff --git a/current.ent b/current.ent index 260cac4..face125 100644 --- a/current.ent +++ b/current.ent @@ -1,5 +1,5 @@ - - + + diff --git a/live b/live index f4c6e10..18e5383 160000 --- a/live +++ b/live @@ -1 +1 @@ -Subproject commit f4c6e10ff7d091e97cda0fcb0c50cdcdb361aee3 +Subproject commit 18e538317a877a0509ae71a860429c41770da230 diff --git a/news/2010/0531-4.1.1-released.txt b/news/2010/0531-4.1.1-released.txt new file mode 100644 index 0000000..5a03340 --- /dev/null +++ b/news/2010/0531-4.1.1-released.txt @@ -0,0 +1,29 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +HTML Purifier 4.1.1 is a major security and bugfix release that +improves on 4.1's fix for an XSS vulnerability exploitable on Internet +Explorer. It also contains a number of important bugfixes, including +the removal of improper logic that could result in infinite loops and +fixed parsing for single-attributes with entities with DirectLex. + +Release notes for 4.1.1: + http://repo.or.cz/w/htmlpurifier.git?a=blob_plain;f=NEWS + +Download links for 4.1.1: + http://htmlpurifier.org/releases/htmlpurifier-4.1.1.tar.gz + http://htmlpurifier.org/releases/htmlpurifier-4.1.1.zip + +SHA-1 sums: +b8e43a4837fd37397e04c41b54af5e684cbf8457 htmlpurifier-4.1.1.tar.gz +61bf9b526378c8dca5c4203e7a7edc2cd878f5e1 htmlpurifier-4.1.1.zip + +Other downloads (standalone and lite): + http://htmlpurifier.org/download.html +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.10 (GNU/Linux) + +iEYEARECAAYFAkwEhOwACgkQqTO+fYacSNqDqACgiI7IJ0mzdVLQJb3ZzelbJ4On +gFAAn2dT/4dR+wr9hFBljdQSTwslvAA9 +=mZA5 +-----END PGP SIGNATURE----- diff --git a/news/2010/0531-4.1.1-released.xhtml b/news/2010/0531-4.1.1-released.xhtml new file mode 100644 index 0000000..6f96a06 --- /dev/null +++ b/news/2010/0531-4.1.1-released.xhtml @@ -0,0 +1,37 @@ + + + + + HTML Purifier 4.1.1 released - News - HTML Purifier + + + + + + +
+

HTML Purifier 4.1.1 released

+ +
+

+HTML Purifier 4.1.1 is a major security and bugfix release that +improves on 4.1's fix for an XSS vulnerability exploitable on Internet +Explorer. It also contains a number of important bugfixes, including +the removal of improper logic that could result in infinite loops and +fixed parsing for single-attributes with entities with DirectLex. +

+

+ See NEWS + for a complete changelog. +

+
+
+ + diff --git a/release.txt b/release.txt index f2f6498..df5d23b 100644 --- a/release.txt +++ b/release.txt @@ -11,7 +11,7 @@ In order to perform a release, a few steps have to be taken: # Write new WHATSNEW and FOCUS entry # Commit as "Release x.y.z." and push # [ ] Tag and push the release - . `git tag -u 0x1E1C674B vx.y.z` (this is Edward's master private key; + . `git tag -u 0x869C48DA vx.y.z` (this is Edward's master private key; substitute with your own if you're making a release. Use tag message "HTML Purifier vx.y.z") . `git push --tags` @@ -39,7 +39,7 @@ In order to perform a release, a few steps have to be taken: - news/YEAR/MODA-name.txt . Use: news item on webpage (add link to webpage as HTML Purifier), download links (substitute in htmlpurifier.org), sha-1 sums. - . Sign using `gpg -u 0x1E1C674B --clearsign filename` then move *.txt.asc over *.txt original + . Sign using `gpg -u 0x869C48DA --clearsign filename` then move *.txt.asc over *.txt original - current.ent . Bump version number and date - Update submodule live/ @@ -53,12 +53,11 @@ In order to perform a release, a few steps have to be taken: == Post-procedures == ( SVN compatibility; this is still in the air ) -# svn import a clean Git checkout of the tag with the .git directory removed - to svn+ssh://ezyang@htmlpurifier.org/svnroot/htmlpurifier/tags/1.2.3 - (even better s/htmlpurifier.org/SVN.HTMLPurifier/ if you have the appropriate - PuTTY session registered) (NOT TESTED!) +# svn import a clean Git checkout of the tag with the .git directory + removed with: + svn import svn+ssh://ezyang@htmlpurifier.org/home/ezyang/svn/svnroot/htmlpurifier/tags/1.2.3 -# [@] Regenerate API documentation with `maintenance/regenerate-docs.sh` +# [@] Regenerate API documentation with `regenerate-docs.sh` # Smoketest release by downloading packages, verify contents list, sha1 and sig # Upload PEAR release at http://htmlpurifier.org/pear-server.php # Regenerate configuration documentation diff --git a/releases/htmlpurifier-4.1.1-lite.tar.gz.sig b/releases/htmlpurifier-4.1.1-lite.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..5b084347f0313ee7653dadb69a9a4f71f9c2668e GIT binary patch literal 72 zcwPZW0Jr~$Mg#y60ssaD0!##cJOBy_5UDf1eTJM!+SOnHpK`H6B+jPCf*xe+(f;__ e-34Vd{L e#y8TtYyh8OuEeFW#g_Yf3jpm+ctOiITYxcma2*Q( literal 0 HcwPel00001 diff --git a/releases/htmlpurifier-4.1.1.tar.gz.sig b/releases/htmlpurifier-4.1.1.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..f8a11665a1067cbea6ff63b089e6174f1ebb0bf5 GIT binary patch literal 72 zcwPZW0Jr~$Mg#y60ssaD0!##cIRFX?5UDf1eTJM!+R%Xjo+B^ji?2Hvu84!!K~5UDf1eTJM!+M1^To-YQErAD@H95Bf!47&=d eD^60zS^%61PBB8uPBHH&>MdDN{KOo$H#`6c6BuIv literal 0 HcwPel00001 -- 2.11.4.GIT