Sourced from rexml's changelog.
3.2.5 - 2021-04-05 {#version-3-2-5}
Improvements
Add more validations to XPath parser.
require "rexml/document"
by default. [GitHub#36][Patch by Koichi ITO]Don't add
#dcloe
method to core classes globally. [GitHub#37][Patch by Akira Matsuda]Add more documentations. [Patch by Burdette Lamar]
Added
REXML::Elements#parent
. [GitHub#52][Patch by Burdette Lamar]Fixes
Fixed a bug that
REXML::DocType#clone
doesn't copy external ID information.Fixed round-trip vulnerability bugs. See also: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ [HackerOne#1104077][CVE-2021-28965][Reported by Juho Nurminen]
Thanks
Koichi ITO
Akira Matsuda
Burdette Lamar
Juho Nurminen
a622645
Add 3.2.5 entry3c137eb
Fix a parser bug that some data may be ignored before DOCTYPE9b311e5
Fix a bug that invalid document declaration may be acceptedf9d88e4
Fix a bug that invalid document declaration may be generatedf7bab89
Fix a bug that invalid element end may be accepted6a250d2
Fix a bug that invalid element start may be accepted2fe62e2
Fix a bug that invalid notation declaration may be accepteda659c63
Fix a bug that invalid notation declaration may be generated790dd11
Use ruby/setup-ruby (https://github.com/facebook/rocksdb/issues/66)eda1b20
Clean up and enhance high-level RDoc (https://github.com/facebook/rocksdb/issues/65)