From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <daniel.c.buenzli@gmail.com>
X-Original-To: caml-list@yquem.inria.fr
Delivered-To: caml-list@yquem.inria.fr
Received: from mail1-relais-roc.national.inria.fr (mail1-relais-roc.national.inria.fr [192.134.164.82])
	by yquem.inria.fr (Postfix) with ESMTP id 4DA95BC37
	for <caml-list@yquem.inria.fr>; Wed, 11 Nov 2009 15:02:09 +0100 (CET)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgUBAO5S+krRVdPEkGdsb2JhbACEc5ZgPwEBAQEJCQwHEwOvMoFhhj6IagEDAwWBK4I4VASCZodN
X-IronPort-AV: E=Sophos;i="4.44,723,1249250400"; 
   d="scan'208";a="39922653"
Received: from mail-yw0-f196.google.com ([209.85.211.196])
  by mail1-smtp-roc.national.inria.fr with ESMTP; 11 Nov 2009 15:02:08 +0100
Received: by ywh34 with SMTP id 34so983504ywh.1
        for <multiple recipients>; Wed, 11 Nov 2009 06:02:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:sender:received:date
         :x-google-sender-auth:message-id:subject:from:to:content-type;
        bh=s0osFpgi8ajB74rcBT6lYH0jK3XEeUC7YSeRJ+OWjaE=;
        b=lGRS7ea++egrarrU8jAuuy6ixoN48iK0gWZY7S2HXg9p52cskzgV8BYzJSVZAWSPBr
         SDWtAxiLCTknCptyjKdW0/k2/SGydK68Xzb98F/vp865Nru44btQFAYmGELsIAMXwhWI
         2Q7XBjB47pnygiR5jXuqsMYZ8CsfTR4hCym8s=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:sender:date:x-google-sender-auth:message-id:subject
         :from:to:content-type;
        b=PfJYaRseFjHbi6TdfgBNeXCx6atudWpdkKEpE8cTisnh6QwxOBwZsYhLh1ZK6EmMVm
         TukHOoFcBj5/c/HpxUmFcVyQMPGFggLY4ecL6VaBZRt9gpDwmL/sRJCYlQWLES9aQPSF
         cgGNvZ00dduCqU/BjiJUeMeYuoxAVFpfgR3jA=
MIME-Version: 1.0
Sender: daniel.c.buenzli@gmail.com
Received: by 10.213.103.9 with SMTP id i9mr1720407ebo.16.1257948119338; Wed, 
	11 Nov 2009 06:01:59 -0800 (PST)
Date: Wed, 11 Nov 2009 22:01:59 +0800
X-Google-Sender-Auth: 014f45ae221025af
Message-ID: <91a3da520911110601t50ff710ftc48403a44eee0f6d@mail.gmail.com>
Subject: ANNOUNCE Xmlm 1.0.2
From: =?UTF-8?Q?Daniel_B=C3=BCnzli?= <daniel.buenzli@erratique.ch>
To: caml-hump@inria.fr, debian-ocaml-maint@lists.debian.org,
	Richard Jones <rich@annexia.org>, caml-list@inria.fr
Content-Type: text/plain; charset=UTF-8
X-Spam: no; 0.00; buenzli:01 namespaces:01 maliciously:01 stack:01 native:03 overflow:03 daniel:04 daniel:04 fix:05 crept:05 attributes:08 file:11 doesn't:12 announce:12 rev:12 

Hello,

A new version of Xmlm is available.
It's a security update. All users are recommended to upgrade.

http://erratique.ch/software/xmlm

A call to List.map crept into my implementation of namespaces. A
maliciously crafted xml file with a very large amount of attributes on a
single tag can crash your (native code) program by stack overflow. The fix
doesn't affect performance -- a rev and a map makes a t.r. rev_map.

Daniel