Release 2.1.5

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/branches/php4@1814 48356398-32a2-884e-a903-53898d9a118a
2025-08-21 05:11:39 +02:00 · 2008-06-19 22:57:15 +00:00
parent 2cc829a8cf
commit f38e81785f
7 changed files with 13 additions and 12 deletions
--- a/13
+++ b/13
@@ -1,6 +1,7 @@
-Security release 2.1.4 is a backport release that fixes a vulnerability
-related to URI handling. In addition, it also includes a number of
-bugfixes that have accumulated in the HTML Purifier 3 series but had
-not been merged back yet. Please remember that HTML Purifier 2.1 will
-be deprecated and will be officially dropped by the end of 2008. Please
-only use it for legacy PHP 4 installs.
+Security and bugfix release 2.1.5 is a backport that fixes two vulnerabilities
+related to CSS, one of which only occurs under Shift_JIS. It also improves
+imagecrash protection (percent CSS width and height is now disabled for
+images, and you can control the bounds with %CSS.MaxImgLength and
+%HTML.MaxImgLength). Finally, there are number of bug fixes, most notably 
+support for text-decoration: none, improved adherence to Unicode and increased
+percent encoding checks.