Release docs
This commit is contained in:
parent
3a0de6e6f8
commit
8b59b61250
|
@ -2545,13 +2545,13 @@ public class XmlParserDstu3Test {
|
|||
public void testXxe() {
|
||||
//@formatter:off
|
||||
String input =
|
||||
"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n" +
|
||||
"<!DOCTYPE foo [ \n" +
|
||||
"<!ELEMENT foo ANY >\n" +
|
||||
"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>" +
|
||||
"<!DOCTYPE foo [ " +
|
||||
"<!ELEMENT foo ANY >" +
|
||||
"<!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]>" +
|
||||
"<Patient xmlns=\"http://hl7.org/fhir\">" +
|
||||
"<text>" +
|
||||
"<div xmlns=\"http://www.w3.org/1999/xhtml\">TEXT &xxe; TEXT</div>\n" +
|
||||
"<div xmlns=\"http://www.w3.org/1999/xhtml\">TEXT &xxe; TEXT</div>" +
|
||||
"</text>" +
|
||||
"<address>" +
|
||||
"<line value=\"FOO\"/>" +
|
||||
|
@ -2559,6 +2559,8 @@ public class XmlParserDstu3Test {
|
|||
"</Patient>";
|
||||
//@formatter:on
|
||||
|
||||
ourLog.info(input);
|
||||
|
||||
try {
|
||||
ourCtx.newXmlParser().parseResource(Patient.class, input);
|
||||
fail();
|
||||
|
|
|
@ -60,6 +60,44 @@
|
|||
</section>
|
||||
|
||||
<section name="Announcements">
|
||||
<p>
|
||||
<b>April 20, 2016 - HAPI FHIR 1.5 Released</b> -
|
||||
The next release of HAPI has now been uploaded to the Maven repos and
|
||||
GitHub's releases section. This release corrects a security vulnerability
|
||||
as described below. All users are recommended to upgrade.
|
||||
</p>
|
||||
<p>
|
||||
This release brings a number of bugfixes and a few bigger things.
|
||||
As always, the <a href="./changes-report.html">changelog</a> has the full list
|
||||
of changes in this version. Some changes of note include:
|
||||
</p>
|
||||
<ul>
|
||||
<li>
|
||||
This release fixes a security vulnerability in the XML parser. See
|
||||
GitHub <a href="https://github.com/jamesagnew/hapi-fhir/issues/339">Issue #339</a>
|
||||
for information.
|
||||
</li>
|
||||
<li>
|
||||
This release adds support for the current draft STU3 structure definitions,
|
||||
known as FHIR 1.4.0 (or the Montreal Connectathon Snapshot). See the
|
||||
<a href="./downloads.html">downloads page</a> for information on the
|
||||
various versions of FHIR supported by HAPI FHIR.
|
||||
</li>
|
||||
<li>
|
||||
A new
|
||||
<a href="./doc_rest_client_alternate_provider.html">JAX-RS based client</a>
|
||||
has been added.
|
||||
</li>
|
||||
<li>
|
||||
A
|
||||
<a href="./doc_rest_server_security.html">Server Security Interceptor</a>
|
||||
has been added.
|
||||
</li>
|
||||
</ul>
|
||||
<p>
|
||||
- <a href="https://github.com/jamesagnew/">James Agnew</a>
|
||||
</p>
|
||||
<!--
|
||||
<p>
|
||||
<b>February 4, 2016 - HAPI FHIR 1.4 Released</b> -
|
||||
The next release of HAPI has now been uploaded to the Maven repos and
|
||||
|
@ -119,6 +157,7 @@
|
|||
<a href="http://goo.gl/forms/R8Ifg2qvOY">HAPI FHIR Community Survey</a>, we
|
||||
would really appreciate if you did so!
|
||||
</p>
|
||||
-->
|
||||
<!--
|
||||
<p>
|
||||
<b>November 15, 2015 - HAPI FHIR 1.3 Released</b> -
|
||||
|
|
Loading…
Reference in New Issue