org.hl7.fhir.core/RELEASE_NOTES.md

## Validator Changes

* update FHIRPath implementation for corrections to 'as' (R5 only in validator)
* Critical Security fix: enforce correct paths when unpacking archives (SecurityAdvisory-1082, CVE TBA)

## Other code changes

* Update to latest FHIRPath for older versions 
* Add new ElementModel based parser for StructureMaps
* go-publish related changes
* FTP Client upload and logging improvements
* Refactor base64 handling for Android compatibility

## Security Note

The validator unzips archive files to the local file system when 
it is scanning zip files it has been asked to validate, and when it is
installing packages. These processes are now resistant to the zip-slip
vulnerability.
Fix package location for CacheVerificationLogger 2022-02-03 16:35:26 -05:00			`## Validator Changes`

release notes 2023-01-20 17:30:39 +11:00			`* update FHIRPath implementation for corrections to 'as' (R5 only in validator)`
release notes for security alert 2023-01-21 06:11:44 +11:00			`* Critical Security fix: enforce correct paths when unpacking archives (SecurityAdvisory-1082, CVE TBA)`
Fix package location for CacheVerificationLogger 2022-02-03 16:35:26 -05:00
			`## Other code changes`

release notes 2023-01-21 06:07:26 +11:00			`* Update to latest FHIRPath for older versions`
			`* Add new ElementModel based parser for StructureMaps`
release notes 2023-01-20 17:30:39 +11:00			`* go-publish related changes`
Update RELEASE_NOTES.md *NO_CI* 2023-01-18 12:43:49 -05:00			`* FTP Client upload and logging improvements`
release notes 2023-01-21 06:07:26 +11:00			`* Refactor base64 handling for Android compatibility`

add security note 2023-01-21 06:19:06 +11:00			`## Security Note`

			`The validator unzips archive files to the local file system when`
			`it is scanning zip files it has been asked to validate, and when it is`
			`installing packages. These processes are now resistant to the zip-slip`
			`vulnerability.`