Release candidate 20211018.2

mikesamuel · mikesamuel · commit 62a0715666b5 · 2021-10-18T15:51:41.000-04:00
diff --git a/aggregate/pom.xml b/aggregate/pom.xml
@@ -3,12 +3,12 @@
   <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
   <artifactId>aggregate</artifactId>
   <packaging>pom</packaging>
-  <version>20211018.2-SNAPSHOT</version>
+  <version>20211018.2</version>
   <parent>
     <relativePath>../parent</relativePath>
     <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
     <artifactId>parent</artifactId>
-    <version>20211018.2-SNAPSHOT</version>
+    <version>20211018.2</version>
   </parent>
 
   <modules>
diff --git a/change_log.md b/change_log.md
@@ -1,6 +1,10 @@
 # OWASP Java HTML Sanitizer Change Log
 
 Most recent at top.
+  * Release 20211018.2
+    * Tweak how we address CVE-2021-42575 to be more tailored and to
+      interfere less with `<style>` element content in general.  We
+      still advise not allowing attacker controlled `<style>` content.
   * Release 20211018.1
     * Fix [CVE-2021-42575](https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50/edit#)
     * Changes rendering of `<style>` elements by wrapping text content
diff --git a/empiricism/pom.xml b/empiricism/pom.xml
@@ -2,13 +2,13 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
   <artifactId>html-types</artifactId>
-  <version>20211018.2-SNAPSHOT</version>
+  <version>20211018.2</version>
   <packaging>jar</packaging>
   <parent>
     <relativePath>../parent</relativePath>
     <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
     <artifactId>parent</artifactId>
-    <version>20211018.2-SNAPSHOT</version>
+    <version>20211018.2</version>
   </parent>
 
   <name>empiricism</name>
diff --git a/html-types/pom.xml b/html-types/pom.xml
@@ -2,13 +2,13 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
   <artifactId>html-types</artifactId>
-  <version>20211018.2-SNAPSHOT</version>
+  <version>20211018.2</version>
   <packaging>bundle</packaging>
   <parent>
     <relativePath>../parent</relativePath>
     <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
     <artifactId>parent</artifactId>
-    <version>20211018.2-SNAPSHOT</version>
+    <version>20211018.2</version>
   </parent>
 
   <name>OWASP Java HTML Sanitizer Safe HTML Compatibility</name>
diff --git a/parent/pom.xml b/parent/pom.xml
@@ -2,7 +2,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
   <artifactId>parent</artifactId>
-  <version>20211018.2-SNAPSHOT</version>
+  <version>20211018.2</version>
 
   <packaging>pom</packaging>
 
diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
     <relativePath>parent</relativePath>
     <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
     <artifactId>parent</artifactId>
-    <version>20211018.2-SNAPSHOT</version>
+    <version>20211018.2</version>
   </parent>
 
   <name>OWASP Java HTML Sanitizer</name>
