2017-06-21 17:18:01 UTC
security fixes in the new expat release 2.2.1 Sat June 17 2017
* CVE-2017-9233 -- External entity infinite loop DoS
* [MOX-002] CVE-2016-9063 -- Detect integer overflow
(Fixed version of existing downstream patches!)
Would I be right in guessing functional changes since 2.1.0 would need
a lot of testing?