Update Changelog and bump version.

author: Andi Albrecht <albrecht.andi@gmail.com> 2021-09-10 08:31:05 +0200
committer: Andi Albrecht <albrecht.andi@gmail.com> 2021-09-10 08:49:09 +0200
commit: 3eec44e52233c68ea8299a16b36ec7f2ad0c2fe3 (patch)
tree: e9978958619c50f85a178fd4e1de086b02e2bc4b
parent: 8238a9e450ed1524e40cb3a8b0b3c00606903aeb (diff)
download: sqlparse-3eec44e52233c68ea8299a16b36ec7f2ad0c2fe3.tar.gz
2 files changed, 12 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 41a4c2a..7be71b6 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,14 @@
-Development Version
--------------------
+Release 0.4.2 (Sep 10, 2021)
+----------------------------
+
+Notable Changes
+
+* IMPORTANT: This release fixes a security vulnerability in the
+  strip comments filter. In this filter a regular expression that was
+  vulnerable to ReDOS (Regular Expression Denial of Service) was
+  used.
+  The vulnerability was discovered by @erik-krogh and @yoff from
+  GitHub Security Lab (GHSL). Thanks for reporting!
 
 Enhancements
 
diff --git a/sqlparse/__init__.py b/sqlparse/__init__.py
index bb9b88a..9cab9d2 100644
--- a/sqlparse/__init__.py
+++ b/sqlparse/__init__.py
@@ -16,7 +16,7 @@ from sqlparse import filters
 from sqlparse import formatter
 
 
-__version__ = '0.4.2.dev0'
+__version__ = '0.4.2'
 __all__ = ['engine', 'filters', 'formatter', 'sql', 'tokens', 'cli']
author	Andi Albrecht <albrecht.andi@gmail.com>	2021-09-10 08:31:05 +0200
committer	Andi Albrecht <albrecht.andi@gmail.com>	2021-09-10 08:49:09 +0200
commit	3eec44e52233c68ea8299a16b36ec7f2ad0c2fe3 (patch)
tree	e9978958619c50f85a178fd4e1de086b02e2bc4b
parent	8238a9e450ed1524e40cb3a8b0b3c00606903aeb (diff)
download	sqlparse-3eec44e52233c68ea8299a16b36ec7f2ad0c2fe3.tar.gz