diffoscope 285 released 💠
Chris Lamb
chris at reproducible-builds.org
Fri Jan 17 09:44:23 UTC 2025
Hi,
The diffoscope maintainers are pleased to announce the release of
version 285 of diffoscope.
diffoscope tries to get to the bottom of what makes files or
directories different. It will recursively unpack archives of many
kinds and transform various binary formats into more human-readable
form to compare them. It can compare two tarballs, ISO images, or PDF
just as easily.
Version 285 includes the following changes:
[ Chris Lamb ]
* Validate --css command-line argument. Thanks to Daniel Schmidt @ SRLabs for
the report. (Closes: #396)
* Prevent XML entity expansion attacks through vulnerable versions of
pyexpat. Thanks to Florian Wilkens @ SRLabs for the report. (Closes: #397)
* Print a warning if we have disabled XML comparisons due to a potentially
vulnerable version of pyexpat.
* Remove (unused) logging facility from a few comparators.
* Update copyright years.
## Download
Version 285 is available from Debian unstable as well as PyPI, and
will shortly be available on other platforms surely. More details can
be found here:
https://diffoscope.org/
⦠but source tarballs may be located here:
https://diffoscope.org/archive/
The corresponding Docker image may be run via (for example):
$ docker run --rm -t -w $(pwd) -v $(pwd):$(pwd):ro \
registry.salsa.debian.org/reproducible-builds/diffoscope a b
## Contribute
diffoscope is developed within the "Reproducible builds" effort.
- Git repository
https://salsa.debian.org/reproducible-builds/diffoscope
- Docker image, eg.
registry.salsa.debian.org/reproducible-builds/diffoscope
https://salsa.debian.org/reproducible-builds/diffoscope
- Issues and feature requests
https://salsa.debian.org/reproducible-builds/diffoscope/issues
- Contribution instructions (eg. to file an issue)
https://reproducible-builds.org/contribute/salsa/
Regards,
--
o
⬠⬠Chris Lamb
o o reproducible-builds.org ð
⬠â¬
o
More information about the rb-general
mailing list