From 285 release notes: ``` [ Chris Lamb ] * Validate --css command-line argument. Thanks to Daniel Schmidt @ SRLabs for the report. (Closes: #396) * Prevent XML entity expansion attacks through vulnerable versions of pyexpat. Thanks to Florian Wilkens @ SRLabs for the report. (Closes: #397) * Print a warning if we have disabled XML comparisons due to a potentially vulnerable version of pyexpat. * Remove (unused) logging facility from a few comparators. * Update copyright years. ```
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=efe79ceb6bba44a7ce324fa942193692e52b892c commit efe79ceb6bba44a7ce324fa942193692e52b892c Author: Sam James <sam@gentoo.org> AuthorDate: 2025-01-20 04:24:57 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2025-01-20 04:24:57 +0000 dev-util/diffoscope: add 285 Bug: https://bugs.gentoo.org/948426 Signed-off-by: Sam James <sam@gentoo.org> dev-util/diffoscope/Manifest | 1 + dev-util/diffoscope/diffoscope-285.ebuild | 140 ++++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+)