From df2f7ac740a9befccd8c580f3f0062c8c95266ab Mon Sep 17 00:00:00 2001
From: "Edward Z. Yang" <ezyang@mit.edu>
Date: Mon, 31 May 2010 21:00:28 -0700
Subject: [PATCH] Release 4.1.1.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
---
 .htaccess.in                                      |   4 +--
 current-hashes.txt                                |  12 +++----
 current.ent                                       |   4 +--
 live                                              |   2 +-
 news/2010/0531-4.1.1-released.txt                 |  29 +++++++++++++++++
 news/2010/0531-4.1.1-released.xhtml               |  37 ++++++++++++++++++++++
 release.txt                                       |  13 ++++----
 releases/htmlpurifier-4.1.1-lite.tar.gz.sig       | Bin 0 -> 72 bytes
 releases/htmlpurifier-4.1.1-lite.zip.sig          | Bin 0 -> 72 bytes
 releases/htmlpurifier-4.1.1-standalone.tar.gz.sig | Bin 0 -> 72 bytes
 releases/htmlpurifier-4.1.1-standalone.zip.sig    | Bin 0 -> 72 bytes
 releases/htmlpurifier-4.1.1.tar.gz.sig            | Bin 0 -> 72 bytes
 releases/htmlpurifier-4.1.1.zip.sig               | Bin 0 -> 72 bytes
 13 files changed, 83 insertions(+), 18 deletions(-)
 rewrite current-hashes.txt (89%)
 create mode 100644 news/2010/0531-4.1.1-released.txt
 create mode 100644 news/2010/0531-4.1.1-released.xhtml
 create mode 100644 releases/htmlpurifier-4.1.1-lite.tar.gz.sig
 create mode 100644 releases/htmlpurifier-4.1.1-lite.zip.sig
 create mode 100644 releases/htmlpurifier-4.1.1-standalone.tar.gz.sig
 create mode 100644 releases/htmlpurifier-4.1.1-standalone.zip.sig
 create mode 100644 releases/htmlpurifier-4.1.1.tar.gz.sig
 create mode 100644 releases/htmlpurifier-4.1.1.zip.sig

diff --git a/.htaccess.in b/.htaccess.in
index a662ff9..ddbd8fa 100644
--- a/.htaccess.in
+++ b/.htaccess.in
@@ -8,9 +8,9 @@ RewriteRule (^|/)\.git/ - [F]
 
 # Old release warning rewrites
 RewriteCond %{REQUEST_METHOD} !=POST
-RewriteCond %{REQUEST_URI} !/htmlpurifier-4\.1\.0(\.|-standalone|-lite)
+RewriteCond %{REQUEST_URI} !/htmlpurifier-4\.1\.1(\.|-standalone|-lite)
 RewriteCond %{REQUEST_URI} !/htmlpurifier-trunk(\.|-standalone|-lite)
-RewriteCond %{REQUEST_URI} !/phorum-htmlpurifier-4\.1\.0\.
+RewriteCond %{REQUEST_URI} !/phorum-htmlpurifier-4\.1\.1\.
 RewriteCond %{REQUEST_URI} !\.sig$
 RewriteRule ^releases/(htmlpurifier-|phorum-) releases/warning.html [N]
 
diff --git a/current-hashes.txt b/current-hashes.txt
dissimilarity index 89%
index 0b8dabb..0e9d455 100644
--- a/current-hashes.txt
+++ b/current-hashes.txt
@@ -1,6 +1,6 @@
-b79dd5daaf9bc342699bd0c0ea957eecbf8e34d1  htmlpurifier-4.1.0-lite.tar.gz
-f09bed948ceb51729444cc69f3efee8fdf413fd8  htmlpurifier-4.1.0-lite.zip
-1def78850cfe0ab82c092efe5db76a33ef6ce0fb  htmlpurifier-4.1.0-standalone.tar.gz
-1267dbe169075fb3df7dbbf403ca0c8a68dc54c5  htmlpurifier-4.1.0-standalone.zip
-e8f6f8f6d03cebcaed87cf335467ebf58223578d  htmlpurifier-4.1.0.tar.gz
-972368029049af460c07378e77df4ca88240e193  htmlpurifier-4.1.0.zip
+f51260159386f643eb53d4a7eabf737526335c30  htmlpurifier-4.1.1-lite.tar.gz
+c5362a029e860604c13aac6d56bdb326026a5cae  htmlpurifier-4.1.1-lite.zip
+dc2cc8cbd0a345e4d8c87b20602fa9dc393f122c  htmlpurifier-4.1.1-standalone.tar.gz
+27ec68ee2d65312aa6c20f1c9820ee8cccf73888  htmlpurifier-4.1.1-standalone.zip
+b8e43a4837fd37397e04c41b54af5e684cbf8457  htmlpurifier-4.1.1.tar.gz
+61bf9b526378c8dca5c4203e7a7edc2cd878f5e1  htmlpurifier-4.1.1.zip
diff --git a/current.ent b/current.ent
index 260cac4..face125 100644
--- a/current.ent
+++ b/current.ent
@@ -1,5 +1,5 @@
-<!ENTITY htmlpurifier.current.version "4.1.0">
-<!ENTITY htmlpurifier.current.release-date "2010-04-26">
+<!ENTITY htmlpurifier.current.version "4.1.1">
+<!ENTITY htmlpurifier.current.release-date "2010-05-31">
 
 <!ENTITY url.dl "releases/htmlpurifier-&htmlpurifier.current.version;">
 <!ENTITY htmlpurifier.current.hashes SYSTEM "current-hashes.txt">
diff --git a/live b/live
index f4c6e10..18e5383 160000
--- a/live
+++ b/live
@@ -1 +1 @@
-Subproject commit f4c6e10ff7d091e97cda0fcb0c50cdcdb361aee3
+Subproject commit 18e538317a877a0509ae71a860429c41770da230
diff --git a/news/2010/0531-4.1.1-released.txt b/news/2010/0531-4.1.1-released.txt
new file mode 100644
index 0000000..5a03340
--- /dev/null
+++ b/news/2010/0531-4.1.1-released.txt
@@ -0,0 +1,29 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+HTML Purifier 4.1.1 is a major security and bugfix release that
+improves on 4.1's fix for an XSS vulnerability exploitable on Internet
+Explorer.  It also contains a number of important bugfixes, including
+the removal of improper logic that could result in infinite loops and
+fixed parsing for single-attributes with entities with DirectLex.
+
+Release notes for 4.1.1:
+    http://repo.or.cz/w/htmlpurifier.git?a=blob_plain;f=NEWS
+
+Download links for 4.1.1:
+    http://htmlpurifier.org/releases/htmlpurifier-4.1.1.tar.gz
+    http://htmlpurifier.org/releases/htmlpurifier-4.1.1.zip
+
+SHA-1 sums:
+b8e43a4837fd37397e04c41b54af5e684cbf8457  htmlpurifier-4.1.1.tar.gz
+61bf9b526378c8dca5c4203e7a7edc2cd878f5e1  htmlpurifier-4.1.1.zip
+
+Other downloads (standalone and lite):
+    http://htmlpurifier.org/download.html
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iEYEARECAAYFAkwEhOwACgkQqTO+fYacSNqDqACgiI7IJ0mzdVLQJb3ZzelbJ4On
+gFAAn2dT/4dR+wr9hFBljdQSTwslvAA9
+=mZA5
+-----END PGP SIGNATURE-----
diff --git a/news/2010/0531-4.1.1-released.xhtml b/news/2010/0531-4.1.1-released.xhtml
new file mode 100644
index 0000000..6f96a06
--- /dev/null
+++ b/news/2010/0531-4.1.1-released.xhtml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
+  xmlns="http://www.w3.org/1999/xhtml"
+  xmlns:xi="http://www.w3.org/2001/XInclude"
+  xmlns:xc="urn:xhtml-compiler"
+  xc:news="yes"
+  xml:lang="en">
+<head>
+  <title>HTML Purifier 4.1.1 released - News - HTML Purifier</title>
+  <xi:include href="common-meta.xml" xpointer="xpointer(/*/node())" />
+</head>
+<body>
+
+<xi:include href="common-header.xml" xpointer="xpointer(/*/node())" />
+
+<div id="main">
+<h1 id="title">HTML Purifier 4.1.1 released</h1>
+
+<div id="content">
+  <p>
+HTML Purifier 4.1.1 is a major security and bugfix release that
+improves on 4.1's fix for an XSS vulnerability exploitable on Internet
+Explorer.  It also contains a number of important bugfixes, including
+the removal of improper logic that could result in infinite loops and
+fixed parsing for single-attributes with entities with DirectLex.
+  </p>
+  <p>
+    See <a
+        href="http://repo.or.cz/w/htmlpurifier.git/blob/18e538317a877a0509ae71a860429c41770da230:/NEWS">NEWS</a>
+    for a complete changelog.
+  </p>
+</div>
+</div>
+</body>
+</html>
diff --git a/release.txt b/release.txt
index f2f6498..df5d23b 100644
--- a/release.txt
+++ b/release.txt
@@ -11,7 +11,7 @@ In order to perform a release, a few steps have to be taken:
     # Write new WHATSNEW and FOCUS entry
     # Commit as "Release x.y.z." and push
 # [ ] Tag and push the release 
-    . `git tag -u 0x1E1C674B vx.y.z` (this is Edward's master private key; 
+    . `git tag -u 0x869C48DA vx.y.z` (this is Edward's master private key; 
   substitute with your own if you're making a release.  Use tag message
   "HTML Purifier vx.y.z")
     . `git push --tags`
@@ -39,7 +39,7 @@ In order to perform a release, a few steps have to be taken:
     - news/YEAR/MODA-name.txt
         . Use: news item on webpage (add link to webpage as HTML Purifier),
           download links (substitute in htmlpurifier.org), sha-1 sums.
-        . Sign using `gpg -u 0x1E1C674B --clearsign filename` then move *.txt.asc over *.txt original
+        . Sign using `gpg -u 0x869C48DA --clearsign filename` then move *.txt.asc over *.txt original
     - current.ent
        . Bump version number and date
     - Update submodule live/
@@ -53,12 +53,11 @@ In order to perform a release, a few steps have to be taken:
 == Post-procedures ==
 
 ( SVN compatibility; this is still in the air )
-# svn import a clean Git checkout of the tag with the .git directory removed
-  to svn+ssh://ezyang@htmlpurifier.org/svnroot/htmlpurifier/tags/1.2.3
-  (even better s/htmlpurifier.org/SVN.HTMLPurifier/ if you have the appropriate
-  PuTTY session registered) (NOT TESTED!)
+# svn import a clean Git checkout of the tag with the .git directory
+  removed with:
+      svn import svn+ssh://ezyang@htmlpurifier.org/home/ezyang/svn/svnroot/htmlpurifier/tags/1.2.3
 
-# [@] Regenerate API documentation with `maintenance/regenerate-docs.sh`
+# [@] Regenerate API documentation with `regenerate-docs.sh`
 # Smoketest release by downloading packages, verify contents list, sha1 and sig
 # Upload PEAR release at http://htmlpurifier.org/pear-server.php
 # Regenerate configuration documentation
diff --git a/releases/htmlpurifier-4.1.1-lite.tar.gz.sig b/releases/htmlpurifier-4.1.1-lite.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000..5b084347f0313ee7653dadb69a9a4f71f9c2668e
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cJOBy_5UDf1eTJM!+SOnHpK`H6B+jPCf*xe+(f;__
e-34<SMF5^W%Bi&wrc6D{7?Dq!y|Ppgx_pL^Z5@RG

literal 0
HcwPel00001

diff --git a/releases/htmlpurifier-4.1.1-lite.zip.sig b/releases/htmlpurifier-4.1.1-lite.zip.sig
new file mode 100644
index 0000000000000000000000000000000000000000..d0b4e95e1d2896a5b6aeb25197e1dbc8d368611d
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cL;wm25UDf1eTJM!+T2h8pH(ZXn?Q0AADOq<&}tw|
e1R;LL7yzJ#jerk_vEM!ZLJhQ4c(lb{Ba0I;6B<DP

literal 0
HcwPel00001

diff --git a/releases/htmlpurifier-4.1.1-standalone.tar.gz.sig b/releases/htmlpurifier-4.1.1-standalone.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000..8ab3b33766685b6b7fe2be95bdefa259e6444e1b
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cJ^%^{5UDf1eTJM!+DkG3pHdzQHZ57THER+u#=Wp&
elQRzN5CEMVr0M3HRtOFnh`X{EsEVmuO^1W#+8D6_

literal 0
HcwPel00001

diff --git a/releases/htmlpurifier-4.1.1-standalone.zip.sig b/releases/htmlpurifier-4.1.1-standalone.zip.sig
new file mode 100644
index 0000000000000000000000000000000000000000..7c9fcbbb21a91ed352697806a81abab25f8fa136
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cMgR&45UDf1eTJM!+Lvtro;7+xQr|kpXw^SM>Vd{L
e#y8TtYyh8OuEeFW#g_Yf3jpm+ctOiITYxcma2*Q(

literal 0
HcwPel00001

diff --git a/releases/htmlpurifier-4.1.1.tar.gz.sig b/releases/htmlpurifier-4.1.1.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000..f8a11665a1067cbea6ff63b089e6174f1ebb0bf5
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cIRFX?5UDf1eTJM!+R%Xjo+B^ji?2Hvu84!<m{d#U
e^ahd&g#e#=^|6gj61$uFUv8|_F_b^JgSd@#Y#qx0

literal 0
HcwPel00001

diff --git a/releases/htmlpurifier-4.1.1.zip.sig b/releases/htmlpurifier-4.1.1.zip.sig
new file mode 100644
index 0000000000000000000000000000000000000000..85ca1bb8aed3525bffcf8508777b7530d80daa6c
GIT binary patch
literal 72
zcwPZW0Jr~$Mg#y60ssaD0!##cK>!K~5UDf1eTJM!+M1^To-YQErAD@H95Bf!47&=d
eD^60zS^%61PBB8uPBHH&>MdDN{KOo$H#`6c6BuIv

literal 0
HcwPel00001

-- 
2.11.4.GIT