released: false apache: true title: 3.2.1 date: 2021-12-16 summary: > Upgrade dependencies to fix CVE-2021-44228 (Log4J) and CVE-2021-33813 (JDOM). Fix unparse checksum and CRC capability ({% jira 2609 %})
artifact-root: “https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc1/” checksum-root: “https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc1/”
key-file: “https://downloads.apache.org/daffodil/KEYS”
source-dist: - “apache-daffodil-3.2.1-src.zip”
binary-dist: - “apache-daffodil-3.2.1-bin.tgz” - “apache-daffodil-3.2.1-bin.zip” - “apache-daffodil-3.2.1-bin.msi” - “apache-daffodil-3.2.1-1.noarch.rpm”
This release fixes two security CVEs by updating dependency versions.
A major feature, layering transforms with checksum/CRC capability, which was planned for the prior release (3.2.0) was found to be buggy when unparsing. This has been fixed.
There are no deprecations. This release is fully compatible with all functionality of the prior release.
The following dependencies have been added or updated
Core
Code Generator (runtime2)