update news for www.libexpat.org
diff --git a/htdocs/index.html b/htdocs/index.html
index 1edb0d7..c576518 100644
--- a/htdocs/index.html
+++ b/htdocs/index.html
@@ -51,6 +51,105 @@
<h3 id="news">News</h3>
<dl>
+ <dt><em>24 March 2012</em>,
+ Expat 2.1.0 released.
+ </dt>
+ <dd><p>Release 2.1.0 includes security & other bug fixes, new
+ features, and updated build support.</p>
+ <h4>Security fixes</h4>
+ <ul>
+ <li>Memory leak in poolGrow (<a
+ href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148"
+ >CVE-2012-1148</a>)</li>
+ <li>Resource leak in readfilemap.c (<a
+ href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147"
+ >CVE-2012-1147</a>)</li>
+ <li>Hash DOS attack (<a
+ href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876"
+ >CVE-2012-0876</a>)</li>
+ <li>Buffer over-read and crash in big2_toUtf8 (<a
+ href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3560"
+ >CVE-2009-3560</a>)</li>
+ <li>Parser crash with special UTF-8 sequences (<a
+ href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3720"
+ >CVE-2009-3270</a>)</li>
+ </ul>
+ <h4>New features</h4>
+ <ul>
+ <li>Added function XML_SetHashSalt that allows setting an initial
+ value (salt) for hash calculations (part of the fix for bug <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3496608&group_id=10127&atid=110127"
+ >3496608</a>).
+ <li>When compiled with XML_ATTR_INFO defined, adds new API member
+ XML_GetAttributeInfo() that allows retrieving the byte offsets
+ for attribute names and values (patch <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3446384&group_id=10127&atid=310127"
+ >3446384</a>).</li>
+ <li>Added CMake build system (bug <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2990652&group_id=10127&atid=110127"
+ >2990652</a>, patch <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3312568&group_id=10127&atid=310127"
+ >3312568</a>).</li>
+ <li>Added run-benchmark target to Makefile.in - relies on testdata
+ module present in the same relative location as in the repository.
+ </li>
+ </ul>
+ <h4>Bug fixes</h4>
+ <ul>
+ <li>Harmful XML_ParserCreateNS suggestion (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=1742315&group_id=10127&atid=110127"
+ >1742315</a>)</li>
+ <li>CVE-2012-1147 - Resource leak in readfilemap.c (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127"
+ >2895533</a>)</li>
+ <li>Expat build fails on linux-amd64 with gcc version>=4.1 -O3 (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=1785430&group_id=10127&atid=110127"
+ >1785430</a>)</li>
+ <li>Build modifications using autoreconf instead of buildconf.sh (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=1983953&group_id=10127&atid=110127"
+ >1983953</a>, <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2517952&group_id=10127&atid=110127"
+ >2517952</a>, <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2517962&group_id=10127&atid=110127"
+ >2517962</a>, <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2649838&group_id=10127&atid=110127"
+ >2649838</a>)</li>
+ <li>OBJEXT and EXEEXT support while building (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2815947&group_id=10127&atid=110127"
+ >2815947</a>, <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2884086&group_id=10127&atid=110127"
+ >2884086</a>)</li>
+ <li>CVE-2009-3720 - Parser crash with special UTF-8 sequences (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=1990430&group_id=10127&atid=110127"
+ >1990430</a>)</li>
+ <li>xmlwf should return non-zero exit status if not well-formed (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2517938&group_id=10127&atid=110127"
+ >2517938</a>)</li>
+ <li>Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2517946&group_id=10127&atid=110127"
+ >2517946</a>)</li>
+ <li>Dangling positionPtr after error (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2855609&group_id=10127&atid=110127"
+ >2855609</a>)</li>
+ <li>CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8() (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2894085&group_id=10127&atid=110127"
+ >2894085</a>)</li>
+ <li>CVE-2012-1148 - Memory leak in poolGrow (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=2958794&group_id=10127&atid=110127"
+ >2958794</a>)</li>
+ <li>UNEXPECTED_STATE with a trailing "%" in entity value (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3010819&group_id=10127&atid=110127"
+ >3010819</a>)</li>
+ <li>Unitialized memory returned from XML_Parse (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3206497&group_id=10127&atid=110127"
+ >3206497</a>)</li>
+ <li>make check fails on mingw-w64 (<a
+ href="https://sourceforge.net/tracker/?func=detail&aid=87849&group_id=10127&atid=110127"
+ >87849</a>)</li>
+ </ul>
+ </dd>
+</dl>
+<dl>
<dt><em>5 June 2007</em>,
Expat 2.0.1 released.
</dt>