1.4.0 - DO NOT USE

DO NOT USE. UNINTENDED ABI BREAK.

• A negative array index may now be used with MMDB_get_value,
  MMDB_vget_value, and MMDB_aget_value. This specifies the element
  from the end of the array. For instance, -1 would refer to the
  last element of the array. PR by Kyle Box. GitHub #205.
• On Windows, the file name passed to MMDB_open is now expected to be
  UTF-8 encoded. This allows Unicode characters to be used in file names.
  As part of this change, mmdblookup on Windows now converts its
  arguments to UTF-8. PR by Gerald Combs. GitHub #189 & #191.
• Fix a memory leak that occurred when freeing an MMDB_s where the
  database had no languages defined in the metadata. If you are using an
  official MaxMind database, this leak does not affect you. Pull request
  by Kókai Péter. GitHub #180.
• Add --disable-binaries option to configure. Pull request by Fabrice
  Fontaine. GitHub #166.
• Previous releases incorrectly included *.Po files in the t directory.
  This has been corrected. Reported by Daniel Macks. GitHub #168.
• The internal use of the MMDB_s now has the const modifier. Public
  functions that accepted an MMDB_s as an argument now also declare it as
  const. Pull request by Kurt Johnson. GitHub #199.
• mmdblookup now displays the prefix length for the record when using
  the verbose flag. GitHub #172.

1.3.2

• Allocate memory for MMDB_entry_data_list_s structs in separate chunks
  rather than one large chunk. This simplifies accessing memory in
  MMDB_get_entry_data_list() and increases performance. It builds on the
  changes in 1.3.0 and 1.3.1.
• We no longer export data_pool_* symbols. These are internal functions
  but we were previously exporting them. Pull request by Faidon Liambotis.
  GitHub #162.
• Build with POSIX.1-2008 by default if the system supports it. This allows
  use of open() with O_CLOEXEC. We retain support for systems that
  provide only POSIX.1-2001.
• Open the database with the O_CLOEXEC flag if the system provides it.
  This avoids cases where we could leak fds when called in multi-threaded
  programs that fork() and exec(). Original report and PR by Brandon L
  Black.
• Added a test to ensure we export only intended symbols (e.g. MMDB_*).

1.3.1

• Fix build problems related to rpl_malloc(). Pull request by Rainer
  Gerhards. GitHub #152.
• Fix a race to set and read data in a field on the MMDB_s struct
  (ipv4_start_node). GitHub #153.
• Fix cases of invalid memory access when using
  MMDB_get_entry_data_list(). This was introduced in 1.3.0 and occurred
  when performing large lookups. GitHub #153.

1.3.0

• Perform fewer memory allocations in MMDB_get_entry_data_list(). This
  significantly improves its performance. GitHub #147.
• Fix mmdblookup's build epoch reporting on some systems. Big endian
  systems with a 32-bit time_t no longer show a database build date of
  1970-01-01 00:00:00. Pull request by Rainer Jung. GitHub #143.

1.2.1

• Use autoconf to check the system's endianness rather than trying to do this
  with compiler-defined macros like __BYTE_ORDER__. Apparently this didn't
  work properly on a Sparc system. GitHub #120.
• Several compiler warnings on Visual C++ were fixed. Pull request by Marcel
  Raad. GitHub #130.
• Fix segmentation faults found in MMDB_open() using afl-fuzz. This
  occurred on corrupt databases that had a data pointer large enough to
  cause an integer overflow when doing bound checking. Reported by Ryan
  Whitworth. GitHub #140.
• Add --disable-tests option to configure. Pull request by Fabrice
  Fontaine. GitHub #136.

1.2.0 - Extended API for Iteration of Database

• Four additional fields were added to the end of the MMDB_search_node_s
  struct returned by MMDB_read_node. These fields allow the user to iterate
  through the search tree without making undocumented assumptions about how
  this library works internally and without knowing the specific details of
  the database format. GitHub #110.

Minor Bug Fixes

1.1.5 - 2016-03-20

• Previously, reading a database with a pointer in the metadata would cause an
  MMDB_INVALID_METADATA_ERROR to be returned. This was due to an invalid
  offset being used when calculating the pointer. The data_section and
  metadata_section fields now both point to the beginning of the data
  section. Previously, data_section pointed to the beginning of the data
  separator. This will not affect anyone using only documented fields from
  MMDB_s.
• MMDB_lookup_sockaddr will set mmdb_error to
  MMDB_IPV6_LOOKUP_IN_IPV4_DATABASE_ERROR if an IPv6 sockaddr is looked up
  in an IPv4-only database. Previously only MMDB_lookup_string would set
  this error code.
• When resolving an address, this library now relies on getaddrinfo to
  determine the address family rather than trying to guess it itself.

Packaging fixes

1.1.4 - 2016-01-06

• Packaging fixes. The 1.1.3 tarball release contained a lot of extra junk in the t/ directory.

More overflow and malloc checks

This tarball has since been removed because it was not cleanly packaged. Use 1.1.4 or newer instead.

• Added several additional checks to make sure that we don't attempt to read
  past the end of the databases's data section. Implemented by Tobias
  Stoeckmann. GitHub #103.
• When searching for the database metadata, there was a bug that caused the
  code to think it had found valid metadata when none existed. In addition,
  this could lead to an attempt to read past the end of the database
  entirely. Finally, if there are multiple metadata markers in the database,
  we treat the final one as the start of the metdata, instead of the first.
  Implemented by Tobias Stoeckmann. GitHub #102.
• Don't attempt to mmap a file that is too large to be mmapped on the
  system. Implemented by Tobias Stoeckmann. GitHub #101.
• Added a missing out of memory check when reading a file's
  metadata. Implemented by Tobias Stoeckmann. GitHub #101.
• Added several additional checks to make sure that we never attempt to
  malloc more than SIZE_MAX memory, which would lead to integer
  overflow. This could only happen with pathological databases. Implemented by
  Tobias Stoeckmann. GitHub #101.

Improved handling of corrupt databses and pkg-config support

• IMPORTANT: This release includes a number of important security fixes. Among these fixes is improved validation of the database metadata. Unfortunately, MaxMind GeoIP2 and GeoLite2 databases created earlier than January 28, 2014 had an invalid data type for the record_size in the metadata. Previously these databases worked on little endian machines with libmaxminddb but did not work on big endian machines. Due to increased safety checks when reading the file, these databases will no longer work on any platform. If you are using one of these databases, we recommend that you upgrade to the latest GeoLite2 or GeoIP2 database
• Added pkg-config support. If your system supports it, then running make install now installs a libmaxminddb.pc file for pkgconfig. Implemented by
  Jan Vcelak.
• Several segmentation faults found with afl-fuzz were fixed. These were
  caused by missing bounds checking and missing verification of data type.
• MMDB_get_entry_data_list will now fail on data structures with a depth
  greater than 512 and data structures that are cyclic. This should not
  affect any known MaxMind DB in production. All databases produced by
  MaxMind have a depth of less than five.