CHANGES in json_pure-1.1.6 vs CHANGES in json_pure-1.1.7

- old
+ new
@@ -1,4 +1,12 @@
+2009-06-29 (1.1.7)
+  * Security Fix for JSON::Pure::Parser. A specially designed string could
+    cause catastrophic backtracking in one of the parser's regular expressions
+    in earlier 1.1.x versions. JSON::Ext::Parser isn't affected by this issue.
+    Thanks to Bartosz Blimke <bartosz@new-bamboo.co.uk> for reporting this
+    problem.
+  * This release also uses a less strict ruby version requirement for the
+    creation of the mswin32 native gem.
 2009-05-10 (1.1.6)
   * No changes. І tested native linux gems in the last release and they don't
     play well with different ruby versions other than the one the gem was built
     with. This release is just to bump the version number in order to skip the
     native gem on rubyforge.