- Release date: 2017-01-02 - SHA-256: ec27d4e74e9ce0f78066389a70724afd07f10761009322dc020656704ad5296d This release fixes several security-relevant bugs in the MessagePack and CBOR parsers. The fixes are backwards compatible. - :bug: Fixed a lot of **bugs in the CBOR and MesssagePack parsers**. These bugs occurred if invalid input was parsed and then could lead in buffer overflows. These bugs were found with Google's [OSS-Fuzz](https://github.com/google/oss-fuzz), see #405, #407, #408, #409, #411, and #412 for more information. - :construction_worker: We now also use the **[Doozer](https://doozer.io) continuous integration platform**. - :construction_worker: The complete test suite is now also run with **Clang's address sanitizer and undefined-behavior sanitizer**. - :white_check_mark: Overworked **fuzz testing**; CBOR and MessagePack implementations are now fuzz-tested. Furthermore, all fuzz tests now include a round trip which ensures created output can again be properly parsed and yields the same JSON value. - :memo: Clarified documentation of `find()` function to always return `end()` when called on non-object value types. - :hammer: Moved thirdparty test code to `test/thirdparty` directory.