New submission from Steve Dower <steve.do...@python.org>:
libexpat recently fixed a security issue relating to some arithmetic: https://github.com/libexpat/libexpat/pull/534 I assume we should take this fix, either by updating our entire bundled copy or just backporting the patch. ---------- components: XML messages: 412880 nosy: steve.dower priority: normal severity: normal stage: needs patch status: open title: Update pyexpat for CVE-2021-45960 type: security versions: Python 3.10, Python 3.11, Python 3.7, Python 3.8, Python 3.9 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue46687> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
