https://github.com/python/cpython/commit/f2b82b3b3b1f8c7a81e84df35ee921e44517cf32 commit: f2b82b3b3b1f8c7a81e84df35ee921e44517cf32 branch: 3.14 author: Miss Islington (bot) <[email protected]> committer: hugovk <[email protected]> date: 2025-09-26T13:43:00+01:00 summary:
[3.14] gh-127502: Fix typo in XML security notes (GH-139335) (#139346) gh-127502: Fix typo in XML security notes (GH-139335) (cherry picked from commit 6fa1e552e06063b668e02540ba1c31a4d87bbb17) Co-authored-by: Sebastian Pipping <[email protected]> files: M Doc/library/xml.rst diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst index 28465219a1ac18..3f745573474405 100644 --- a/Doc/library/xml.rst +++ b/Doc/library/xml.rst @@ -55,7 +55,7 @@ An attacker can abuse XML features to carry out denial of service attacks, access local files, generate network connections to other machines, or circumvent firewalls. -Expat versions lower that 2.6.0 may be vulnerable to "billion laughs", +Expat versions lower than 2.6.0 may be vulnerable to "billion laughs", "quadratic blowup" and "large tokens". Python may be vulnerable if it uses such older versions of Expat as a system-provided library. Check :const:`!pyexpat.EXPAT_VERSION`. _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3//lists/python-checkins.python.org Member address: [email protected]
