2013/2/19 Christian Heimes <christ...@python.org>: > Hello, > > in August 2012 I found a DoS vulnerability in expat and XML libraries in > Python's standard library. Since then I have found several more issues. > I have been working on fixes ever since. > > The README of https://pypi.python.org/pypi/defusedxml contains detailed > explanations of my research and all issues > > > Blog post: > http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html > > Hotfixes: > https://pypi.python.org/pypi/defusedxml > https://pypi.python.org/pypi/defusedexpat
Are these going to become patches for Python, too? -- Regards, Benjamin _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com