subject:"\[issue46687\] Update pyexpat for CVE\-2021\-45960"

[issue46687] Update pyexpat for CVE-2021-45960

2022-02-09 Thread Steve Dower



Steve Dower  added the comment:

Probably. I searched for the CVE number and didn't find it anywhere, but that 
issue only mentions the new release version.

--
resolution:  -> duplicate
stage: needs patch -> resolved
status: open -> closed
superseder:  -> Please update bundled libexpat to 2.4.4 with security fixes

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46687] Update pyexpat for CVE-2021-45960

2022-02-08 Thread Ned Deily



Ned Deily  added the comment:

Duplicate of Issue46400 ?

--
nosy: +ned.deily

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46687] Update pyexpat for CVE-2021-45960

2022-02-08 Thread Steve Dower



New submission from Steve Dower :

libexpat recently fixed a security issue relating to some arithmetic: 
https://github.com/libexpat/libexpat/pull/534

I assume we should take this fix, either by updating our entire bundled copy or 
just backporting the patch.

--
components: XML
messages: 412880
nosy: steve.dower
priority: normal
severity: normal
stage: needs patch
status: open
title: Update pyexpat for CVE-2021-45960
type: security
versions: Python 3.10, Python 3.11, Python 3.7, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46687] Update pyexpat for CVE-2021-45960

[issue46687] Update pyexpat for CVE-2021-45960

[issue46687] Update pyexpat for CVE-2021-45960

3 matches

Site Navigation

Mail list logo

Footer information