[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

mattip added the comment: > [T]he test has been removed in CPython pull request > https://github.com/python/cpython/pull/31453/files Thanks, I missed that. Makes sense. -- ___ Python tracker

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

sping added the comment: Hi mattip, at the core the problem is not the use of non-URI character "}" for a namespace separator but the use of non-URI character "}" in a namespace URI. test_issue3151 is mistaken (meaning that non-URI characters in URIs are malformed XML) and the test has

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

mattip added the comment: On PyPy, the test `test_issue3151` in `test_xml_etree.py` is failing with libexpat 2.4.6. I think the problem is connected to instantiation of the `XMLParser()` with `parser = expat.ParserCreate(encoding, "}")` where `"}"` is not a valid URI character. In any case,

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___ ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Łukasz Langa added the comment: New changeset eb6c840a2414dc057ffcfbb5ad68d6253c8dd57c by Miss Islington (bot) in branch '3.8': bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) (GH-31520) https://github.com/python/cpython/commit/eb6c840a2414dc057ffcfbb5ad68d6253c8dd57c

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Ned Deily added the comment: New changeset 15d7594d9974cfef10e65cbb01161168c42abe9d by Miss Islington (bot) in branch '3.7': bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) (GH-31521) https://github.com/python/cpython/commit/15d7594d9974cfef10e65cbb01161168c42abe9d --

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

miss-islington added the comment: New changeset 87cebb1e69758aa8b79f8e15187b976d62cba36a by Miss Islington (bot) in branch '3.9': bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) https://github.com/python/cpython/commit/87cebb1e69758aa8b79f8e15187b976d62cba36a --

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

miss-islington added the comment: New changeset 4955a9ed14c681ed835bc8902a9db0bcc728bdee by Miss Islington (bot) in branch '3.10': bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) https://github.com/python/cpython/commit/4955a9ed14c681ed835bc8902a9db0bcc728bdee --

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by miss-islington : -- pull_requests: +29647 pull_request: https://github.com/python/cpython/pull/31520 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Dong-hee Na added the comment: New changeset 1935e1cc284942bec8006287c939e295e1a7bf13 by Dong-hee Na in branch 'main': bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) https://github.com/python/cpython/commit/1935e1cc284942bec8006287c939e295e1a7bf13 --

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by miss-islington : -- pull_requests: +29648 pull_request: https://github.com/python/cpython/pull/31521 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by miss-islington : -- pull_requests: +29646 pull_request: https://github.com/python/cpython/pull/31519 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by miss-islington : -- nosy: +miss-islington nosy_count: 3.0 -> 4.0 pull_requests: +29645 pull_request: https://github.com/python/cpython/pull/31518 ___ Python tracker

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- pull_requests: +29615, 29616 pull_request: https://github.com/python/cpython/pull/31487 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- pull_requests: +29615 pull_request: https://github.com/python/cpython/pull/31487 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- pull_requests: -29614 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- keywords: +patch pull_requests: +29614 stage: -> patch review pull_request: https://github.com/python/cpython/pull/31486 ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Change by Dong-hee Na : -- assignee: -> corona10 nosy: +corona10 ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

sping added the comment: I have created a dedicated ticket bpo-46811 now, test suite pull request upcoming. -- ___ Python tracker ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

sping added the comment: I'm busy with the release upstream at the moment. I'll see what I can do. -- ___ Python tracker ___ ___

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

Michał Górny added the comment: Could you make a PR to fix the test failures? I suppose that could speed things up and if not, I'd at least have something to pull into Gentoo. -- ___ Python tracker

[issue46794] Please update bundled libexpat to 2.4.6 with security fixes (5 CVEs)

sping added the comment: Hi Michal, TL;DR would be: - There is a regression but none of these test fails are related. - There will be a release Expat 2.4.6 with the regression fixed later today. - The 3 failing tests need (small) adjustments to Expat 2.4.5 and these fails are not