New submission from sping :
Hi!
I believe the fix documented at
https://github.com/libexpat/libexpat/blob/27d5b8ba1771f916d9cfea2aac6bdac72071dc66/expat/Changes#L7-L11
is important to users of CPython. Please update bundled libexpat to 2.4.7.
Thank you!
Best, Sebastian
sping added the comment:
Hi mattip,
at the core the problem is not the use of non-URI character "}" for a namespace
separator but the use of non-URI character "}" in a namespace URI.
test_issue3151 is mistaken (meaning that non-URI characters in URIs are
malformed X
sping added the comment:
First mention at https://bugs.python.org/issue44394#msg395642
--
nosy: +sping
___
Python tracker
<https://bugs.python.org/issue46
Change by sping :
--
keywords: +patch
pull_requests: +29581
stage: -> patch review
pull_request: https://github.com/python/cpython/pull/31453
___
Python tracker
<https://bugs.python.org/issu
sping added the comment:
I have created a dedicated ticket bpo-46811 now, test suite pull request
upcoming.
--
___
Python tracker
<https://bugs.python.org/issue46
New submission from sping :
It has been reported at https://bugs.python.org/issue46794#msg413587 that the
current CPython test suite needs some adjustments for Expat >=2.4.5. Since that
is somewhat separate from updating the bundled copy of Expat to >=2.4.6, I am
creating this ded
sping added the comment:
I'm busy with the release upstream at the moment. I'll see what I can do.
--
___
Python tracker
<https://bugs.python.org/issue46
sping added the comment:
Hi Michal,
TL;DR would be:
- There is a regression but none of these test fails are related.
- There will be a release Expat 2.4.6 with the regression fixed later today.
- The 3 failing tests need (small) adjustments to Expat 2.4.5
and these fails
sping added the comment:
Overlooked your reference, so you already know, my bad, nevermind.
--
___
Python tracker
<https://bugs.python.org/issue46400>
___
___
sping added the comment:
Yes, I have already created bpo-46794 for 2.4.5.
--
___
Python tracker
<https://bugs.python.org/issue46400>
___
___
Python-bugs-list m
New submission from sping :
Thank you!
https://github.com/libexpat/libexpat/blob/97a4840578693a346e79302909b67d97492e1880/expat/Changes#L6-L35
--
components: XML
messages: 413517
nosy: sping
priority: normal
severity: normal
status: open
title: Please update bundled libexpat to 2.4.5
sping added the comment:
Just to understand, why has Python 3.7 and 3.8 been dropped? Neither seems to
be end-of-life but affected. Thank you!
--
___
Python tracker
<https://bugs.python.org/issue46
sping added the comment:
2.4.4 with more security fixes has been released, adjusting the ticket to be
about updating to 2.4.4 now.
--
title: Please update bundled libexpat to 2.4.3 with security fixes -> Please
update bundled libexpat to 2.4.4 with security fi
sping added the comment:
Hi StyXman,
I had a closer look at the files you shared, thanks for those, very helpful!
What I found is that expat_test.py uses a single scalar variable
(_DictSAXHandler.parser) to keep track of the related parser, while it would
need a stack to allow recursion
sping added the comment:
This has been fixed upstream in pull request
https://github.com/libexpat/libexpat/pull/527 that is included with latest
release libexpat 2.4.3. bpo-46400 will fix this as a side effect.
--
nosy: +sping
___
Python tracker
Change by sping :
--
title: Please updated bundled libexpat to 2.4.3 with security fixes -> Please
update bundled libexpat to 2.4.3 with security fixes
___
Python tracker
<https://bugs.python.org/issu
New submission from sping :
Expat 2.4.3 released, includes security fixes
https://blog.hartwork.org/posts/expat-2-4-3-released/
Thank you!
PS: This is similar to bpo-44394 excect now it's 2.4.3.
--
components: XML
messages: 410700
nosy: sping
priority: normal
severity: normal
status
New submission from sping :
(This has been mention at https://bugs.python.org/issue44394#msg395642 before,
but issue 44394 has been closed as fixed despite that part being forgotten,
hence the dedicated ticket...)
Module `xml.parsers.expat.errors` and its docs need 6 more error code entries
sping added the comment:
For the AIX link error that Pablo brought up, there is merged pull request
https://github.com/libexpat/libexpat/pull/510 upstream.
--
___
Python tracker
<https://bugs.python.org/issue44
Change by sping :
--
title: [security] CVE-2013-0340 "Billion Laughs" fixed in Expat >=2.4.0:
Updated to vendoed copy to expat 2.4.1 -> [security] CVE-2013-0340 "Billion
Laughs" fixed in Expat >=2.4.0: Update
sping added the comment:
FTR that^^ Sebastian is me :)
--
nosy: +sping
___
Python tracker
<https://bugs.python.org/issue44394>
___
___
Python-bugs-list mailin
sping added the comment:
Expat 2.2.4 with a fix has been released now:
https://github.com/libexpat/libexpat/releases
--
___
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/i
sping added the comment:
For the record, the upstream fix is commit
https://github.com/libexpat/libexpat/commit/74a7090a6eb92c27b7010287a4082de6b357fa42
and it will be part of Expat 2.2.4.
--
nosy: +sping
versions: +Python 2.7, Python 3.3, Python 3.4, Python 3.5
Changes by sping <sebast...@pipping.org>:
Added file:
http://bugs.python.org/file43515/0001-Fix-Python-3.x.x-tests-for-Expat-2.2.0.patch
___
Python tracker <rep...@bugs.python.org>
<http://bugs.python
New submission from sping:
Expat commit
https://sourceforge.net/p/expat/code_git/ci/550eb6bbaa7e6efc44e94cab945fe9c781c01211
introduced with the recent release of Expat 2.2.0 fixed a bug that the current
Python test suite relies on.
Attached you find patches to fix the test suite for all
sping added the comment:
I guess supporting older upstream versions would be nice in this case.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24266
Changes by sping sebast...@pipping.org:
Added file: http://bugs.python.org/file39468/raw_input__minimal.py
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue24266
New submission from sping:
Hi!
A college of mine ran into a bug with raw_input.
We have a shell derived from stdlib module cmd here but the bug shows
with plain raw_input, as well (see demo code).
For the symptoms: the shell is executing commands from history that the
user explicitly chose
28 matches
Mail list logo
