Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-08 06:10:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

gh-127502: Remove XML vulnerability table (GH-135294)

Browse source 
* Remove the table
* Replace warnings with notes


Latest releases of Python 3.9-3.15 include expat 2.7.1 which is not vulnerable.

expat 2.6.0 was released in February 2024.
This commit is contained in:
Victor Stinner 2025-07-07 11:03:07 +02:00 committed by GitHub
parent d05423a90c
commit cb99d99277
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 31 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Doc/library/security_warnings.rst
View file

@ -28,7 +28,7 @@ The following modules have specific security considerations:
<subprocess-security>`
* :mod:`tempfile`: :ref:`mktemp is deprecated due to vulnerability to race
conditions <tempfile-mktemp-deprecated>`
* :mod:`xml`: :ref:`XML vulnerabilities <xml-vulnerabilities>`
* :mod:`xml`: :ref:`XML security <xml-security>`
* :mod:`zipfile`: :ref:`maliciously prepared .zip files can cause disk volume
exhaustion <zipfile-resources-limitations>`