]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b48f98) | patch
[3.6] bpo-17239: Disable external entities in SAX parser (GH-9217) (GH-9512)
authorChristian Heimes <christian@python.org>
Mon, 24 Sep 2018 12:38:31 +0000 (14:38 +0200)
committerMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Mon, 24 Sep 2018 12:38:31 +0000 (05:38 -0700)
commit582d188e6e3487180891f1fc457a80dec8be26a8
tree0080016b5033cc4393f90ec10f4aeeeccedfe373tree | snapshot
parent6b48f9854e2ae35fd74bcd359451eb37ae65f798commit | diff
[3.6] bpo-17239: Disable external entities in SAX parser (GH-9217) (GH-9512)

The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.

Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue17239.
(cherry picked from commit 17b1d5d4e36aa57a9b25a0e694affbd1ee637e45)

Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue17239
Doc/library/xml.dom.pulldom.rst diff | blob | blame | history
Doc/library/xml.rst diff | blob | blame | history
Doc/library/xml.sax.rst diff | blob | blame | history
Doc/whatsnew/3.6.rst diff | blob | blame | history
Lib/test/test_pulldom.py diff | blob | blame | history
Lib/test/test_sax.py diff | blob | blame | history
Lib/test/test_xml_etree.py diff | blob | blame | history
Lib/xml/sax/expatreader.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git