From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Date: Fri, 26 Sep 2025 10:08:59 +0000 (+0200) Subject: [3.13] gh-127502: Fix typo in XML security notes (GH-139335) (#139345) X-Git-Tag: v3.13.8~35 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=417e0c0791548aec99f9177982fdff95fab90905;p=thirdparty%2FPython%2Fcpython.git [3.13] gh-127502: Fix typo in XML security notes (GH-139335) (#139345) gh-127502: Fix typo in XML security notes (GH-139335) (cherry picked from commit 6fa1e552e06063b668e02540ba1c31a4d87bbb17) Co-authored-by: Sebastian Pipping --- diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst index 28465219a1ac..3f7455734744 100644 --- a/Doc/library/xml.rst +++ b/Doc/library/xml.rst @@ -55,7 +55,7 @@ An attacker can abuse XML features to carry out denial of service attacks, access local files, generate network connections to other machines, or circumvent firewalls. -Expat versions lower that 2.6.0 may be vulnerable to "billion laughs", +Expat versions lower than 2.6.0 may be vulnerable to "billion laughs", "quadratic blowup" and "large tokens". Python may be vulnerable if it uses such older versions of Expat as a system-provided library. Check :const:`!pyexpat.EXPAT_VERSION`.