[issue17239] XML vulnerabilities in Python
STINNER Victor
report at bugs.python.org
Fri Aug 31 08:24:35 EDT 2018
STINNER Victor <vstinner at redhat.com> added the comment:
This issue didn't get much attention in 5 years. The XML documentation starts with a big red warning:
https://docs.python.org/dev/library/xml.html
The warning is present in 2.7 and 3.4 as well:
https://docs.python.org/2.7/library/xml.html
https://docs.python.org/3.4/library/xml.html
It seems like XML is getting less popular because of JSON becoming more popular (JSON obviously comes with its own set of security issues). It seems like less core developers care about XML.
I suggest to:
* close bpo-17318 as a duplicate of this issue (bpo-17239)
* close bpo-24238
* close this issue
We just have to accept that core developers have limited availability and that documenting security issues is an acceptable tradeoff. I don't see any value of keeping these 3 issues open.
----------
nosy: +vstinner
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue17239>
_______________________________________
More information about the Python-bugs-list
mailing list