[issue44394] [security] CVE-2013-0340 "Billion Laughs" fixed in Expat >=2.4.0: Update vendored copy to expat 2.4.1
Łukasz Langa
report at bugs.python.org
Sun Aug 29 11:24:19 EDT 2021
Łukasz Langa <lukasz at langa.pl> added the comment:
3.6 will need a separate backport because it's using expat 2.2.6 at the moment (from b2260e59ff1eaf20de4738099005ddf507b7b27d).
3.7 conflicted since it didn't include local changes to the vendored 2.2.8 that were introduced in 3.8+. I fixed that, the backport is up.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue44394>
_______________________________________
More information about the Python-bugs-list
mailing list