[issue46794] Please update bundled libexpat to 2.4.5 with security fixes (5 CVEs)
Michał Górny
report at bugs.python.org
Sun Feb 20 08:57:50 EST 2022
Michał Górny <mgorny at gentoo.org> added the comment:
BTW there are test regressions with expat 2.4.5, apparently due to some test snippets now being rejected as invalid XML:
======================================================================
ERROR: test_issue3151 (test.test_xml_etree.BugsTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/mgorny/git/cpython/Lib/xml/etree/ElementTree.py", line 1718, in feed
self.parser.Parse(data, False)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
xml.parsers.expat.ExpatError: syntax error: line 1, column 0
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/mgorny/git/cpython/Lib/test/test_xml_etree.py", line 2196, in test_issue3151
e = ET.XML('<prefix:localname xmlns:prefix="${stuff}"/>')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/etree/ElementTree.py", line 1347, in XML
parser.feed(text)
^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/etree/ElementTree.py", line 1720, in feed
self._raiseerror(v)
^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/etree/ElementTree.py", line 1627, in _raiseerror
raise err
^^^^^^^^^
xml.etree.ElementTree.ParseError: syntax error: line 1, column 0
======================================================================
ERROR: testEncodings (test.test_minidom.MinidomTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/mgorny/git/cpython/Lib/test/test_minidom.py", line 1150, in testEncodings
self.assertRaises(UnicodeDecodeError, parseString,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/unittest/case.py", line 734, in assertRaises
return context.handle('assertRaises', args, kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/unittest/case.py", line 218, in handle
callable_obj(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/minidom.py", line 1998, in parseString
return expatbuilder.parseString(string)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/expatbuilder.py", line 925, in parseString
return builder.parseString(string)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/expatbuilder.py", line 223, in parseString
parser.Parse(string, True)
^^^^^^^^^^^^^^^^^^^^^^^^^^
xml.parsers.expat.ExpatError: not well-formed (invalid token): line 1, column 5
======================================================================
ERROR: testExceptionOnSpacesInXMLNSValue (test.test_minidom.MinidomTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/mgorny/git/cpython/Lib/test/test_minidom.py", line 1613, in testExceptionOnSpacesInXMLNSValue
parseString('<element xmlns:abc="http:abc.com/de f g/hi/j k"><abc:foo /></element>')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/minidom.py", line 1998, in parseString
return expatbuilder.parseString(string)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/expatbuilder.py", line 925, in parseString
return builder.parseString(string)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mgorny/git/cpython/Lib/xml/dom/expatbuilder.py", line 223, in parseString
parser.Parse(string, True)
^^^^^^^^^^^^^^^^^^^^^^^^^^
xml.parsers.expat.ExpatError: syntax error: line 1, column 0
----------
nosy: +mgorny
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue46794>
_______________________________________
More information about the Python-bugs-list
mailing list