[Python-checkins] Fix Python version since which external enities are not resolved by default. (GH-11237)
Serhiy Storchaka
webhook-mailer at python.org
Wed Dec 19 08:29:07 EST 2018
https://github.com/python/cpython/commit/bf99bcf56c8b4e97b2737f9e751a563b625430ec
commit: bf99bcf56c8b4e97b2737f9e751a563b625430ec
branch: master
author: Serhiy Storchaka <storchaka at gmail.com>
committer: GitHub <noreply at github.com>
date: 2018-12-19T15:29:04+02:00
summary:
Fix Python version since which external enities are not resolved by default. (GH-11237)
files:
M Doc/library/xml.dom.pulldom.rst
M Doc/library/xml.rst
M Doc/library/xml.sax.rst
diff --git a/Doc/library/xml.dom.pulldom.rst b/Doc/library/xml.dom.pulldom.rst
index eb2b16bd6c0b..660c75c1a1b3 100644
--- a/Doc/library/xml.dom.pulldom.rst
+++ b/Doc/library/xml.dom.pulldom.rst
@@ -25,7 +25,7 @@ events until either processing is finished or an error condition occurs.
maliciously constructed data. If you need to parse untrusted or
unauthenticated data see :ref:`xml-vulnerabilities`.
-.. versionchanged:: 3.8
+.. versionchanged:: 3.7.1
The SAX parser no longer processes general external entities by default to
increase security by default. To enable processing of external entities,
diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst
index be1272940b8e..fb86b6f5564d 100644
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -75,7 +75,7 @@ decompression bomb Safe Safe Safe S
2. :mod:`xml.dom.minidom` doesn't expand external entities and simply returns
the unexpanded entity verbatim.
3. :mod:`xmlrpclib` doesn't expand external entities and omits them.
-4. Since Python 3.8, external general entities are no longer processed by
+4. Since Python 3.7.1, external general entities are no longer processed by
default.
diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst
index 0b6973b8c8a8..6d351dfb4d70 100644
--- a/Doc/library/xml.sax.rst
+++ b/Doc/library/xml.sax.rst
@@ -24,7 +24,7 @@ the SAX API.
constructed data. If you need to parse untrusted or unauthenticated data see
:ref:`xml-vulnerabilities`.
-.. versionchanged:: 3.8
+.. versionchanged:: 3.7.1
The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
More information about the Python-checkins
mailing list