Sourced from lxml's changelog.

5.3.2 (2025-04-05)

This release resolves CVE-2025-24928 as described in https://gitlab.gnome.org/GNOME/libxml2/-/issues/847

Bugs fixed

• Binary wheels use libxml2 2.12.10 and libxslt 1.1.42.

• Binary wheels for Windows use a patched libxml2 2.11.9 and libxslt 1.1.39.

• 820db89 CI: Allow Py3.14 jobs to fail.
• 93ad02a docs: Add a note about C compiler installation to error message (GH-454)
• 16878da Add some hints to the documentation on how to build lxml (GH-453)
• 6ff7ed9 Fix contact email address on PyPI.
• 09c2cb2 Prepare release of lxml 5.3.2.
• a7d30eb Update changelog.
• 9160a04 Switch to libxml2 2.12.10.
• 9446c31 Remove outdated link.
• d25404f Build: Prevent using Cython 3.1 alpha.
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)