[Python-Dev] XML DoS vulnerabilities and exploits in Python
Benjamin Peterson
benjamin at python.org
Wed Feb 20 17:25:29 CET 2013
More information about the Python-Dev mailing list
Wed Feb 20 17:25:29 CET 2013
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2013/2/19 Christian Heimes <christian at python.org>: > Hello, > > in August 2012 I found a DoS vulnerability in expat and XML libraries in > Python's standard library. Since then I have found several more issues. > I have been working on fixes ever since. > > The README of https://pypi.python.org/pypi/defusedxml contains detailed > explanations of my research and all issues > > > Blog post: > http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html > > Hotfixes: > https://pypi.python.org/pypi/defusedxml > https://pypi.python.org/pypi/defusedexpat Are these going to become patches for Python, too? -- Regards, Benjamin
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list