[Python-Dev] Status of XML fixes
Antoine Pitrou
solipsis at pitrou.net
Sun Mar 17 19:59:52 CET 2013
More information about the Python-Dev mailing list
Sun Mar 17 19:59:52 CET 2013
- Previous message: [Python-Dev] Status of XML fixes
- Next message: [Python-Dev] Status of XML fixes
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, 17 Mar 2013 20:00:19 +0100 Stefan Behnel <stefan_ml at behnel.de> wrote: > Eli Bendersky, 17.03.2013 19:25: > > IMHO Benjamin is right, given that this attack has been known to exist > > since 2003. Moreover, as it appears that no changes whatsoever are going to > > make it into 2.7, I don't see why patching of 3.1, 3.2 and 3.3 is needed. > > As for 3.4, it can't hurt to add an opt-in option for a safe mode to the > > affected libraries. > > Why keep the libraries vulnerable for another year (3.4 final is expected > for early 2014), if there is something we can do about them now? Well, Christian said that his stdlib patch wasn't ready yet. Regards Antoine.
- Previous message: [Python-Dev] Status of XML fixes
- Next message: [Python-Dev] Status of XML fixes
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list