[Python-Dev] cpython (2.7): Issue 17538: Document XML vulnerabilties
Antoine Pitrou
solipsis at pitrou.net
Tue Mar 26 19:41:46 CET 2013
More information about the Python-Dev mailing list
Tue Mar 26 19:41:46 CET 2013
- Previous message: [Python-Dev] [RELEASED] Python 3.2.4 rc 1 and Python 3.3.1 rc 1
- Next message: [Python-Dev] cpython (2.7): Issue 17538: Document XML vulnerabilties
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 26 Mar 2013 17:53:39 +0100 (CET) christian.heimes <python-checkins at python.org> wrote: > + > +The XML processing modules are not secure against maliciously constructed data. > +An attacker can abuse vulnerabilities for e.g. denial of service attacks, to > +access local files, to generate network connections to other machines, or > +to or circumvent firewalls. Really? Where does the "access local files, generate network connections, circumvent firewalls" allegation come from? Regards Antoine.
- Previous message: [Python-Dev] [RELEASED] Python 3.2.4 rc 1 and Python 3.3.1 rc 1
- Next message: [Python-Dev] cpython (2.7): Issue 17538: Document XML vulnerabilties
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list