Skip to content

[3.6] bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28042)#28080

Merged
ned-deily merged 1 commit intopython:3.6from
ned-deily:bpo-44394-36
Aug 31, 2021
Merged

[3.6] bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28042)#28080
ned-deily merged 1 commit intopython:3.6from
ned-deily:bpo-44394-36

Conversation

@ned-deily
Copy link
Copy Markdown
Member

@ned-deily ned-deily commented Aug 31, 2021
edited by bedevere-bot
Loading

Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the
fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy
is most used on Windows and macOS.

Co-authored-by: Victor Stinner vstinner@python.org

Co-authored-by: Łukasz Langa lukasz@langa.pl.
(cherry picked from commit 3fc5d84)

https://bugs.python.org/issue44394

@ambv @ned-deily
[3.6] bpo-44394: Update libexpat copy to 2.4.1 (pythonGH-26945) (pyth…
4013a8d 
…onGH-28042)

Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the
fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy
is most used on Windows and macOS.

Co-authored-by: Victor Stinner <vstinner@python.org>

Co-authored-by: Łukasz Langa <lukasz@langa.pl>.
(cherry picked from commit 3fc5d84)
@ned-deily ned-deily merged commit 910886a into python:3.6 Aug 31, 2021
@ned-deily ned-deily deleted the bpo-44394-36 branch September 4, 2021 22:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ned-deily @the-knights-who-say-ni @bedevere-bot @ambv