Message295504
What is the first expat version which isn't vulnerable?
I guess that this issue only impacts platforms which don't use --with-system-expat. Linux distributions use the system expat library for example.
Currently, the Python master branch embeds a copy of expat 2.1.1:
Modules/expat/expat.h
#define XML_MAJOR_VERSION 2
#define XML_MINOR_VERSION 1
#define XML_MICRO_VERSION 1 |
|
Date |
User |
Action |
Args |
2017-06-09 09:29:13 | vstinner | set | recipients:
+ vstinner, Duy Phan Thanh |
2017-06-09 09:29:13 | vstinner | set | messageid: <1497000553.71.0.674422330477.issue30610@psf.upfronthosting.co.za> |
2017-06-09 09:29:13 | vstinner | link | issue30610 messages |
2017-06-09 09:29:13 | vstinner | create | |
|