Author gregory.p.smith
Recipients Arfrever, Jim.Jewett, amaury.forgeotdarc, barry, benjamin.peterson, dmalcolm, georg.brandl, gregory.p.smith, pitrou, python-dev
Date 2012-07-14.21:39:33
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Reasons why it is a good idea to apply this change to 2.7.4 and 3.2.4:

* Memory leak in poolGrow (CVE-2012-1148)
* Resource leak in readfilemap.c (CVE-2012-1147)
* Buffer over-read and crash in big2_toUtf8 (CVE-2009-3560)
* Parser crash with special UTF-8 sequences (CVE-2009-3270)
* Dangling positionPtr after error (2855609) - - Specifically reported by a pyexpat user.
* Unitialized memory returned from XML_Parse (3206497) -

The features 2.1.0 adds over 2.0.x are not exposed to pyexpat or Python users.
Date User Action Args
2012-07-14 21:39:34gregory.p.smithsetrecipients: + gregory.p.smith, barry, georg.brandl, amaury.forgeotdarc, pitrou, benjamin.peterson, Arfrever, dmalcolm, python-dev, Jim.Jewett
2012-07-14 21:39:34gregory.p.smithsetmessageid: <>
2012-07-14 21:39:33gregory.p.smithlinkissue14340 messages
2012-07-14 21:39:33gregory.p.smithcreate