This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author ned.deily
Recipients Natanael Copa, benjamin.peterson, christian.heimes, larry, ned.deily, vstinner, yan12125
Date 2017-06-13.03:03:46
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Note that a duplicate of this issue was opened as Issue30610 and @matrixise was working on a PR there to update the embedded expat to 2.2.0.  Since there are CVE's and a demo crash supplied in Issue30610, it seems to me we need to fix this for 3.6.2rc1 so I'm making this a "release blocker" and delaying the release.  I'm willing to be convinced otherwise.  Christian or Victor, can one of you please follow up on this for the 3.6 branch ASAP?  Thanks!
Date User Action Args
2017-06-13 03:03:47ned.deilysetrecipients: + ned.deily, vstinner, larry, christian.heimes, benjamin.peterson, yan12125, Natanael Copa
2017-06-13 03:03:47ned.deilysetmessageid: <>
2017-06-13 03:03:47ned.deilylinkissue29591 messages
2017-06-13 03:03:46ned.deilycreate