Message295841
Note that a duplicate of this issue was opened as Issue30610 and @matrixise was working on a PR there to update the embedded expat to 2.2.0. Since there are CVE's and a demo crash supplied in Issue30610, it seems to me we need to fix this for 3.6.2rc1 so I'm making this a "release blocker" and delaying the release. I'm willing to be convinced otherwise. Christian or Victor, can one of you please follow up on this for the 3.6 branch ASAP? Thanks! |
|
Date |
User |
Action |
Args |
2017-06-13 03:03:47 | ned.deily | set | recipients:
+ ned.deily, vstinner, larry, christian.heimes, benjamin.peterson, yan12125, Natanael Copa |
2017-06-13 03:03:47 | ned.deily | set | messageid: <1497323027.29.0.828118224018.issue29591@psf.upfronthosting.co.za> |
2017-06-13 03:03:47 | ned.deily | link | issue29591 messages |
2017-06-13 03:03:46 | ned.deily | create | |
|