Message 295841 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	ned.deily
Recipients	Natanael Copa, benjamin.peterson, christian.heimes, larry, ned.deily, vstinner, yan12125
Date	2017-06-13.03:03:46
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1497323027.29.0.828118224018.issue29591@psf.upfronthosting.co.za>
In-reply-to

Content
Note that a duplicate of this issue was opened as Issue30610 and @matrixise was working on a PR there to update the embedded expat to 2.2.0. Since there are CVE's and a demo crash supplied in Issue30610, it seems to me we need to fix this for 3.6.2rc1 so I'm making this a "release blocker" and delaying the release. I'm willing to be convinced otherwise. Christian or Victor, can one of you please follow up on this for the 3.6 branch ASAP? Thanks!

Note that a duplicate of this issue was opened as Issue30610 and @matrixise was working on a PR there to update the embedded expat to 2.2.0.  Since there are CVE's and a demo crash supplied in Issue30610, it seems to me we need to fix this for 3.6.2rc1 so I'm making this a "release blocker" and delaying the release.  I'm willing to be convinced otherwise.  Christian or Victor, can one of you please follow up on this for the 3.6 branch ASAP?  Thanks!

History
Date	User	Action	Args
2017-06-13 03:03:47	ned.deily	set	recipients: + ned.deily, vstinner, larry, christian.heimes, benjamin.peterson, yan12125, Natanael Copa
2017-06-13 03:03:47	ned.deily	set	messageid: <1497323027.29.0.828118224018.issue29591@psf.upfronthosting.co.za>
2017-06-13 03:03:47	ned.deily	link	issue29591 messages
2017-06-13 03:03:46	ned.deily	create