mirror of
https://github.com/python/cpython
synced 2024-10-14 22:28:32 +00:00
0a01ed6c2a
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: - `xml.etree.ElementTree.XMLParser.flush` - `xml.etree.ElementTree.XMLPullParser.flush` - `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled` - `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled` - `xml.sax.expatreader.ExpatParser.flush` Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 . - Please treat as a security fix related to CVE-2023-52425. (cherry picked from commit |
||
---|---|---|
.. | ||
__init__.py | ||
_exceptions.py | ||
expatreader.py | ||
handler.py | ||
saxutils.py | ||
xmlreader.py |