Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.7k
Closed
Assignees
Description
Bug report
Bug description:
Hi! 👋
Please upgrade bundled Expat to 2.7.1 (e.g. for the fix to what can be argued aregression that came with the fix forCVE-2024-8176 in Expat 2.7.0).
- GitHub release:https://github.com/libexpat/libexpat/releases/tag/R_2_7_1
- Change log:https://github.com/libexpat/libexpat/blob/R_2_7_1/expat/Changes
The CPython issue for previous 2.7.0 was#131261 and the related merged main pull request was#131272, in case you want to have a look. TheDockerfile from comment#123689 (review) could be of help with raising confidence in a bump pull request when going forward.
Thanks in advance!
CPython versions tested on:
3.9, 3.10, CPython main branch, 3.14, 3.13, 3.12, 3.11
Operating systems tested on:
Other, Windows, macOS, Linux
Linked PRs
- gh-131809: Upgrade vendored expat to 2.7.1 #132192
- gh-131809: Upgrade libexpat to 2.7.1 #132235
- [3.13] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132236
- [3.12] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132237
- [3.11] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132240
- [3.10] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132241
- [3.9] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132242
Metadata
Metadata
Assignees
Labels
Projects
Status
Done