Skip to content

Upgrade bundled expat to 2.5.0 #98739

New issue
New issue
Closed
Closed
Upgrade bundled expat to 2.5.0#98739
Assignees
ambvned-deily
Labels
3.7 (EOL)end of life3.8 (EOL)end of life3.9only security fixesrelease-blockertype-bugAn unexpected behavior, bug, or errortype-securityA security issue
@scdub

Description

@scdub
scdub
opened on Oct 26, 2022

Upgrade the bundled libexpat version to 2.5.0 which includes a fix for CVE-2022-43680. I haven't evaluated whether CPython is directly impacted by this CVE, but can confirm that it is detected by binary analysis tools such as Black Duck.

Related libexpat changelog includes additional fixes and details.

Metadata

Metadata

Assignees

Labels

3.7 (EOL)end of life3.8 (EOL)end of life3.9only security fixesrelease-blockertype-bugAn unexpected behavior, bug, or errortype-securityA security issue

Projects

Release and Deferred blockers 🚫

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy