Issue 18789: XML Vunerability Table Unclear (original) (raw)

Created on 2013-08-20 14:22 by joe-tennies, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
issue18789.patch	Mariatta,2016-10-07 04:48	review

Messages (8)
msg195691 - (view)	Author: Joe Tennies (joe-tennies)	Date: 2013-08-20 14:22
EASY This is an issue with the 2.x and 3.x documentation. http://docs.python.org/3.2/library/xml.html#xml-vulnerabilities http://docs.python.org/dev/library/xml.html#xml-vulnerabilities http://docs.python.org/2/library/xml.html#xml-vulnerabilities This section has a table with a bunch of Trues and Falses. This is a bit confusing, especially for something that is trying to describe security concerns. After looking at the table, I'm pretty sure that True means vunerable (only due to the (1), (2), & (3) comments), but it's not clear. All that is needed is a heading stating "Vunerable", or change the "True" to "Vunerable" and "False" to "Not Vunerable" (probably V and NV w/ a legend).
msg242806 - (view)	Author: Mark Lawrence (BreamoreBoy) *	Date: 2015-05-09 11:02
@Joe The latest documentation has an additional sentence above the table "The following table gives an overview of the known attacks and whether the various modules are vulnerable to them." and the table has been changed to say Yes or No. Is this okay with you?
msg242883 - (view)	Author: Raymond Hettinger (rhettinger) *	Date: 2015-05-11 04:08
The table would still be more clear with "safe" and "vulnerable" entries.
msg278207 - (view)	Author: Mariatta (Mariatta) *	Date: 2016-10-06 19:36
I'll work on this :)
msg278230 - (view)	Author: Mariatta (Mariatta) *	Date: 2016-10-07 04:48
Hi, here is the patch. I followed Raymond's suggestion to use 'vulnerable' or 'safe' instead of the original 'True' or 'False'. Please check it out. Thanks :)
msg278620 - (view)	Author: Roundup Robot (python-dev)	Date: 2016-10-13 21:33
New changeset e05c546062a1 by Guido van Rossum in branch '3.5': Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. https://hg.python.org/cpython/rev/e05c546062a1 New changeset beed43d7dc46 by Guido van Rossum in branch '3.6': Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (3.5->3.6) https://hg.python.org/cpython/rev/beed43d7dc46 New changeset 9513fac97ddd by Guido van Rossum in branch 'default': Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (3.6->3.7) https://hg.python.org/cpython/rev/9513fac97ddd
msg278621 - (view)	Author: Guido van Rossum (gvanrossum) *	Date: 2016-10-13 21:33
Thanks again!
msg278622 - (view)	Author: Roundup Robot (python-dev)	Date: 2016-10-13 21:35
New changeset 760403522d6b by Guido van Rossum in branch '2.7': Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (backport to 2.7) https://hg.python.org/cpython/rev/760403522d6b

History
Date	User	Action	Args
2022-04-11 14:57:49	admin	set	github: 62989
2016-10-13 21:35:36	python-dev	set	messages: +
2016-10-13 21:33:31	gvanrossum	set	status: open -> closednosy: + gvanrossummessages: + resolution: fixedstage: resolved
2016-10-13 21:33:03	python-dev	set	nosy: + python-devmessages: +
2016-10-07 04:48:39	Mariatta	set	files: + issue18789.patchkeywords: + patchmessages: +
2016-10-06 19:36:18	Mariatta	set	messages: +
2016-10-06 19:34:45	Mariatta	set	nosy: + Mariatta
2016-09-24 19:27:00	BreamoreBoy	set	nosy: - BreamoreBoy
2016-09-24 19:12:21	christian.heimes	set	keywords: + easytype: security -> enhancementversions: + Python 3.5, Python 3.6, Python 3.7, - Python 3.3, Python 3.4
2015-05-11 04:08:31	rhettinger	set	nosy: + rhettingermessages: +
2015-05-09 11:02:33	BreamoreBoy	set	nosy: + BreamoreBoymessages: +
2013-08-20 14:37:58	serhiy.storchaka	set	components: + XMLversions: - Python 3.2, Python 3.5
2013-08-20 14:23:55	christian.heimes	set	nosy: + christian.heimes
2013-08-20 14:22:54	joe-tennies	create