(original) (raw)

On 23 Mar 2014 10:18, "Christian Heimes" <christian@python.org> wrote:
\>
\> On 23.03.2014 01:01, Antoine Pitrou wrote:
\> > This is a bit limited. There are remotely-exploitable security issues
\> > which are still open on the bug tracker; they are not
\> > cryptography-related, but that shouldn't make a difference.
\> >
\> > (for example the dreaded XML issues have never been properly fixed,
\> > AFAICT)
\>
\> True, you may blame me for the situation. Only a handful of people were
\> interested in the XML issues. I ran out of steam and moved to more sapid
\> topics, too.

The key difference there is we're not reliant on defusedxml to download defusedxml :)

Anyway, folks have given me plenty of good feedback to chew over. I'm going to go run some errands and then try to get a new revision posted this afternoon.

Cheers,
Nick.

>
\> Christian
\>
\> \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
\> Python-Dev mailing list
\> Python-Dev@python.org
\> https://mail.python.org/mailman/listinfo/python-dev
\> Unsubscribe: https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com