cpython: 760403522d6b (original) (raw)
Mercurial > cpython
changeset 104484:760403522d6b 2.7
Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (backport to 2.7) [#18789]
| Guido van Rossum guido@python.org | |
|---|---|
| date | Thu, 13 Oct 2016 14:34:20 -0700 |
| parents | bc8a4b121aec |
| children | 94f02193f00f |
| files | Doc/library/xml.rst |
| diffstat | 1 files changed, 9 insertions(+), 9 deletions(-)[+] [-] Doc/library/xml.rst 18 |
line wrap: on
line diff
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -56,15 +56,15 @@ like inline DTD_ (document type defini
The following table gives an overview of the known attacks and if the various
modules are vulnerable to them.
-========================= ======== ========= ========= ======== =========
-kind sax etree minidom pulldom xmlrpc
-========================= ======== ========= ========= ======== =========
-billion laughs Yes Yes Yes Yes Yes
-quadratic blowup Yes Yes Yes Yes Yes
-external entity expansion Yes No (1) No (2) Yes No (3)
-DTD_ retrieval Yes No No Yes No
-decompression bomb No No No No Yes
-========================= ======== ========= ========= ======== =========
+========================= ============== =============== ============== ============== ==============
+kind sax etree minidom pulldom xmlrpc
+========================= ============== =============== ============== ============== ==============
+billion laughs Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
+quadratic blowup Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
+external entity expansion Vulnerable Safe (1) Safe (2) Vulnerable Safe (3)
+DTD_ retrieval Vulnerable Safe Safe Vulnerable Safe
+decompression bomb Safe Safe Safe Safe Vulnerable
+========================= ============== =============== ============== ============== ==============