cpython: e05c546062a1 (original) (raw)
Mercurial > cpython
changeset 104481:e05c546062a1 3.5
Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. [#18789]
| Guido van Rossum guido@python.org | |
|---|---|
| date | Thu, 13 Oct 2016 14:31:50 -0700 |
| parents | 7eb4fe57492f |
| children | beed43d7dc46 7fb90c4ae643 |
| files | Doc/library/xml.rst |
| diffstat | 1 files changed, 9 insertions(+), 9 deletions(-)[+] [-] Doc/library/xml.rst 18 |
line wrap: on
line diff
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -60,15 +60,15 @@ circumvent firewalls.
The following table gives an overview of the known attacks and whether
the various modules are vulnerable to them.
-========================= ======== ========= ========= ======== =========
-kind sax etree minidom pulldom xmlrpc
-========================= ======== ========= ========= ======== =========
-billion laughs Yes Yes Yes Yes Yes
-quadratic blowup Yes Yes Yes Yes Yes
-external entity expansion Yes No (1) No (2) Yes No (3)
-DTD_ retrieval Yes No No Yes No
-decompression bomb No No No No Yes
-========================= ======== ========= ========= ======== =========
+========================= ============== =============== ============== ============== ==============
+kind sax etree minidom pulldom xmlrpc
+========================= ============== =============== ============== ============== ==============
+billion laughs Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
+quadratic blowup Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
+external entity expansion Vulnerable Safe (1) Safe (2) Vulnerable Safe (3)
+DTD_ retrieval Vulnerable Safe Safe Vulnerable Safe
+decompression bomb Safe Safe Safe Safe Vulnerable
+========================= ============== =============== ============== ============== ==============