1. Christian Heimes
  2. defusedxml


Christian Heimes  committed 6f66d6e

note about demo exploit

  • Participants
  • Parent commits 82f4037
  • Branches default

Comments (0)

Files changed (1)

File CHANGES.txt

View file
  • Ignore whitespace
 - As per http://seclists.org/oss-sec/2013/q1/340 please REJECT
   CVE-2013-0278, CVE-2013-0279 and CVE-2013-0280 and use CVE-2013-1664,
   CVE-2013-1665 for OpenStack/etc.
 - Add missing parser_list argument to sax.make_parser(). The argument is
   ignored, though. (thanks to Florian Apolloner)
+- Add demo exploit for external entity attack on Python's SAX parser.
 defusedxml 0.3