Expose Expat XML attack protection APIs #90949
Description
| BPO | 46793 |
|---|---|
| Nosy | @gpshead, @hartwork, @corona10 |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
assignee = None
closed_at = None
created_at = <Date 2022-02-18.21:27:31.809>
labels = ['type-feature', '3.11']
title = 'expose expat XML billion laughs attack mitigation APIs'
updated_at = <Date 2022-02-25.02:16:52.654>
user = 'https://github.com/gpshead'bugs.python.org fields:
activity = <Date 2022-02-25.02:16:52.654>
actor = 'sping'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = []
creation = <Date 2022-02-18.21:27:31.809>
creator = 'gregory.p.smith'
dependencies = []
files = []
hgrepos = []
issue_num = 46793
keywords = []
message_count = 2.0
messages = ['413513', '413955']
nosy_count = 3.0
nosy_names = ['gregory.p.smith', 'sping', 'corona10']
pr_nums = []
priority = 'normal'
resolution = None
stage = 'needs patch'
status = 'open'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue46793'
versions = ['Python 3.11']Linked PRs
- gh-90949: add Expat API to prevent XML deadly allocations #139234
- gh-90949: amend GH-139234 in prevision of future mitigation API #139366
- [3.14] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) #139359
- [3.13] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) #139367
- [3.12] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) #139527
- [3.11] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) #139529
- [3.10] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) #139532
- gh-90949: expose Expat API to tune exponential expansion protections #139368
- gh-90949: Fix an "unused function" compiler warning introduced in GH-139234 #139558