Re: [Python-Dev] We cannot fix all issues: let's close XML security issues (not fix them)

Victor Stinner 2018年9月07日 00:04:59 -0700

Le jeu. 6 sept. 2018 à 21:10, Steve Dower <[email protected]> a écrit :
> If Christian is not able to keep maintaining the defused* packages, then
> I may take a look at this next week at the sprints. The built-in XML
> packages actually don't meet Microsoft's internal security requirements,
> so I have some business motivation to do it.

Great! The best would be to be able to merge defuse* features into the
stdlib. Maybe not change the default, but add an option to enable
security counter-measures.
Victor
_______________________________________________
Python-Dev mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

• Previous message
• View by thread
• View by date
• Next message

• [Python-Dev] We cannot fix all issues: let's clos... Victor Stinner
• • Re: [Python-Dev] We cannot fix all issues: l... Antoine Pitrou
  • • Re: [Python-Dev] We cannot fix all issue... Victor Stinner
    • • Re: [Python-Dev] We cannot fix all i... Antoine Pitrou
      • • Re: [Python-Dev] We cannot fix a... Victor Stinner
        • • Re: [Python-Dev] We cannot ... Antoine Pitrou
          • Re: [Python-Dev] We cannot ... Steve Dower
          • • Re: [Python-Dev] We can... Victor Stinner
            • • [Python-Dev] Fwd: W... PMS PMS
              • Re: [Python-Dev] Fw... Victor Stinner
              • Re: [Python-Dev] Fw... Abdur-Rahmaan Janhangeer
              • Re: [Python-Dev] Fw... Christian Heimes
        • Re: [Python-Dev] We cannot fix a... Guido van Rossum
        • • Re: [Python-Dev] We cannot ... Ryan Gonzalez
          • • Re: [Python-Dev] We can... Simon Cross
            • Re: [Python-Dev] We can... Tres Seaver
            • Re: [Python-Dev] We can... Terry Reedy
          • Re: [Python-Dev] We cannot ... Christian Heimes