Team,

Thanks for the response.

I would like to know if security vulnerabilities on libxml2 holds good for lxml. We are using lxml-3.3.4.win-amd64-py2.7.exe in our project. After installation, I could only see .h files inside libxml fodler of lxml. (C:\Python27\Lib\site-packages\lxml\includes\libxml). I would like to know about the implementations of these header file functions. Because most of the vulnerabilities mentioned are part of .c files. Kindly get back.

Regards,

Swarna

On Fri, Sep 1, 2017 at 1:02 AM, Stefan Behnel <stefan_ml@behnel.de> wrote:

Swarnalatha Kannan schrieb am 30.08.2017 um 04:16:
> 1. Let me know the tentative release timeline for lxml4.0.

Soon, rather days or weeks than months.

> 2. Let me know the steps to compile lxml with required version of libxml2.

I encourage you to test the latest pre-release versions and see if they
work for you.

On most non-Windows systems, you can build lxml statically with these
versions by setting these environment variables:

LIBXML2_VERSION=2.9.5-rc2
LIBXSLT_VERSION=1.1.30-rc2
STATIC_DEPS=true

Note that you might need the latest lxml master for that, as I had to apply
some fixes to make it compile with the latest libxml2. If you don't have
the lzma dev headers installed, it might also work with the current lxml
release version.

Stefan
_________________________________________________________________
Mailing list for the lxml Python XML toolkit - http://lxml.de/
lxml@lxml.de
https://mailman-mail5.webfaction.com/listinfo/lxml