On 23 Mar 2014 10:18, "Christian Heimes" <christian@python.org> wrote:
>
> On 23.03.2014 01:01, Antoine Pitrou wrote:
> > This is a bit limited. There are remotely-exploitable security issues
> > which are still open on the bug tracker; they are not
> > cryptography-related, but that shouldn't make a difference.
> >
> > (for example the dreaded XML issues have never been properly fixed,
> > AFAICT)
>
> True, you may blame me for the situation. Only a handful of people were
> interested in the XML issues. I ran out of steam and moved to more sapid
> topics, too.

The key difference there is we're not reliant on defusedxml to download defusedxml :)

Anyway, folks have given me plenty of good feedback to chew over. I'm going to go run some errands and then try to get a new revision posted this afternoon.

Cheers,
Nick.

>
> Christian
>
> _______________________________________________
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com