[Python-checkins] Fix Python version since which external enities are not resolved by default. (GH-11237)

Serhiy Storchaka webhook-mailer at python.org
Wed Dec 19 08:29:07 EST 2018 

https://github.com/python/cpython/commit/bf99bcf56c8b4e97b2737f9e751a563b625430ec
commit: bf99bcf56c8b4e97b2737f9e751a563b625430ec
branch: master
author: Serhiy Storchaka <storchaka at gmail.com>
committer: GitHub <noreply at github.com>
date: 2018-12-19T15:29:04+02:00
summary:

Fix Python version since which external enities are not resolved by default. (GH-11237)

files:
M Doc/library/xml.dom.pulldom.rst
M Doc/library/xml.rst
M Doc/library/xml.sax.rst

diff --git a/Doc/library/xml.dom.pulldom.rst b/Doc/library/xml.dom.pulldom.rst
index eb2b16bd6c0b..660c75c1a1b3 100644
--- a/Doc/library/xml.dom.pulldom.rst
+++ b/Doc/library/xml.dom.pulldom.rst
@@ -25,7 +25,7 @@ events until either processing is finished or an error condition occurs.
    maliciously constructed data.  If you need to parse untrusted or
    unauthenticated data see :ref:`xml-vulnerabilities`.
 
-.. versionchanged:: 3.8
+.. versionchanged:: 3.7.1
 
    The SAX parser no longer processes general external entities by default to
    increase security by default. To enable processing of external entities,
diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst
index be1272940b8e..fb86b6f5564d 100644
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -75,7 +75,7 @@ decompression bomb         Safe             Safe              Safe             S
 2. :mod:`xml.dom.minidom` doesn't expand external entities and simply returns
    the unexpanded entity verbatim.
 3. :mod:`xmlrpclib` doesn't expand external entities and omits them.
-4. Since Python 3.8, external general entities are no longer processed by
+4. Since Python 3.7.1, external general entities are no longer processed by
    default.
 
 
diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst
index 0b6973b8c8a8..6d351dfb4d70 100644
--- a/Doc/library/xml.sax.rst
+++ b/Doc/library/xml.sax.rst
@@ -24,7 +24,7 @@ the SAX API.
    constructed data.  If you need to parse untrusted or unauthenticated data see
    :ref:`xml-vulnerabilities`.
 
-.. versionchanged:: 3.8
+.. versionchanged:: 3.7.1
 
    The SAX parser no longer processes general external entities by default
    to increase security. Before, the parser created network connections

More information about the Python-checkins mailing list