[Python-Dev] XML DoS vulnerabilities and exploits in Python

[Maciej Fijalkowski]

On Wed, Feb 20, 2013 at 8:24 PM, Christian Heimes <christian at python.org> wrote:
> Am 20.02.2013 17:25, schrieb Benjamin Peterson:
>> Are these going to become patches for Python, too?
>
> I'm working on it. The patches need to be discussed as they break
> backward compatibility and AFAIK XML standards, too.

That's not very good. XML parsers are supposed to parse XML according
to standards. Is the goal to have them actually do that, or just
address DDOS issues?

Cheers,
fijal