[Python-Dev] XML DoS vulnerabilities and exploits in Python

Maciej Fijalkowski fijall at gmail.com
Wed Feb 20 21:17:43 CET 2013

On Wed, Feb 20, 2013 at 8:24 PM, Christian Heimes <christian at python.org> wrote:
> Am 20.02.2013 17:25, schrieb Benjamin Peterson:
>> Are these going to become patches for Python, too?
> I'm working on it. The patches need to be discussed as they break
> backward compatibility and AFAIK XML standards, too.

That's not very good. XML parsers are supposed to parse XML according
to standards. Is the goal to have them actually do that, or just
address DDOS issues?


More information about the Python-Dev mailing list