From: Serhiy Storchaka Date: Wed, 19 Dec 2018 13:29:04 +0000 (+0200) Subject: Fix Python version since which external enities are not resolved by default. (GH... X-Git-Tag: v3.8.0a1~242 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=bf99bcf56c8b4e97b2737f9e751a563b625430ec;p=python Fix Python version since which external enities are not resolved by default. (GH-11237) --- diff --git a/Doc/library/xml.dom.pulldom.rst b/Doc/library/xml.dom.pulldom.rst index eb2b16bd6c..660c75c1a1 100644 --- a/Doc/library/xml.dom.pulldom.rst +++ b/Doc/library/xml.dom.pulldom.rst @@ -25,7 +25,7 @@ events until either processing is finished or an error condition occurs. maliciously constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. -.. versionchanged:: 3.8 +.. versionchanged:: 3.7.1 The SAX parser no longer processes general external entities by default to increase security by default. To enable processing of external entities, diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst index be1272940b..fb86b6f556 100644 --- a/Doc/library/xml.rst +++ b/Doc/library/xml.rst @@ -75,7 +75,7 @@ decompression bomb Safe Safe Safe S 2. :mod:`xml.dom.minidom` doesn't expand external entities and simply returns the unexpanded entity verbatim. 3. :mod:`xmlrpclib` doesn't expand external entities and omits them. -4. Since Python 3.8, external general entities are no longer processed by +4. Since Python 3.7.1, external general entities are no longer processed by default. diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst index 0b6973b8c8..6d351dfb4d 100644 --- a/Doc/library/xml.sax.rst +++ b/Doc/library/xml.sax.rst @@ -24,7 +24,7 @@ the SAX API. constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. -.. versionchanged:: 3.8 +.. versionchanged:: 3.7.1 The SAX parser no longer processes general external entities by default to increase security. Before, the parser created network connections