Skip to content

[3.5][Security] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 #3354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
larryhastings merged 4 commits into from
Sep 25, 2017
Merged

[3.5][Security] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 #3354

larryhastings merged 4 commits into from
Sep 25, 2017

Conversation

@vstinner
Copy link
Member

@vstinner vstinner commented Sep 5, 2017
edited by bedevere-bot
Loading

https://bugs.python.org/issue30947

@vstinner
bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4
1942f62 
* Upgrade libexpat embedded copy from version 2.2.1 to 2.2.3 to get security
  fixes.

* Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial
  characters for UTF-8 input (libexpat bug 115):
  libexpat/libexpat#115
@vstinner vstinner added the type-security A security issue label Sep 5, 2017
@vstinner vstinner changed the title [3.5] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 [3.5][Security] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 Sep 8, 2017
@vstinner vstinner mentioned this pull request Sep 13, 2017
Closed
@vstinner vstinner requested review from gpshead and tiran September 13, 2017 00:57
@vstinner
Copy link
Member Author

vstinner commented Sep 13, 2017

This PR fixes the following security vulnerabilities on Windows and macOS: http://python-security.readthedocs.io/vuln/expat_2.2.3.html

gpshead
gpshead approved these changes Sep 13, 2017
View reviewed changes
Copy link
Member

@gpshead gpshead left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just glanced over it, looks like a valid expat update. I'm not reviewing the expat internal changes themselves. :)

@larryhastings larryhastings merged commit f2492bb into python:3.5 Sep 25, 2017
@vstinner vstinner deleted the expat224_35 branch September 27, 2017 09:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gpshead gpshead gpshead approved these changes

@larryhastings larryhastings Awaiting requested review from larryhastings

@tiran tiran Awaiting requested review from tiran

Assignees

No one assigned

Labels

type-security A security issue

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@vstinner @gpshead @Mariatta @larryhastings @the-knights-who-say-ni @bedevere-bot