[3.11] gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 (GH-115164)#115289

miss-islington · 2024-02-11T10:08:51Z

Feeding the parser by too small chunks defers parsing to prevent
CVE-2023-52425. Future versions of Expat may be more reactive.
(cherry picked from commit 4a08e7b)

Co-authored-by: Serhiy Storchaka storchaka@gmail.com

Issue: test.test_xml_etree*.XMLPullParserTest.test_simple_xml fails with (system) expat 2.6.0 #115133

…GH-115164) Feeding the parser by too small chunks defers parsing to prevent CVE-2023-52425. Future versions of Expat may be more reactive. (cherry picked from commit 4a08e7b) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

https://build.opensuse.org/request/show/1146838 by user mcepl + anag+factory Forwarded request #1146787 from dgarcia - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289

bedevere-app bot added the awaiting review label Feb 11, 2024

This was referenced Feb 11, 2024

gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 #115164

Merged

test.test_xml_etree*.XMLPullParserTest.test_simple_xml fails with (system) expat 2.6.0 #115133

Closed

bedevere-app bot added the tests Tests in the Lib/test dir label Feb 11, 2024

serhiy-storchaka enabled auto-merge (squash) February 11, 2024 10:09

serhiy-storchaka merged commit 3501eca into python:3.11 Feb 11, 2024

bedevere-app bot removed the awaiting review label Feb 11, 2024

miss-islington deleted the backport-4a08e7b-3.11 branch January 2, 2026 16:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[3.11] gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 (GH-115164)#115289