From bf99bcf56c8b4e97b2737f9e751a563b625430ec Mon Sep 17 00:00:00 2001 From: Serhiy Storchaka Date: Wed, 19 Dec 2018 15:29:04 +0200 Subject: Fix Python version since which external enities are not resolved by default. (GH-11237) --- Doc/library/xml.dom.pulldom.rst | 2 +- Doc/library/xml.rst | 2 +- Doc/library/xml.sax.rst | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Doc/library/xml.dom.pulldom.rst b/Doc/library/xml.dom.pulldom.rst index eb2b16b..660c75c 100644 --- a/Doc/library/xml.dom.pulldom.rst +++ b/Doc/library/xml.dom.pulldom.rst @@ -25,7 +25,7 @@ events until either processing is finished or an error condition occurs. maliciously constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. -.. versionchanged:: 3.8 +.. versionchanged:: 3.7.1 The SAX parser no longer processes general external entities by default to increase security by default. To enable processing of external entities, diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst index be12729..fb86b6f 100644 --- a/Doc/library/xml.rst +++ b/Doc/library/xml.rst @@ -75,7 +75,7 @@ decompression bomb Safe Safe Safe S 2. :mod:`xml.dom.minidom` doesn't expand external entities and simply returns the unexpanded entity verbatim. 3. :mod:`xmlrpclib` doesn't expand external entities and omits them. -4. Since Python 3.8, external general entities are no longer processed by +4. Since Python 3.7.1, external general entities are no longer processed by default. diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst index 0b6973b..6d351df 100644 --- a/Doc/library/xml.sax.rst +++ b/Doc/library/xml.sax.rst @@ -24,7 +24,7 @@ the SAX API. constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. -.. versionchanged:: 3.8 +.. versionchanged:: 3.7.1 The SAX parser no longer processes general external entities by default to increase security. Before, the parser created network connections -- cgit v0.12