Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst


1
2
3

Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix
for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used
on Windows and macOS.