Issue 17538: Document XML vulnerabilties

author: Christian Heimes <christian@cheimes.de> 2013-03-26 17:47:23 +0100
committer: Christian Heimes <christian@cheimes.de> 2013-03-26 17:47:23 +0100
commit: 768f6a53601a6c4e0b914aaedb977dd2ca97532a (patch)
tree: 0a15e62fa957038dd0e6ad2cd704d3378ac336a5 /Doc/library/xml.etree.elementtree.rst
parent: c40f97f8beaacfb834d3f4f22d581e37dd82c14d (diff)
parent: 7380a67267d9ec59b70617ea59ff31819f530942 (diff)
download: cpython-git-768f6a53601a6c4e0b914aaedb977dd2ca97532a.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/Doc/library/xml.etree.elementtree.rst b/Doc/library/xml.etree.elementtree.rst
index 144e344397..e429f04d72 100644
--- a/Doc/library/xml.etree.elementtree.rst
+++ b/Doc/library/xml.etree.elementtree.rst
@@ -12,6 +12,13 @@ for parsing and creating XML data.
    This module will use a fast implementation whenever available.
    The :mod:`xml.etree.cElementTree` module is deprecated.
 
+
+.. warning::
+
+   The :mod:`xml.etree.ElementTree` module is not secure against
+   maliciously constructed data.  If you need to parse untrusted or
+   unauthenticated data see :ref:`xml-vulnerabilities`.
+
 Tutorial
 --------
author	Christian Heimes <christian@cheimes.de>	2013-03-26 17:47:23 +0100
committer	Christian Heimes <christian@cheimes.de>	2013-03-26 17:47:23 +0100
commit	768f6a53601a6c4e0b914aaedb977dd2ca97532a (patch)
tree	0a15e62fa957038dd0e6ad2cd704d3378ac336a5 /Doc/library/xml.etree.elementtree.rst
parent	c40f97f8beaacfb834d3f4f22d581e37dd82c14d (diff)
parent	7380a67267d9ec59b70617ea59ff31819f530942 (diff)
download	cpython-git-768f6a53601a6c4e0b914aaedb977dd2ca97532a.tar.gz