diff options
Diffstat (limited to 'Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst')
| -rw-r--r-- | Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst b/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst new file mode 100644 index 0000000000..e32563d253 --- /dev/null +++ b/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst @@ -0,0 +1,3 @@ +Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix +for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used +on Windows and macOS. |