Issue 17538: Document XML vulnerabilties

author: Christian Heimes <christian@cheimes.de> 2013-03-26 17:48:28 +0100
committer: Christian Heimes <christian@cheimes.de> 2013-03-26 17:48:28 +0100
commit: 055233dcc6b68e1d3e64d9737748652283840665 (patch)
tree: ce1f1fa6459eb94600669a2bf17b9310a068828a /Doc/library/xml.etree.elementtree.rst
parent: 0e47435f7fa8050b0c7f7149365cebd7a478c37f (diff)
parent: a1c42881da4e4cfce43965c738b8cc125711149f (diff)
download: cpython-055233dcc6b68e1d3e64d9737748652283840665.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/Doc/library/xml.etree.elementtree.rst b/Doc/library/xml.etree.elementtree.rst
index 2a9f9b30b0..6af287f1b1 100644
--- a/Doc/library/xml.etree.elementtree.rst
+++ b/Doc/library/xml.etree.elementtree.rst
@@ -12,6 +12,13 @@ for parsing and creating XML data.
    This module will use a fast implementation whenever available.
    The :mod:`xml.etree.cElementTree` module is deprecated.
 
+
+.. warning::
+
+   The :mod:`xml.etree.ElementTree` module is not secure against
+   maliciously constructed data.  If you need to parse untrusted or
+   unauthenticated data see :ref:`xml-vulnerabilities`.
+
 Tutorial
 --------
author	Christian Heimes <christian@cheimes.de>	2013-03-26 17:48:28 +0100
committer	Christian Heimes <christian@cheimes.de>	2013-03-26 17:48:28 +0100
commit	055233dcc6b68e1d3e64d9737748652283840665 (patch)
tree	ce1f1fa6459eb94600669a2bf17b9310a068828a /Doc/library/xml.etree.elementtree.rst
parent	0e47435f7fa8050b0c7f7149365cebd7a478c37f (diff)
parent	a1c42881da4e4cfce43965c738b8cc125711149f (diff)
download	cpython-055233dcc6b68e1d3e64d9737748652283840665.tar.gz