diff options
| author | Christian Heimes <christian@python.org> | 2013-02-21 13:36:01 +0100 |
|---|---|---|
| committer | Christian Heimes <christian@python.org> | 2013-02-21 13:36:01 +0100 |
| commit | 3c27267f6ea6f64a97283ac34da803378643e58b (patch) | |
| tree | 2c6ef479064ca0695359e3535e730d4c2bf4e802 | |
| parent | 80df2598f046dbdd81ce8f2e72dcca66173c8b99 (diff) | |
| download | defusedxml-git-3c27267f6ea6f64a97283ac34da803378643e58b.tar.gz | |
note about demo exploit
| -rw-r--r-- | CHANGES.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index a5bafff..fe8f95b 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -9,9 +9,9 @@ defusedxml 0.4 - As per http://seclists.org/oss-sec/2013/q1/340 please REJECT CVE-2013-0278, CVE-2013-0279 and CVE-2013-0280 and use CVE-2013-1664, CVE-2013-1665 for OpenStack/etc. - - Add missing parser_list argument to sax.make_parser(). The argument is ignored, though. (thanks to Florian Apolloner) +- Add demo exploit for external entity attack on Python's SAX parser. defusedxml 0.3 |