summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
...
* Prepare release 0.4.1v0.4.1Christian Heimes2013-03-283-6/+9
* verify xmlrpc behaviorChristian Heimes2013-03-261-1/+13
* xmlrpc doesn't do external retrievalChristian Heimes2013-03-251-3/+3
* add possible issue with XMLSchema locationChristian Heimes2013-03-071-1/+15
* add two working xalan exploitsChristian Heimes2013-03-072-0/+38
* back to devChristian Heimes2013-02-252-1/+7
* Added tag v0.4 for changeset 6b7ff04c3704Christian Heimes2013-02-250-0/+0
* prepare release 0.4#v0.4Christian Heimes2013-02-252-3/+4
* Add links to PyPIChristian Heimes2013-02-251-3/+7
* rename python filesChristian Heimes2013-02-252-0/+2
* PHP's libxml_disable_entity_loader() prevents entity expansionChristian Heimes2013-02-251-0/+3
* add demo exploits for webdav and xmlrpcChristian Heimes2013-02-252-0/+84
* note about demo exploitChristian Heimes2013-02-211-1/+1
* Add demo exploit for external entity expansionChristian Heimes2013-02-211-0/+58
* mergeChristian Heimes2013-02-201-2/+2
|\
| * fix typosFred Drake2013-02-191-2/+2
| * Add infos from Kurt SeifriedChristian Heimes2013-02-191-0/+10
| * openstack is going to use Python's CVE numbersChristian Heimes2013-02-191-15/+0
| * Added tag v0.3 for changeset 2127a9d13d97Christian Heimes2013-02-190-0/+0
| * preparing release 0.3v0.3Christian Heimes2013-02-191-1/+1
| * preparing release 0.3Christian Heimes2013-02-191-1/+3
| * point to my reposChristian Heimes2013-02-191-1/+2
| * spellingChristian Heimes2013-02-191-1/+1
| * document new expat featuresChristian Heimes2013-02-181-2/+79
| * document features in stdlibChristian Heimes2013-02-171-3/+52
| * more documentation and referencesChristian Heimes2013-02-171-53/+102
| * test monkey patching a bitChristian Heimes2013-02-171-0/+4
| * Add experimental monkey patchingChristian Heimes2013-02-172-21/+39
| * bigger captionChristian Heimes2013-02-171-0/+6
| * post release changesChristian Heimes2013-02-152-1/+7
| * Added tag v0.2 for changeset ea62aa5e5c3fChristian Heimes2013-02-150-0/+0
| * prepare release 0.2v0.2Christian Heimes2013-02-152-2/+2
| * add version from defusedxml and use it in setup.pyChristian Heimes2013-02-152-1/+6
| * other things list is pessimisticChristian Heimes2013-02-151-4/+6
| * document lxml and xmlrpc modulesChristian Heimes2013-02-151-5/+18
| * underline h1Christian Heimes2013-02-152-1/+6
| * document no decompression bomb protection in lxmlChristian Heimes2013-02-151-3/+2
| * document -1Christian Heimes2013-02-151-0/+1
| * test for monkey patchingChristian Heimes2013-02-151-0/+6
| * test another special caseChristian Heimes2013-02-151-2/+6
| * Add protection against XML and gzip attacks to xmlrpclibChristian Heimes2013-02-153-14/+206
| * tests for iterparseChristian Heimes2013-02-151-11/+26
| * add module for xmlrpc patchChristian Heimes2013-02-151-0/+21
| * Document forbid_externalChristian Heimes2013-02-151-6/+12
| * Fix for iterparse patch for Python 2.7Christian Heimes2013-02-151-2/+5
| * don't load all modules right awayChristian Heimes2013-02-151-8/+8
| * hack to get bound methods of patched iterparse rightChristian Heimes2013-02-151-11/+21
| * xmlrpclib's ExpatParser needs protection, tooChristian Heimes2013-02-153-26/+78
| * more thanks and explain othersChristian Heimes2013-02-151-1/+13
| * add forbid_external to all classs and functionsChristian Heimes2013-02-157-34/+64
View Lorry Controller Status