Please upgrade bundled Expat to 2.6.3 (e.g. for the fixes to CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492) #123678
Assignees
Labels
Comments
|
cc @sethmlarson |
|
Thanks for the ping @sobolevn, I'll work with release managers to get this update out. |
|
I've created a PR, please take a look: #123689 |
This was referenced Sep 4, 2024
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Sep 4, 2024
Upgrade libexpat 2.6.3 (cherry picked from commit 40bdb0d) Co-authored-by: Seth Michael Larson <[email protected]>
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Sep 4, 2024
Upgrade libexpat 2.6.3 (cherry picked from commit 40bdb0d) Co-authored-by: Seth Michael Larson <[email protected]>
This was referenced Sep 4, 2024
This was referenced Sep 4, 2024
gpshead
pushed a commit
that referenced
this issue
Sep 4, 2024
encukou
pushed a commit
that referenced
this issue
Sep 5, 2024
ambv
pushed a commit
that referenced
this issue
Sep 5, 2024
ambv
pushed a commit
that referenced
this issue
Sep 5, 2024
ambv
pushed a commit
that referenced
this issue
Sep 5, 2024
ambv
pushed a commit
that referenced
this issue
Sep 5, 2024
|
All pull requests have been merged |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug report
Bug description:
Hi! 👋
Please upgrade bundled Expat to 2.6.3 (e.g. for the fixes to CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492).
The CPython issue for previous 2.6.2 was #116741 and the related merged main pull request was #117296, in case you want to have a look. The Dockerfile from comment #117296 (review) could be of help with raising confidence in a bump pull request when going forward.
Thanks in advance!
CPython versions tested on:
3.8, 3.9, 3.10, 3.11, 3.12, 3.13, CPython main branch
Operating systems tested on:
Linux, macOS, Windows, Other
Linked PRs
The text was updated successfully, but these errors were encountered: