Commit Graph

23 Commits

Author SHA1 Message Date
Sebastian Pipping fbd40ce46e
gh-115399: Document CVE-2023-52425 under "XML vulnerabilities" (GH-115400)
Doc/library/xml.rst: Document CVE-2023-52425 under "XML vulnerabilities"
2024-02-21 12:26:16 +01:00
Hugo van Kemenade 3faf8e586d
gh-101100: Fix Sphinx reference warnings (GH-112416)
* Fix Sphinx warning in library/xml.rst

Direct use of the pyexpat module is deprecated, but this is how to check the version for security purposes

* Fix Sphinx warning in library/importlib.resources.rst

* Use italics for parameters

* Link to the exception

* Fix Sphinx warning in library/gzip.rst

* Document message and header defect base classes to fix Sphinx warning in library/email.headerregistry.rst

* Restore feed_eof() doc to fix Sphinx warning in library/asyncio-stream.rst

* Fix Sphinx warning in extending/newtypes.rst

* Fix Sphinx warning in c-api/set.rst

On stdtypes.rst, set and frozenset are documented together and the frozenset has the working refs
2023-11-25 15:40:19 -08:00
Serhiy Storchaka f2d07d3289
gh-101100: Sphinx warnings: pick the low hanging fruits (GH-107386) 2023-07-29 08:48:10 +03:00
Serhiy Storchaka 4b9948617f
gh-106909: Use role :const: for referencing module constants (GH-106910) 2023-07-21 12:40:37 +03:00
Ned Batchelder 3440d197a5
Docs: remove redundant "adverb-adjective" hyphens from compound modifiers (GH-94551)
Discussion: https://discuss.python.org/t/slight-grammar-fix-throughout-adverbs-dont-need-hyphen/17021
2022-07-05 11:16:10 +02:00
Victor Stinner 3fc5d84046
bpo-44394: Update libexpat copy to 2.4.1 (GH-26945)
Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the
fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy
is most used on Windows and macOS.

Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2021-08-29 16:08:24 +02:00
Zackery Spytz 51b84f8e96
bpo-38585: Remove references to defusedexpat (GH-22095)
defusedexpat is not maintained.
2020-09-04 13:57:48 -07:00
Serhiy Storchaka bf99bcf56c
Fix Python version since which external enities are not resolved by default. (GH-11237) 2018-12-19 15:29:04 +02:00
Jules Lasne (jlasne) 82d73554e4 Removed dangling `since Python` at the end of library/xml.rst. (GH-11201) 2018-12-19 08:05:14 +02:00
Christian Heimes 17b1d5d4e3 bpo-17239: Disable external entities in SAX parser (GH-9217)
The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.

Signed-off-by: Christian Heimes <christian@python.org>



https://bugs.python.org/issue17239
2018-09-23 00:50:25 -07:00
Stéphane Wirtel 19177fbd5d bpo-33503: Fix the broken pypi link in the source and the documentation (GH-6814) 2018-05-15 14:58:35 -04:00
Guido van Rossum e1478e4ae2 Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. 2016-10-13 14:31:50 -07:00
Terry Jan Reedy fa089b9b0b Issue #22558: Add remaining doc links to source code for Python-coded modules.
Reformat header above separator line (added if missing) to a common format.
Patch by Yoni Lavi.
2016-06-11 15:02:54 -04:00
Georg Brandl 5d94134040 Closes #25910: fix dead and permanently redirected links in the docs. Thanks to SilentGhost for the patch. 2016-02-26 19:37:12 +01:00
Andrew Kuchling 4da9ab0357 #20237: make a revision pass over the XML vulnerabilities section 2014-02-15 15:33:44 -05:00
Zachary Ware 19c1f3dce6 Fix unfinished thought in xml overview page. Suggested by Bo Bayles on docs@. 2014-01-31 11:30:36 -06:00
R David Murray 66c9350a89 #20236: Fix sphinx markup. 2014-01-13 13:51:17 -05:00
Antoine Pitrou f20ea13996 s/lightweight/minimal/, as per issue #11379. 2013-12-22 01:57:01 +01:00
Georg Brandl 57f936ecde Closes #19179: make table of XML vulnerabilities clearer by using "everyday" booleans and explaining the table beforehand. 2013-10-12 18:19:33 +02:00
Georg Brandl 6ba6b13e32 Fix XML vulnerability link targets. 2013-03-28 09:11:44 +01:00
Christian Heimes 768f6a5360 Issue 17538: Document XML vulnerabilties 2013-03-26 17:47:23 +01:00
Christian Heimes 7380a67267 Issue 17538: Document XML vulnerabilties 2013-03-26 17:35:55 +01:00
Georg Brandl fe7b00fb0a Closes #11710: create "landing pages" (/library/package.html) for those packages that have no documented content themselves, e.g. "urllib" or "http". 2012-10-06 13:49:34 +02:00