[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Python-Dev] We cannot fix all issues: let's close XML security issues (not fix them)

Le jeu. 6 sept. 2018 ? 21:10, Steve Dower <steve.dower at python.org> a ?crit :
> If Christian is not able to keep maintaining the defused* packages, then
> I may take a look at this next week at the sprints. The built-in XML
> packages actually don't meet Microsoft's internal security requirements,
> so I have some business motivation to do it.

Great! The best would be to be able to merge defuse* features into the
stdlib. Maybe not change the default, but add an option to enable
security counter-measures.