[3.13] gh-127502: Fix typo in XML security notes (GH-139335) (#139345)
Some checks are pending
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Tests / Android (aarch64) (push) Blocked by required conditions
Tests / Android (x86_64) (push) Blocked by required conditions
Tests / WASI (push) Blocked by required conditions
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Tests / Address sanitizer (push) Blocked by required conditions
Tests / Sanitizers (push) Blocked by required conditions
Tests / CIFuzz (push) Blocked by required conditions
Tests / All required checks pass (push) Blocked by required conditions
Tests / Change detection (push) Waiting to run
Tests / Docs (push) Blocked by required conditions
Tests / Check if the ABI has changed (push) Blocked by required conditions
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Tests / Check if generated files are up to date (push) Blocked by required conditions
Tests / (push) Blocked by required conditions
Tests / Windows MSI (push) Blocked by required conditions
Lint / lint (push) Waiting to run

gh-127502: Fix typo in XML security notes (GH-139335)
(cherry picked from commit 6fa1e552e0)

Co-authored-by: Sebastian Pipping <sebastian@pipping.org>
This commit is contained in:
Miss Islington (bot) 2025-09-26 12:08:59 +02:00 committed by GitHub
parent 11d6c460b8
commit 417e0c0791
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -55,7 +55,7 @@ An attacker can abuse XML features to carry out denial of service attacks,
access local files, generate network connections to other machines, or
circumvent firewalls.
Expat versions lower that 2.6.0 may be vulnerable to "billion laughs",
Expat versions lower than 2.6.0 may be vulnerable to "billion laughs",
"quadratic blowup" and "large tokens". Python may be vulnerable if it uses such
older versions of Expat as a system-provided library.
Check :const:`!pyexpat.EXPAT_VERSION`.