Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of…

Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (backport to 2.7)

Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of…
Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. (backport to 2.7)
50f40724 · Guido van Rossum · 5e2486b1 · 50f40724
Kaydet (Commit) 50f40724 authored Eki 13, 2016 tarafından Guido van Rossum
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 9 deletions

xml.rst Doc/library/xml.rst +9 -9

No files found.
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -56,15 +56,15 @@ like inline `DTD`_ (document type definition) with entities.
 The following table gives an overview of the known attacks and if the various
 modules are vulnerable to them.
-=========================  ========  =========  =========  ========  =========
+=========================  ==============   ===============   ==============   ==============   ==============
-kind                       sax       etree      minidom    pulldom   xmlrpc
+kind                       sax              etree             minidom          pulldom          xmlrpc
-=========================  ========  =========  =========  ========  =========
+=========================  ==============   ===============   ==============   ==============   ==============
-billion laughs             **Yes**   **Yes**    **Yes**    **Yes**   **Yes**
+billion laughs             **Vulnerable**   **Vulnerable**    **Vulnerable**   **Vulnerable**   **Vulnerable**
-quadratic blowup           **Yes**   **Yes**    **Yes**    **Yes**   **Yes**
+quadratic blowup           **Vulnerable**   **Vulnerable**    **Vulnerable**   **Vulnerable**   **Vulnerable**
-external entity expansion  **Yes**   No    (1)  No    (2)  **Yes**   No    (3)
+external entity expansion  **Vulnerable**   Safe    (1)       Safe    (2)      **Vulnerable**   Safe    (3)
-`DTD`_ retrieval           **Yes**   No         No         **Yes**   No
+`DTD`_ retrieval           **Vulnerable**   Safe              Safe             **Vulnerable**   Safe
-decompression bomb         No        No         No         No        **Yes**
+decompression bomb         Safe             Safe              Safe             Safe             **Vulnerable**
-=========================  ========  =========  =========  ========  =========
+=========================  ==============   ===============   ==============   ==============   ==============
 1. :mod:`xml.etree.ElementTree` doesn't expand external entities and raises a
   ParserError when an entity occurs.