odcs

Clone

7102add Replace xml.etree with defusedxml

Authored and Committed by qwan 6 years ago
raw patch tree parent
3 files changed. 7 lines added. 2 lines removed.
odcs.spec
file modified
+4 -0
server/odcs/server/backend.py
file modified
+2 -2
server/requirements.txt
file modified
+1 -0 
    Replace xml.etree with defusedxml
    
    to fix the issue of:
    
    Using xml.etree.ElementTree.parse to parse untrusted XML data is known
    to be vulnerable to XML attacks. Replace xml.etree.ElementTree.parse with
    its defusedxml equivalent function or make sure defusedxml.defuse_stdlib()
    is called.
    
    FIXES: #62
file modified
+4 -0
file modified
+2 -2
file modified
+1 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.