R. David Murray added the comment: Actually, I think it means that the defusedxml documentation tells you what to do to protect yourself from various attack vectors, which pretty much amounts to importing certain functions from defusedxml and using them instead of the stdlib versions. Your patch may be sufficient, but let's see what Christian has to say.
---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue20237> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com