Re: [Python-Dev] xml.sax and xml.dom fetch DTDs by default

Am 22.02.2013 00:47, schrieb Paul Boddie: > Perhaps related to the discussion of denial-of-service vulnerabilities is the > matter of controlling access to remote resources. I suppose that after the > following bug was closed, no improvements were made to the standard library: > > http://bugs.py

[Python-Dev] xml.sax and xml.dom fetch DTDs by default (was XML DoS vulnerabilities and exploits in Python)

Perhaps related to the discussion of denial-of-service vulnerabilities is the matter of controlling access to remote resources. I suppose that after the following bug was closed, no improvements were made to the standard library: http://bugs.python.org/issue2124 Do Python programs still visit t