#18253 closed enhancement (fixed)
lxml-4.9.3 (Python module)
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | normal | Milestone: | 12.0 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (6)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
comment:4 by , 3 years ago
The correct notes:
4.9.3 (2023-07-05) ================== Bugs fixed ---------- * ``lxml.objectify`` accepted non-decimal numbers like ``²²²`` as integers. * A memory leak in ``lxml.html.clean`` was resolved by switching to Cython 0.29.34+. * GH#348: URL checking in the HTML cleaner was improved. Patch by Tim McCormack. * GH#371, GH#373: Some regex strings were changed to raw strings to fix Python warnings. Patches by Jakub Wilk and Anthony Sottile. Other changes ------------- * Wheels include zlib 1.2.13, libxml2 2.10.3 and libxslt 1.1.38 (zlib 1.2.12, libxml2 2.10.3 and libxslt 1.1.37 on Windows). * Built with Cython 0.29.36 to adapt to changes in Python 3.12.
comment:5 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Bugs fixed CVE-2022-2309: A Bug in libxml2 2.9.1[0-4] could let namespace declarations from a failed parser run leak into later parser runs. This bug was worked around in lxml and resolved in libxml2 2.10.0. https://gitlab.gnome.org/GNOME/libxml2/-/issues/378 Other changes LP#1981760: Element.attrib now registers as collections.abc.MutableMapping. lxml now has a static build setup for macOS on ARM64 machines (not used for building wheels). Patch by Quentin Leffray.The CVE mentioned has already been worked around for us since we use the system version of libxml2.