[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47319: python-lxml is vulnerable to CVE-2021-28957
From: |
Mark H Weaver |
Subject: |
bug#47319: python-lxml is vulnerable to CVE-2021-28957 |
Date: |
Mon, 05 Apr 2021 19:54:54 -0400 |
Leo Famulari <leo@famulari.name> writes:
> On Mon, Mar 22, 2021 at 03:09:24PM +0100, Léo Le Bouter via Bug reports for
> GNU Guix wrote:
>> Has lots of dependents so I suppose it needs grafting? Is that useful
>> and does it work for Python packages?
>
> Grafting Python packages is not something we've done in the past, as far
> as I can tell from reading the Git log, although I don't recall know if
> it works or not.
I see no reason why grafting a python package wouldn't work, although
admittedly my knowledge of Python is weak.
Mark
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#47319: python-lxml is vulnerable to CVE-2021-28957,
Mark H Weaver <=