mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-26 22:06:35 +01:00
d4460393ce
Signed-off-by: David Spencer <idlemoor@slackbuilds.org>
19 lines
1.2 KiB
Text
19 lines
1.2 KiB
Text
# HOW TO EDIT THIS FILE:
|
|
# The "handy ruler" below makes it easier to edit a package description.
|
|
# Line up the first '|' above the ':' following the base package name, and
|
|
# the '|' on the right side marks the last column you can put a character in.
|
|
# You must make exactly 11 lines for the formatting to be correct. It's also
|
|
# customary to leave one space after the ':' except on otherwise blank lines.
|
|
|
|
|-----handy-ruler------------------------------------------------------|
|
|
defusedxml: defusedxml (XML bomb protection for Python stdlib modules)
|
|
defusedxml:
|
|
defusedxml: The results of an attack on a vulnerable XML library can be fairly
|
|
defusedxml: dramatic. With just a few hundred Bytes of XML data an attacker can
|
|
defusedxml: occupy several Gigabytes of memory within seconds. An attacker can
|
|
defusedxml: also keep CPUs busy for a long time with a small to medium size
|
|
defusedxml: request. Under some circumstances it is even possible to access local
|
|
defusedxml: files on your server, to circumvent a firewall, or to abuse services
|
|
defusedxml: to rebound attacks to third parties. This library allows for XML to
|
|
defusedxml: be parsed in a manner that avoids these pitfalls.
|
|
defusedxml:
|