An error when handling DOCTYPE and ENTITY XML declarations can be exploited to cause a high memory resource consumption via a non-ASCII-compatible encoded document. The vulnerability is reported in versions prior to 5.1.2. Solution Update to version 5.1.2 Original Advisory http://freecode.com/projects/feedparser/releases/344371 https://code.google.com/p/feedparser/source/detail?r=703&path=/trunk/feedparser/feedparser.py
@python, ok to stabilize =dev-python/feedparser-5.1.2?
(In reply to comment #1) Looks good to me.
Great, thank you. Arches, please test and mark stable: =dev-python/feedparser-5.1.2 Target keywords : "alpha amd64 ia64 ppc ppc64 sparc x86"
amd64 stable
alpha/ia64/sparc/x86 stable
ppc64 done
ppc done
Thanks, folks. GLSA Vote: no.
GLSA vote: no. Closing noglsa.