Skip to content

Commit 1cbc4a4

Browse files
jvanderaajvanderaa
committed
Bump lxml minimum to 6.1.0 for CVE-2026-41066 
1 parent d0f019f commit 1cbc4a4

3 files changed

Lines changed: 138 additions & 143 deletions

File tree

changes/400.security

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Raised the minimum lxml version to 6.1.0 to address CVE-2026-41066 (XXE via default entity resolution in iterparse and ETCompatXMLParser).

0 commit comments

Comments
 (0)