[diffoscope] XML parsing failing due to vulnerable version of pyexpat

Aman Sharma amansha at kth.se
Wed Apr 30 04:06:33 UTC 2025


Done! https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/407


Regards,
Aman Sharma

PhD Student
KTH Royal Institute of Technology
School of Electrical Engineering and Computer Science (EECS)
Department of Theoretical Computer Science (TCS)
<http://www.kth.se><https://www.kth.se/profile/amansha><https://www.kth.se/profile/amansha>
<https://www.kth.se/profile/amansha>https://algomaster99.github.io/
________________________________
From: Chris Lamb <chris at reproducible-builds.org>
Sent: Tuesday, April 29, 2025 4:46:15 PM
To: Aman Sharma
Cc: diffoscope
Subject: Re: [diffoscope] XML parsing failing due to vulnerable version of pyexpat

Hi Aman,

> Is there a specific reason that defusedxml is not shipped with the docker image?

Not that I'm aware of. This is the real issue. :)

Can you file a bug in our issue tracker? I can't seem to work out why
its not being added right this second, but with an issue filed, I'll
get to it in a few days.


Best wishes,

--
      o
    ⬋   ⬊      Chris Lamb
   o     o     reproducible-builds.org 💠
    ⬊   ⬋
      o
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/diffoscope/attachments/20250430/8e4dd654/attachment.htm>


More information about the diffoscope mailing list