Skip to content

[security] Please upgrade bundled Expat to 2.8.0 (e.g. for the fix to CVE-2026-41080) #149017

Open
Open
[security] Please upgrade bundled Expat to 2.8.0 (e.g. for the fix to CVE-2026-41080)#149017
Assignees
StanFromIreland
Labels
3.10only security fixes3.11only security fixes3.12only security fixes3.13bugs and security fixes3.14bugs and security fixes3.15new features, bugs and security fixesextension-modulesC modules in the Modules dirtopic-XMLtype-securityA security issue
@hartwork

Description

@hartwork
hartwork
opened on Apr 26, 2026

Please see blog post https://blog.hartwork.org/posts/expat-2-8-0-released/ for an overview and the change log at https://github.com/libexpat/libexpat/blob/R_2_8_0/expat/Changes for details. Affects all alive branches of Python. Thank you!

Related: #146083 (predecessor for Expat 2.7.5)

Linked PRs

Metadata

Metadata

Assignees

Labels

3.10only security fixes3.11only security fixes3.12only security fixes3.13bugs and security fixes3.14bugs and security fixes3.15new features, bugs and security fixesextension-modulesC modules in the Modules dirtopic-XMLtype-securityA security issue

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions