mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-11-03 02:51:09 +00:00
6f96614e6f
This patch is to fix Bandit scan issue b313-b320 which is vulnerable to XML attacks when parsing untrusted XML data. I replace lxml.etree with the equivalent defusedxml package. I confirm it works after making a Bandit scan, building the configurator and compiling the acrn. Signed-off-by: dongpingx <dongpingx.wu@intel.com> Tracked-On: #8717
Supporting libraries of ACRN configuration toolset
This package contains the libraries supporting ACRN configuration toolset, including:
- The manipulators and validators of scenario schemas or XMLs
- The generator of guest ACPI tables
The main objective of this package is to ease the import of the supporting libraries in the ACRN configurator which uses a Python interpreter built in WebAssembly (WASM). This package is thus NOT intended to be used by users; invoke the Python scripts directly if needed.