config-tools: replace xml.etree.ElementTree with defusedxml.ElementTree
Using xml.etree.ElementTree to parse the untrusted data is known to raise security issue. Replaced it using defusedxml. Tracked-On: #6342 Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
This commit is contained in:
parent
c10ac227cc
commit
668ae81048
|
@ -80,7 +80,7 @@ ACRN.
|
|||
xsltproc \
|
||||
clang-format
|
||||
|
||||
sudo pip3 install lxml xmlschema
|
||||
sudo pip3 install lxml xmlschema defusedxml
|
||||
|
||||
wget https://acpica.org/sites/acpica/files/acpica-unix-20210105.tar.gz
|
||||
tar zxvf acpica-unix-20210105.tar.gz
|
||||
|
|
|
@ -180,7 +180,7 @@ Build the ACRN Hypervisor on Ubuntu
|
|||
xsltproc \
|
||||
clang-format
|
||||
|
||||
$ sudo pip3 install lxml xmlschema
|
||||
$ sudo pip3 install lxml xmlschema defusedxml
|
||||
|
||||
#. Starting with the ACRN v2.2 release, we use the ``iasl`` tool to
|
||||
compile an offline ACPI binary for pre-launched VMs while building ACRN,
|
||||
|
|
|
@ -2,3 +2,4 @@ Flask==1.1.1
|
|||
flask_bootstrap==3.3.7.1
|
||||
xmlschema==1.4.1
|
||||
lxml==4.6.2
|
||||
defusedxml==0.7.1
|
||||
|
|
|
@ -8,7 +8,7 @@ import sys
|
|||
import getopt
|
||||
import shutil
|
||||
import subprocess # nosec
|
||||
import xml.etree.ElementTree as ET
|
||||
import defusedxml.ElementTree as ET
|
||||
import re
|
||||
import lxml
|
||||
|
||||
|
|
Loading…
Reference in New Issue