python
diff --git a/‎library/xml.dom.pulldom.po‎
Lines changed: 29 additions & 22 deletions b/‎library/xml.dom.pulldom.po‎
Lines changed: 29 additions & 22 deletions
diff --git a/‎library/xml.po‎
Lines changed: 27 additions & 17 deletions b/‎library/xml.po‎
Lines changed: 27 additions & 17 deletions
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Python 3.7\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-06-30 05:56+0900\n"
+"POT-Creation-Date: 2018-09-25 09:16+0900\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Language-Team: Chinese (China) (https://www.transifex.com/python-doc/teams/5390/zh_CN/)\n"
 "MIME-Version: 1.0\n"
@@ -44,53 +44,60 @@ msgid ""
 "see :ref:`xml-vulnerabilities`."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:29
+#: ../../library/xml.dom.pulldom.rst:30
+msgid ""
+"The SAX parser no longer processes general external entities by default to "
+"increase security by default. To enable processing of external entities, "
+"pass a custom parser instance in::"
+msgstr ""
+
+#: ../../library/xml.dom.pulldom.rst:43
 msgid "Example::"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:40
+#: ../../library/xml.dom.pulldom.rst:54
 msgid "``event`` is a constant and can be one of:"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:42
+#: ../../library/xml.dom.pulldom.rst:56
 msgid ":data:`START_ELEMENT`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:43
+#: ../../library/xml.dom.pulldom.rst:57
 msgid ":data:`END_ELEMENT`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:44
+#: ../../library/xml.dom.pulldom.rst:58
 msgid ":data:`COMMENT`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:45
+#: ../../library/xml.dom.pulldom.rst:59
 msgid ":data:`START_DOCUMENT`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:46
+#: ../../library/xml.dom.pulldom.rst:60
 msgid ":data:`END_DOCUMENT`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:47
+#: ../../library/xml.dom.pulldom.rst:61
 msgid ":data:`CHARACTERS`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:48
+#: ../../library/xml.dom.pulldom.rst:62
 msgid ":data:`PROCESSING_INSTRUCTION`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:49
+#: ../../library/xml.dom.pulldom.rst:63
 msgid ":data:`IGNORABLE_WHITESPACE`"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:51
+#: ../../library/xml.dom.pulldom.rst:65
 msgid ""
 "``node`` is an object of type :class:`xml.dom.minidom.Document`, "
 ":class:`xml.dom.minidom.Element` or :class:`xml.dom.minidom.Text`."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:54
+#: ../../library/xml.dom.pulldom.rst:68
 msgid ""
 "Since the document is treated as a \"flat\" stream of events, the document "
 "\"tree\" is implicitly traversed and the desired elements are found "
@@ -103,11 +110,11 @@ msgid ""
 "processing."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:66 ../../library/xml.dom.pulldom.rst:71
+#: ../../library/xml.dom.pulldom.rst:80 ../../library/xml.dom.pulldom.rst:85
 msgid "Subclass of :class:`xml.sax.handler.ContentHandler`."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:76
+#: ../../library/xml.dom.pulldom.rst:90
 msgid ""
 "Return a :class:`DOMEventStream` from the given input. *stream_or_string* "
 "may be either a file name, or a file-like object. *parser*, if given, must "
@@ -117,32 +124,32 @@ msgid ""
 "done in advance."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:83
+#: ../../library/xml.dom.pulldom.rst:97
 msgid ""
 "If you have XML in a string, you can use the :func:`parseString` function "
 "instead:"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:87
+#: ../../library/xml.dom.pulldom.rst:101
 msgid ""
 "Return a :class:`DOMEventStream` that represents the (Unicode) *string*."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:91
+#: ../../library/xml.dom.pulldom.rst:105
 msgid "Default value for the *bufsize* parameter to :func:`parse`."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:93
+#: ../../library/xml.dom.pulldom.rst:107
 msgid ""
 "The value of this variable can be changed before calling :func:`parse` and "
 "the new value will take effect."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:99
+#: ../../library/xml.dom.pulldom.rst:113
 msgid "DOMEventStream Objects"
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:106
+#: ../../library/xml.dom.pulldom.rst:120
 msgid ""
 "Return a tuple containing *event* and the current *node* as "
 ":class:`xml.dom.minidom.Document` if event equals :data:`START_DOCUMENT`, "
@@ -152,6 +159,6 @@ msgid ""
 "children, unless :func:`expandNode` is called."
 msgstr ""
 
-#: ../../library/xml.dom.pulldom.rst:116
+#: ../../library/xml.dom.pulldom.rst:130
 msgid "Expands all children of *node* into *node*. Example::"
 msgstr ""
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Python 3.7\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-06-30 05:56+0900\n"
+"POT-Creation-Date: 2018-09-25 09:16+0900\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Language-Team: Chinese (China) (https://www.transifex.com/python-doc/teams/5390/zh_CN/)\n"
 "MIME-Version: 1.0\n"
@@ -130,19 +130,23 @@ msgstr ""
 #: ../../library/xml.rst:66 ../../library/xml.rst:66 ../../library/xml.rst:66
 #: ../../library/xml.rst:66 ../../library/xml.rst:66 ../../library/xml.rst:67
 #: ../../library/xml.rst:67 ../../library/xml.rst:67 ../../library/xml.rst:67
-#: ../../library/xml.rst:67 ../../library/xml.rst:68 ../../library/xml.rst:68
-#: ../../library/xml.rst:69 ../../library/xml.rst:69 ../../library/xml.rst:70
+#: ../../library/xml.rst:67 ../../library/xml.rst:70
 msgid "**Vulnerable**"
 msgstr ""
 
 #: ../../library/xml.rst:67
 msgid "quadratic blowup"
 msgstr ""
 
-#: ../../library/xml.rst:68 ../../library/xml.rst:97
+#: ../../library/xml.rst:68 ../../library/xml.rst:99
 msgid "external entity expansion"
 msgstr ""
 
+#: ../../library/xml.rst:68 ../../library/xml.rst:68 ../../library/xml.rst:69
+#: ../../library/xml.rst:69
+msgid "Safe (4)"
+msgstr ""
+
 #: ../../library/xml.rst:68
 msgid "Safe    (1)"
 msgstr ""
@@ -155,7 +159,7 @@ msgstr ""
 msgid "Safe    (3)"
 msgstr ""
 
-#: ../../library/xml.rst:69 ../../library/xml.rst:102
+#: ../../library/xml.rst:69 ../../library/xml.rst:104
 msgid "`DTD`_ retrieval"
 msgstr ""
 
@@ -165,7 +169,7 @@ msgstr ""
 msgid "Safe"
 msgstr ""
 
-#: ../../library/xml.rst:70 ../../library/xml.rst:109
+#: ../../library/xml.rst:70 ../../library/xml.rst:111
 msgid "decompression bomb"
 msgstr ""
 
@@ -185,11 +189,17 @@ msgstr ""
 msgid ":mod:`xmlrpclib` doesn't expand external entities and omits them."
 msgstr ""
 
-#: ../../library/xml.rst:85
+#: ../../library/xml.rst:78
+msgid ""
+"Since Python 3.8.0, external general entities are no longer processed by "
+"default since Python."
+msgstr ""
+
+#: ../../library/xml.rst:87
 msgid "billion laughs / exponential entity expansion"
 msgstr ""
 
-#: ../../library/xml.rst:81
+#: ../../library/xml.rst:83
 msgid ""
 "The `Billion Laughs`_ attack -- also known as exponential entity expansion "
 "-- uses multiple levels of nested entities. Each entity refers to another "
@@ -198,11 +208,11 @@ msgid ""
 "consumes lots of memory and CPU time."
 msgstr ""
 
-#: ../../library/xml.rst:92
+#: ../../library/xml.rst:94
 msgid "quadratic blowup entity expansion"
 msgstr ""
 
-#: ../../library/xml.rst:88
+#: ../../library/xml.rst:90
 msgid ""
 "A quadratic blowup attack is similar to a `Billion Laughs`_ attack; it "
 "abuses entity expansion, too. Instead of nested entities it repeats one "
@@ -211,39 +221,39 @@ msgid ""
 "countermeasures that forbid deeply-nested entities."
 msgstr ""
 
-#: ../../library/xml.rst:95
+#: ../../library/xml.rst:97
 msgid ""
 "Entity declarations can contain more than just text for replacement. They "
 "can also point to external resources or local files. The XML parser accesses"
 " the resource and embeds the content into the XML document."
 msgstr ""
 
-#: ../../library/xml.rst:100
+#: ../../library/xml.rst:102
 msgid ""
 "Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
 "type definitions from remote or local locations. The feature has similar "
 "implications as the external entity expansion issue."
 msgstr ""
 
-#: ../../library/xml.rst:105
+#: ../../library/xml.rst:107
 msgid ""
 "Decompression bombs (aka `ZIP bomb`_) apply to all XML libraries that can "
 "parse compressed XML streams such as gzipped HTTP streams or LZMA-compressed"
 " files. For an attacker it can reduce the amount of transmitted data by "
 "three magnitudes or more."
 msgstr ""
 
-#: ../../library/xml.rst:111
+#: ../../library/xml.rst:113
 msgid ""
 "The documentation for `defusedxml`_ on PyPI has further information about "
 "all known attack vectors with examples and references."
 msgstr ""
 
-#: ../../library/xml.rst:117
+#: ../../library/xml.rst:119
 msgid "The :mod:`defusedxml` and :mod:`defusedexpat` Packages"
 msgstr ""
 
-#: ../../library/xml.rst:119
+#: ../../library/xml.rst:121
 msgid ""
 "`defusedxml`_ is a pure Python package with modified subclasses of all "
 "stdlib XML parsers that prevent any potentially malicious operation. Use of "
@@ -252,7 +262,7 @@ msgid ""
 "documentation on more XML exploits such as XPath injection."
 msgstr ""
 
-#: ../../library/xml.rst:125
+#: ../../library/xml.rst:127
 msgid ""
 "`defusedexpat`_ provides a modified libexpat and a patched :mod:`pyexpat` "
 "module that have countermeasures against entity expansion DoS attacks. The "