xml package does not obey ignore_environment

On two occasions, the xml package uses environment variables to override parser / DOM implementations: xml.sax package and xml.dom.domreg module. On both occasions, the code should not use env vars to override module names, when the interpreter is started with flags like -E or -I.

Dates:

• Disclosure date: 2018-09-24 (Python issue bpo-34791 reported)

Fixed In

• Python 2.7.16 (2019-03-02) fixed by commit 2546ac8 (branch 2.7) (2018-10-19)
• Python 3.4.10 (2019-03-18) fixed by commit 765d333 (branch 3.4) (2019-02-25)
• Python 3.5.7 (2019-03-18) fixed by commit 7cd08cf (branch 3.5) (2019-02-26)
• Python 3.6.8 (2018-12-23) fixed by commit 5e808f9 (branch 3.6) (2018-10-19)
• Python 3.7.2 (2018-12-23) fixed by commit c119d59 (branch 3.7) (2018-10-19)
• Python 3.8.0 (2019-10-14) fixed by commit 223e501 (branch 3.8) (2018-09-24)

Python issue

xml package does not obey sys.flags.ignore_environment.

• Python issue: bpo-34791
• Creation date: 2018-09-24
• Reporter: Christian Heimes

Timeline

Timeline using the disclosure date 2018-09-24 as reference:

• 2018-09-24: Python issue bpo-34791 reported by Christian Heimes
• 2018-09-24: commit 223e501 (branch 3.8)
• 2018-10-19 (+25 days): commit 2546ac8 (branch 2.7)
• 2018-10-19 (+25 days): commit 5e808f9 (branch 3.6)
• 2018-10-19 (+25 days): commit c119d59 (branch 3.7)
• 2018-12-23 (+90 days): Python 3.6.8 released
• 2018-12-23 (+90 days): Python 3.7.2 released
• 2019-02-25 (+154 days): commit 765d333 (branch 3.4)
• 2019-02-26 (+155 days): commit 7cd08cf (branch 3.5)
• 2019-03-02 (+159 days): Python 2.7.16 released
• 2019-03-18 (+175 days): Python 3.4.10 released
• 2019-03-18 (+175 days): Python 3.5.7 released
• 2019-10-14: Python 3.8.0 released