PyXML provides XML libraries for Python. The distribution contains avalidating XML parser, an implementation of the SAX and DOM programminginterfaces, and an interface to the Expat parser.A buffer over-read flaw was found in the way PyXML's Expat parser handledmalformed UTF-8 sequences when processing XML files. A specially-craftedXML file could cause Python applications using PyXML's Expat parser tocrash while parsing the file. (CVE-2009-3720)This update makes PyXML use the system Expat library rather than its owninternal copy; therefore, users must install the RHSA-2009:1625 expatupdate together with this PyXML update to resolve the CVE-2009-3720 issue.All PyXML users should upgrade to this updated package, which changes PyXMLto use the system Expat library. After installing this update along withRHSA-2009:1625, applications using the PyXML library must be restarted forthe update to take effect.