From f05676e0f590bad81728500172521dbed665de7f Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Sun, 18 Feb 2024 03:14:45 +0100
Subject: [PATCH] Document new CVE-2023-52425 Expat API

---
 .../2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst         | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst

diff --git a/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst b/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst
new file mode 100644
index 000000000000000..4267c8988f835eb
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst
@@ -0,0 +1,7 @@
+Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding
+four new methods:
+
+* ``pyexpat.xmlparser.SetReparseDeferralEnabled``
+* ``xml.etree.ElementTree.XMLParser.flush``
+* ``xml.etree.ElementTree.XMLPullParser.flush``
+* ``xml.sax.expatreader.ExpatParser.flush``