Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Use defusedxml to parse potentially untrusted XML #708
referenced this pull request
Nov 17, 2017
Nov 29, 2017
1 check passed
Gitflow and Hubflow have 'hotfix' branches off of the release branch for exactly this problem.
You can branch off the release branch, cherry pick the security patch, bump the version, merge back to the release branch, and cut a release without having to release all of the pending new features on the develop branch.