Log Message:
py-lxml: updated to 4.7.1

4.7.1 (2021-12-13)

Features added

Chunked Unicode string parsing via parser.feed() now encodes the input data to \ 
the native UTF-8 encoding directly, instead of going through Py_UNICODE / \ 
wchar_t encoding first, which previously required duplicate recoding in most \ 
cases.

Bugs fixed

The standard namespace prefixes were mishandled during "C14N2" \ 
serialisation on Python 3. See \ 
https://mail.python.org/archives/list/lxml@python.org/thread/6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/
lxml.objectify previously accepted non-XML numbers with underscores (like \ 
"1_000") as integers or float values in Python 3.6 and later. It now \ 
adheres to the number format of the XML spec again.
Static wheels of lxml now contain the header files of zlib and libiconv (in \ 
addition to the already provided headers of libxml2/libxslt/libexslt).

Other changes

Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).

4.7.0 (2021-12-13)

Release retracted due to missing files in lxml/includes/.

4.6.5 (2021-12-12)

Bugs fixed

A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script \ 
content through SVG images (CVE-2021-43818).
A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script \ 
content through CSS imports and other crafted constructs (CVE-2021-43818).