Please upgrade bundled Expat to 2.7.1

[hartwork]

Bug report

Bug description:

Hi! 👋

Please upgrade bundled Expat to 2.7.1 (e.g. for the fix to what can be argued a regression that came with the fix for CVE-2024-8176 in Expat 2.7.0).

• GitHub release: https://github.com/libexpat/libexpat/releases/tag/R_2_7_1
• Change log: https://github.com/libexpat/libexpat/blob/R_2_7_1/expat/Changes

The CPython issue for previous 2.7.0 was #131261 and the related merged main pull request was #131272, in case you want to have a look. The Dockerfile from comment #123689 (review) could be of help with raising confidence in a bump pull request when going forward.

Thanks in advance!

CC @sethmlarson @gpshead

CPython versions tested on:

3.9, 3.10, CPython main branch, 3.14, 3.13, 3.12, 3.11

Operating systems tested on:

Other, Windows, macOS, Linux

Linked PRs

• gh-131809: Upgrade vendored expat to 2.7.1 #132192
• gh-131809: Upgrade libexpat to 2.7.1 #132235
• [3.13] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132236
• [3.12] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132237
• [3.11] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132240
• [3.10] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132241
• [3.9] gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192) #132242