373c740924
Fixes Issue #14234 : CVE-2012-0876: Randomize hashes of xml attributes
...
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
2012-03-14 14:41:00 -07:00
8e91cf6a5e
Fixes issue #14234 : CVE-2012-0876: Randomize hashes of xml attributes
...
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
2012-03-14 14:26:55 -07:00
9fd170e2d0
#14062 : fix BytesParser handling of linesep for Header objects
...
This also affected smtplib.SMTP.send_message, which calls BytesParser.
2012-03-14 14:05:03 -04:00
7441a7aedd
#14291 : if a header has non-ascii unicode, default to CTE using utf-8
...
In Python2, if a unicode string was assigned as the value of a header,
email would automatically CTE encode it using the UTF8 charset.
This capability was lost in the Python3 translation, and this patch
restores it.
Patch by Ali Ikinci, assisted by R. David Murray.
I also added a fix for the mailbox test that was depending (with a comment
that it was a bad idea to so depend) on non-ASCII causing message_from_string
to raise an error. It now uses support.patch to induce an error during
message serialization.
2012-03-14 02:59:51 -04:00
eb945a938d
Issue #5219 : Prevent event handler cascade in IDLE.
...
Patch by Roger Serwy.
2012-03-13 14:32:29 -07:00
7ca97d5208
Issue #14184 : Increase the default stack size for secondary threads on
...
Mac OS X to prevent interpreter crashes when compiled on 10.7.
2012-03-13 11:18:18 -07:00
e01c62cd6b
Fix unittest test discovery for Jython
2012-03-13 00:09:54 -07:00
df723e1e5e
#14179 : add tests for re.compile. Patch by Florian Mladitsch.
2012-03-13 01:29:48 +02:00
edbb6ca084
str.format_map tests don't do what they say: fix to actually implement the intent of the test. Closes #13450 .
2012-03-12 15:16:22 -07:00
1f9a835400
Issue #14252 : Fix subprocess.Popen.terminate() to not raise an error under Windows when the child process has already exited.
2012-03-11 19:29:12 +01:00
dae9f8334e
this stuff will actually be new in 3.2.4
2012-03-07 18:49:43 -06:00
52c424343d
allow cycles throught the __dict__ slot to be cleared ( closes #1469629 )
...
Patch from Armin, test from me.
2012-03-07 18:41:11 -06:00
1ae230aa1a
merge heads
2012-03-07 14:50:35 -06:00
e48944b69c
keep the buffer object around while we're using it ( closes #14212 )
2012-03-07 14:50:25 -06:00
a420c820fe
Backout buggy patch committed for #13719
2012-03-07 20:48:55 +01:00
e413c06f35
Make distutils’ upload command work with bdist_msi products ( #13719 ).
...
Patch by Ralf Schmitt.
2012-03-05 16:09:29 +01:00
653f932eff
Issue #14195 : Make WeakSet.__lt__ and WeakSet.__gt__ irreflexive.
2012-03-04 22:15:38 -06:00
4a90ef0363
Issue #14177 : marshal.loads() now raises TypeError when given an unicode string.
...
Patch by Guilherme Gonçalves.
2012-03-03 02:35:32 +01:00
679e9d36f7
Issue #14172 : Fix reference leak when marshalling a buffer-like object (other than a bytes object).
2012-03-02 18:12:43 +01:00
bbe2f60b3c
Issue #14159 : Fix the len() of weak containers (WeakSet, WeakKeyDictionary, WeakValueDictionary) to return a better approximation when some objects are dead or dying.
...
Moreover, the implementation is now O(1) rather than O(n).
Thanks to Yury Selivanov for reporting.
2012-03-01 16:26:35 +01:00
d311374089
Issue #13125 : Silence spurious test_lib2to3 output when in non-verbose mode.
...
Patch by Mikhail Novikov.
2012-02-27 19:55:36 +01:00
e965d97ed1
Issue #13521 : dict.setdefault() now does only one lookup for the given key, making it "atomic" for many purposes.
...
Patch by Filip Gruszczyński.
2012-02-27 00:45:12 +01:00
e7295a7635
Add news entry for previous commit
2012-02-25 16:57:39 +01:00
2e0a0e1640
Fix long-standing bugs with MANIFEST.in parsing on Windows ( #6884 ).
...
These regex changes fix a number of issues for distutils on Windows:
- #6884 : impossible to include a file starting with 'build'
- #9691 and #14004 : sdist includes too many files
- #13193 : test_filelist failures
This commit replaces the incorrect changes done in 0a94e2f807c7 and
90b30d62caf2 to fix #13193 ; we were too eager to fix the test failures
and I did not study the code enough before greenlighting patches. This
time we have unit tests from the problems reported by users to be sure
we have the right fix.
Thanks to Nadeem Vawda for his help.
2012-02-25 16:28:05 +01:00
afe05bd494
Bump version to 3.2.3rc1.
2012-02-23 21:14:12 +01:00
36a6558891
version now 3.1.5rc1
2012-02-23 10:45:48 -05:00
4f22a8d739
Issue #14084 : Fix a file descriptor leak when importing a module with a bad encoding.
2012-02-22 18:05:43 +01:00
9f64f73193
Issue #14053 : Fix "make patchcheck" to work with MQ.
...
Patch by Francisco Martín Brugué
2012-02-22 11:46:41 +02:00
7ef825fdab
merge with 3.2
2012-02-21 22:36:37 +01:00
c9a42070a6
Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion.
2012-02-21 22:36:27 +01:00
dbd3f6173a
Issue #6807 : Run msisupport.mak earlier.
2012-02-21 18:06:22 +01:00
26bb3cf7cd
Issue #10580 : Minor grammar change in Windows installer.
2012-02-21 17:23:55 +01:00
4fe85abab9
sqlite3: Fix 64-bit integer handling in user functions on 32-bit architectures
...
Closes #8033 .
2012-02-21 13:49:50 +02:00
29877e8e04
HTMLParser is now able to handle slashes in the start tag.
2012-02-21 09:25:00 +02:00
09562b4330
Fix typo.
2012-02-20 23:09:59 +01:00
06b1c4f68b
Fix typo.
2012-02-20 23:09:59 +01:00
09a7c72cad
Merge from 3.1: Issue #13703 : add a way to randomize the hash values of basic types (str, bytes, datetime)
...
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.
The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior.
2012-02-20 21:31:46 +01:00
2daf6ae249
Issue #13703 : add a way to randomize the hash values of basic types (str, bytes, datetime)
...
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.
The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior.
2012-02-20 19:54:16 +01:00
cd96b4f1ff
Issue #14001 : CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
...
upon malformed POST request.
2012-02-18 14:53:41 +01:00
ec1712a166
Issue #14001 : CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
...
upon malformed POST request.
2012-02-18 14:42:57 +01:00
c86d9e2846
Fix a variable scoping error in an sqlite3 test
...
Closes #11689 .
2012-02-17 21:31:02 +02:00
b3890226b3
sqlite3: Fix documentation errors concerning Cursor.rowcount
...
Closes #13995 .
2012-02-16 21:39:03 +02:00
58e7c1dc02
NEWS entry for previous commit.
2012-02-16 00:30:50 -08:00
2f5a163dfc
Issue #13014 : Fix a possible reference leak in SSLSocket.getpeercert().
2012-02-15 22:25:27 +01:00
1ca93954e1
Issue #13491 : Fix many errors in sqlite3 documentation
...
Initial patch by Johannes Vogel.
2012-02-15 22:21:01 +02:00
b2f5c0a4c4
Fix parsing of build_ext --libraries option ( #1326113 )
2012-02-15 16:44:37 +01:00
37784ba5c0
Issue #13020 : Fix a reference leak when allocating a structsequence object fails.
...
Patch by Suman Saha.
2012-02-15 02:51:43 +01:00
f5f1fe0cb5
Issue #13015 : Fix a possible reference leak in defaultdict.__repr__.
...
Patch by Suman Saha.
2012-02-15 02:42:46 +01:00
71135624d8
Issue #10287 : nntplib now queries the server's CAPABILITIES first before sending MODE READER, and only sends it if not already in READER mode.
...
Patch by Hynek Schlawack.
2012-02-14 23:29:34 +01:00
ffeee3518a
Issue #13979 : Fix ctypes.util.find_library ldconfig regex
2012-02-13 22:08:39 -06:00
Gregory P. Smith
R David Murray
Martin v. Löwis
Ned Deily
Michael Foord
Ezio Melotti
Eric V. Smith
Antoine Pitrou
Benjamin Peterson
Éric Araujo
Meador Inge
Georg Brandl
Nadeem Vawda
Petri Lehtinen
Charles-François Natali