Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity
68,962 Commits 6 Branches 592 Tags 2.9 GiB
Commit Graph

68962 Commits

Author SHA1 Message Date
Benjamin Peterson 44e4b98ff0 delete old ftpmirror script, which now has security bugs (closes #23130) 2014-12-30 10:08:16 -06:00
Benjamin Peterson 4e9cefaf86 add a default limit for the amount of data xmlrpclib.gzip_decode will return (closes #16043) 2014-12-05 20:15:15 -05:00
Benjamin Peterson 258f3f0dc2 use pythontest.net for url fragment test 2014-11-05 11:27:14 -05:00
Benjamin Peterson 863c962e68 move idna test domain to pythontest.net 2014-11-03 15:10:47 -05:00
Georg Brandl 6f1abda02b Added tag v3.2.6 for changeset 0bd5f4f14de9 2014-10-12 08:51:30 +02:00
Georg Brandl 439d88542e Bump to 3.2.6 2014-10-12 08:50:38 +02:00
Georg Brandl b3ac84322f #16040: fix unlimited read from connection in nntplib. 2014-10-12 08:50:11 +02:00
Georg Brandl f84422da1d Added tag v3.2.6rc1 for changeset 51382a5598ec 2014-10-04 14:17:10 +02:00
Georg Brandl edc3cbaaba Copyright year update, add version to licenses. 2014-10-04 14:16:59 +02:00
Georg Brandl e800a0e1c2 Bump to 3.2.6rc1 2014-10-04 14:15:42 +02:00
Georg Brandl 4480d30b8b ref #19855: skip uuid test_find_mac on non-Posix as in later branches 2014-10-01 22:31:04 +02:00
Georg Brandl ff3e5e3779 Fix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX). 2014-10-01 19:15:11 +02:00
Georg Brandl 51c116223e Issue #19855: uuid.getnode() on Unix now looks on the PATH for the 
executables used to find the mac address, with /sbin and /usr/sbin as
fallbacks.

Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with
virtual interface.  Original patch by Kent Frazier.

Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL,
if all necessary functions are already found in libuuid.
Patch by Evgeny Sologubov.

Issue #16102: Make uuid._netbios_getnode() work again on Python 3.
 2014-09-30 19:34:19 +02:00
Georg Brandl 3bc35672a2 Backport b533cc11d114 to fix intermittent test_urllibnet failures. 2014-09-30 17:30:18 +02:00
Georg Brandl 4615076471 Add a dummy "touch" target to the Makefile so that the custom buildbots can test this branch. 2014-09-30 16:41:11 +02:00
Georg Brandl 786c8e7dd5 Fix-up for 0f362676460d: add missing size argument to SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b 2014-09-30 16:31:21 +02:00
Ned Deily e558181660 Issue #20939: Use www.example.com instead of www.python.org to avoid test 
failures when ssl is not present.
 2014-03-26 23:31:39 -07:00
Georg Brandl fd9262cf2a Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit 
line length.  Patch by Emil Lind.
 2014-09-30 16:00:09 +02:00
Georg Brandl 0840b41582 Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces. 2014-09-17 13:17:58 +08:00
Antoine Pitrou dad182c16e Lax cookie parsing in http.cookies could be a security issue when combined 
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
 2014-09-17 00:23:55 +02:00
Georg Brandl 860c367c29 Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 
65536 bytes and send a 414 error code for higher lengths. Patch contributed
by Devin Cook.
 2014-09-30 14:56:46 +02:00
Georg Brandl 21bf3f942b Issue #22517: When a io.BufferedRWPair object is deallocated, clear its 
weakrefs.
 2014-09-30 14:54:39 +02:00
Georg Brandl eaca8616ab Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to 
prevent readline() calls from consuming too much memory.  Patch by Jyrki
Pulliainen.
 2014-09-30 14:45:39 +02:00
Georg Brandl 210ee47e33 Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by 
limiting the call to readline().  Original patch by Christian Heimes.
 2014-09-30 14:18:02 +02:00
Christian Heimes 70088f14ad Issue #18747: document issue with OpenSSL's CPRNG state and fork 2013-10-29 21:08:56 +01:00
Georg Brandl c9cb18d3f7 Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by 
limiting the call to readline().  Original patch by Michał
Jastrzębski and Giampaolo Rodola.
 2014-09-30 14:12:24 +02:00
Georg Brandl f0746ca463 Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than 
100 headers are read.  Adapted from patch by Jyrki Pulliainen.
 2014-09-30 14:08:04 +02:00
Georg Brandl ec3c103520 Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes 
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and
``uniformResourceIdentifier`` (URI).
 2014-09-30 14:04:51 +02:00
Jason R. Coombs 79690ac1d0 Issue #13540: Update references to Action class to match syntax used for other classes in this file. 2014-08-03 14:54:11 -04:00
Jason R. Coombs eb0ef415d5 Issue #13540: Removed redundant documentation about Action instance attributes. Updated example and documentation per recommendations by Steven Bethard in msg149524. 2014-07-20 10:52:46 -04:00
Jason R. Coombs f28cf7abcf Issue #13540: Expanded argparse documents to clarify the action API 2011-12-13 23:36:45 -05:00
Ned Deily 915a30fb0d Issue #21323: Fix http.server to again handle scripts in CGI subdirectories, 
broken by the fix for security issue #19435.  Patch by Zach Byrne.
 2014-07-12 22:06:26 -07:00
Benjamin Peterson 314dc126ce expect the correct platform-dependent linesep 2014-06-16 23:15:50 -07:00
Benjamin Peterson 73b8b1cdb8 url unquote the path before checking if it refers to a CGI script (closes #21766) 2014-06-14 18:36:29 -07:00
Benjamin Peterson 49991deb6e fix poor spelling 2014-04-14 12:15:28 -04:00
Benjamin Peterson 6ef2b36afa disallow a negative idx parameter 2014-04-14 11:45:21 -04:00
Benjamin Peterson 99b5afab74 in scan_once, prevent the reading of arbitrary memory when passed a negative index 
Bug reported by Guido Vranken.
 2014-04-13 22:10:38 -04:00
Benjamin Peterson 80e6af1f61 fix versionchanged version 2014-04-04 09:50:35 -04:00
Benjamin Peterson ee5f1c13d1 remove directory mode check from makedirs (closes #21082) 2014-04-01 19:13:18 -04:00
Benjamin Peterson b4be376d16 use https docs url (#21115) 2014-03-31 13:44:53 -04:00
Benjamin Peterson 8aef28a5d0 add Ian Beer 2014-03-30 20:33:47 -04:00
Benjamin Peterson 23cf403ca1 fix expandtabs overflow detection to be consistent and not rely on signed overflow 2014-03-30 19:47:57 -04:00
Benjamin Peterson cf25c5caae use ssl.PROTOCOL_SSLv23 for maximum compatibility (closes #20896) 2014-03-12 18:05:53 -05:00
Stefan Krah d9bed99fcb Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts. 2014-01-21 22:58:40 +01:00
Benjamin Peterson 1b94030b37 update logo url (#20695) 2014-02-19 22:55:16 -05:00
Benjamin Peterson f6218a2191 open retrieved file in binary mode, since it's now compressed 2014-02-19 22:56:35 -05:00
Benjamin Peterson fbf648ebba complain when nbytes > buflen to fix possible buffer overflow (closes #20246) 2014-01-13 22:59:38 -05:00
Antoine Pitrou f60b7df9f8 Issue #12226: HTTPS is now used by default when connecting to PyPI. 2013-12-22 01:35:53 +01:00
Georg Brandl ee7f3fc586 Backout 7d399099334d. 2013-11-04 07:44:29 +01:00
Georg Brandl 7b5d6adb28 Backout 265d369ad3b9. 2013-11-04 07:43:41 +01:00