Andrew Kuchling
503baf9ecd
#16042 : CVE-2013-1752: Limit amount of data read by limiting the call to readline().
...
The SSLFakeFile.readline() method needs to support limiting readline() as
well. It's not a full emulation of readline()'s signature, but this class
is only used by smtplib's code, so it doesn't have to be.
Modified version of original patch by Christian Heimes.
2013-09-15 13:11:47 -04:00
Christian Heimes
ed9884b2d0
Issue #18709 : GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case
2013-09-05 16:04:35 +02:00
Christian Heimes
bde2985f1d
Python 2.6's ssl module has neither OPENSSL_VERSION_INFO nor _OPENSSL_API_VERSION
2013-09-03 14:47:00 +02:00
Christian Heimes
8f65ef8853
Issue #18709 : Fix issue with IPv6 address in subjectAltName on Mac OS X Tiger
2013-08-25 14:12:41 +02:00
Barry Warsaw
82f8828317
- Issue #18709 : Fix CVE-2013-4238. The SSL module now handles NULL bytes
...
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for `rfc822Name` (email), `dNSName` (DNS) and
`uniformResourceIdentifier` (URI).
2013-08-23 13:26:49 -04:00
Barry Warsaw
f880e5d5ea
Fix UnboundLocalError regression due to previous incorrect fix for
...
issue 16248.
2013-08-20 20:35:20 -04:00
Barry Warsaw
f25d95732c
- Issue #16248 : Disable code execution from the user's home directory by
...
tkinter when the -E flag is passed to Python. Patch by Zachary Ware.
2013-02-20 18:19:55 -05:00
Georg Brandl
55f23c4233
#8040 : port versionswitcher patch to 2.6.
2012-10-28 08:04:38 +01:00
Barry Warsaw
cca96f09d3
Post release twiddle.
2012-04-10 14:50:39 -04:00
Barry Warsaw
27509ce8d9
Added tag v2.6.8 for changeset c9910fd022fc
2012-04-10 11:18:47 -04:00
Barry Warsaw
a12d0ccfbe
Bump to 2.6.8
2012-04-10 10:59:35 -04:00
Barry Warsaw
75076b4971
update docs
2012-04-10 10:56:26 -04:00
Georg Brandl
222ac8c98f
Remove duplicate hgtags entries for 2.6.8rc{1,2}.
2012-03-18 07:31:17 +01:00
Barry Warsaw
9636e462d8
Added tag v2.6.8rc2 for changeset bd9e1a02e3e3
2012-03-17 18:34:05 -04:00
Barry Warsaw
b1abc08a29
Added tag v2.6.8rc2 for changeset 1d1b7b9fad48
2012-03-17 18:19:42 -04:00
Barry Warsaw
bd371a4cbb
Bump to 2.6.8rc2
2012-03-17 18:19:15 -04:00
Barry Warsaw
2875b5b294
Update Docs and NEWS for 2.6.8rc2.
2012-03-17 18:16:58 -04:00
Barry Warsaw
e9bc2f773f
- Issue #14234 : CVE-2012-0876: Randomize hashes of xml attributes in the hash
...
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
2012-03-14 17:10:41 -07:00
Barry Warsaw
6707826c66
Added tag v2.6.8rc1 for changeset 5356b6c7fd66
2012-02-23 11:10:31 -05:00
Barry Warsaw
2593eac34e
Added tag v2.6.8rc1 for changeset caab08cd2b3e
2012-02-23 10:59:50 -05:00
Barry Warsaw
74f4bd53e0
Bump some more copyright years (as per PEP 101), since this is the first
...
release of 2.6 for 2012.
2012-02-23 10:59:38 -05:00
Barry Warsaw
1fbc16d050
Bump to version 2.6.8rc1.
2012-02-23 10:55:57 -05:00
Barry Warsaw
b383e806b6
Back port from 2.7:
...
http://hg.python.org/cpython/rev/48705250232c
changeset: 75187:48705250232c
branch: 2.7
parent: 75184:9a1d902714ae
user: Antoine Pitrou <solipsis@pitrou.net>
date: Wed Feb 22 22:16:25 2012 +0100
2012-02-22 17:26:50 -05:00
Barry Warsaw
56fd6617b5
Backport from 2.7:
...
changeset: 75153:9b7c6dd19e25
branch: 2.7
parent: 75151:b1a02c17b327
user: Antoine Pitrou <solipsis@pitrou.net>
date: Tue Feb 21 22:02:04 2012 +0100
files: Lib/test/test_os.py
2012-02-22 13:50:04 -05:00
Barry Warsaw
6a9005b4eb
Backport from 2.7 branch.
...
changeset: 75165:780008020c40
user: Antoine Pitrou <solipsis@pitrou.net>
date: Wed Feb 22 03:33:56 2012 +0100
summary: Fix (presumably) test_hash under big-endian systems (PPC).
2012-02-22 13:34:18 -05:00
Georg Brandl
3aec568e6e
Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion.
2012-02-21 22:36:27 +01:00
Benjamin Peterson
4e171d12da
don't need this hack anymore
2012-02-21 15:08:51 -05:00
Antoine Pitrou
776af4002b
Fix crash at startup with -W options.
2012-02-21 20:42:48 +01:00
Benjamin Peterson
876e789f65
merge heads
2012-02-21 11:23:21 -05:00
Barry Warsaw
8757cad394
Backport fix from default branch for ./python -R -Wd where hash('d') would not
...
have gotten randomized.
2012-02-21 11:16:06 -05:00
Benjamin Peterson
26da920001
ensure no one tries to hash things before the random seed is found
2012-02-21 11:08:50 -05:00
Barry Warsaw
b69fa1f8b7
Let's sort the keys so that this test passes even with random hashes.
2012-02-21 10:22:34 -05:00
Barry Warsaw
b19fb2462e
Whitespace normalization
2012-02-20 20:44:15 -05:00
Barry Warsaw
1e13eb084f
- Issue #13703 : oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
...
environment variable, to provide an opt-in way to protect against denial of
service attacks due to hash collisions within the dict and set types. Patch
by David Malcolm, based on work by Victor Stinner.
2012-02-20 20:42:21 -05:00
Barry Warsaw
f5a5beb339
Back port Python 2.7 fix for test_invalid_redirect() in test_urllib.py.
2012-02-20 14:43:22 -05:00
Charles-François Natali
66f3cc6f8d
Issue #14001 : CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
...
upon malformed POST request.
2012-02-18 14:15:38 +01:00
Antoine Pitrou
d358e0554b
Issue #13885 : CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.
2012-01-27 09:42:45 +01:00
Martin v. Löwis
141e770e8f
merge closing of 2.5 branch
2011-10-31 12:39:25 +01:00
Martin v. Löwis
e5b9bff214
2.5 is no longer maintained
2011-10-31 12:38:50 +01:00
Éric Araujo
345fff3de8
Remove mentions of previous license in profile module ( #12417 followup)
2011-07-28 22:27:28 +02:00
Benjamin Peterson
5ac56d275d
fix ws
2011-06-28 21:57:21 -05:00
Benjamin Peterson
1105f34a2b
update profile license ( closes #12417 )
2011-06-27 09:14:34 -05:00
Barry Warsaw
d0366e862a
Replay svn r88852.
2011-06-03 20:05:48 -04:00
Barry Warsaw
16ec24a192
Replay svn r88850.
2011-06-03 20:02:47 -04:00
Martin v. Löwis
9c53584ebd
Nearly null-merge 2.5.6
2011-05-28 14:13:32 +02:00
Martin v. Löwis
228516c3f8
merge 2.5.6c1 tag
2011-05-28 14:06:55 +02:00
Martin v. Löwis
dcdf0320c0
Added tag v2.5.6c1 for changeset a87c7b96672b
2011-05-28 14:05:31 +02:00
Martin v. Löwis
4ca9d48a04
Added tag v2.5.6 for changeset de34c7b097e8
2011-05-28 14:00:37 +02:00
Martin v. Löwis
11a859d70d
r88840: Prepare for 2.5.6.
2011-05-28 13:58:36 +02:00
Martin v. Löwis
e81c485e57
r88828: Fix year.
2011-05-28 13:57:28 +02:00