82f8828317
- Issue #18709 : Fix CVE-2013-4238. The SSL module now handles NULL bytes
...
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for `rfc822Name` (email), `dNSName` (DNS) and
`uniformResourceIdentifier` (URI).
2013-08-23 13:26:49 -04:00
f880e5d5ea
Fix UnboundLocalError regression due to previous incorrect fix for
...
issue 16248.
2013-08-20 20:35:20 -04:00
f25d95732c
- Issue #16248 : Disable code execution from the user's home directory by
...
tkinter when the -E flag is passed to Python. Patch by Zachary Ware.
2013-02-20 18:19:55 -05:00
55f23c4233
#8040 : port versionswitcher patch to 2.6.
2012-10-28 08:04:38 +01:00
cca96f09d3
Post release twiddle.
2012-04-10 14:50:39 -04:00
27509ce8d9
Added tag v2.6.8 for changeset c9910fd022fc
2012-04-10 11:18:47 -04:00
a12d0ccfbe
Bump to 2.6.8
2012-04-10 10:59:35 -04:00
75076b4971
update docs
2012-04-10 10:56:26 -04:00
222ac8c98f
Remove duplicate hgtags entries for 2.6.8rc{1,2}.
2012-03-18 07:31:17 +01:00
9636e462d8
Added tag v2.6.8rc2 for changeset bd9e1a02e3e3
2012-03-17 18:34:05 -04:00
b1abc08a29
Added tag v2.6.8rc2 for changeset 1d1b7b9fad48
2012-03-17 18:19:42 -04:00
bd371a4cbb
Bump to 2.6.8rc2
2012-03-17 18:19:15 -04:00
2875b5b294
Update Docs and NEWS for 2.6.8rc2.
2012-03-17 18:16:58 -04:00
e9bc2f773f
- Issue #14234 : CVE-2012-0876: Randomize hashes of xml attributes in the hash
...
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
2012-03-14 17:10:41 -07:00
6707826c66
Added tag v2.6.8rc1 for changeset 5356b6c7fd66
2012-02-23 11:10:31 -05:00
2593eac34e
Added tag v2.6.8rc1 for changeset caab08cd2b3e
2012-02-23 10:59:50 -05:00
74f4bd53e0
Bump some more copyright years (as per PEP 101), since this is the first
...
release of 2.6 for 2012.
2012-02-23 10:59:38 -05:00
1fbc16d050
Bump to version 2.6.8rc1.
2012-02-23 10:55:57 -05:00
b383e806b6
Back port from 2.7:
...
http://hg.python.org/cpython/rev/48705250232c
changeset: 75187:48705250232c
branch: 2.7
parent: 75184:9a1d902714ae
user: Antoine Pitrou <solipsis@pitrou.net>
date: Wed Feb 22 22:16:25 2012 +0100
2012-02-22 17:26:50 -05:00
56fd6617b5
Backport from 2.7:
...
changeset: 75153:9b7c6dd19e25
branch: 2.7
parent: 75151:b1a02c17b327
user: Antoine Pitrou <solipsis@pitrou.net>
date: Tue Feb 21 22:02:04 2012 +0100
files: Lib/test/test_os.py
2012-02-22 13:50:04 -05:00
6a9005b4eb
Backport from 2.7 branch.
...
changeset: 75165:780008020c40
user: Antoine Pitrou <solipsis@pitrou.net>
date: Wed Feb 22 03:33:56 2012 +0100
summary: Fix (presumably) test_hash under big-endian systems (PPC).
2012-02-22 13:34:18 -05:00
3aec568e6e
Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion.
2012-02-21 22:36:27 +01:00
4e171d12da
don't need this hack anymore
2012-02-21 15:08:51 -05:00
776af4002b
Fix crash at startup with -W options.
2012-02-21 20:42:48 +01:00
876e789f65
merge heads
2012-02-21 11:23:21 -05:00
8757cad394
Backport fix from default branch for ./python -R -Wd where hash('d') would not
...
have gotten randomized.
2012-02-21 11:16:06 -05:00
26da920001
ensure no one tries to hash things before the random seed is found
2012-02-21 11:08:50 -05:00
b69fa1f8b7
Let's sort the keys so that this test passes even with random hashes.
2012-02-21 10:22:34 -05:00
b19fb2462e
Whitespace normalization
2012-02-20 20:44:15 -05:00
1e13eb084f
- Issue #13703 : oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
...
environment variable, to provide an opt-in way to protect against denial of
service attacks due to hash collisions within the dict and set types. Patch
by David Malcolm, based on work by Victor Stinner.
2012-02-20 20:42:21 -05:00
f5a5beb339
Back port Python 2.7 fix for test_invalid_redirect() in test_urllib.py.
2012-02-20 14:43:22 -05:00
66f3cc6f8d
Issue #14001 : CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
...
upon malformed POST request.
2012-02-18 14:15:38 +01:00
d358e0554b
Issue #13885 : CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.
2012-01-27 09:42:45 +01:00
141e770e8f
merge closing of 2.5 branch
2011-10-31 12:39:25 +01:00
e5b9bff214
2.5 is no longer maintained
2011-10-31 12:38:50 +01:00
345fff3de8
Remove mentions of previous license in profile module ( #12417 followup)
2011-07-28 22:27:28 +02:00
5ac56d275d
fix ws
2011-06-28 21:57:21 -05:00
1105f34a2b
update profile license ( closes #12417 )
2011-06-27 09:14:34 -05:00
d0366e862a
Replay svn r88852.
2011-06-03 20:05:48 -04:00
16ec24a192
Replay svn r88850.
2011-06-03 20:02:47 -04:00
9c53584ebd
Nearly null-merge 2.5.6
2011-05-28 14:13:32 +02:00
228516c3f8
merge 2.5.6c1 tag
2011-05-28 14:06:55 +02:00
dcdf0320c0
Added tag v2.5.6c1 for changeset a87c7b96672b
2011-05-28 14:05:31 +02:00
4ca9d48a04
Added tag v2.5.6 for changeset de34c7b097e8
2011-05-28 14:00:37 +02:00
11a859d70d
r88840: Prepare for 2.5.6.
2011-05-28 13:58:36 +02:00
e81c485e57
r88828: Fix year.
2011-05-28 13:57:28 +02:00
cf60858b55
r88824: Prepare for 2.5.6c1.
2011-05-28 13:56:22 +02:00
32140f8955
Replay changeset 70249:b571c7a8cf2e from fubar branch. Original commit
...
message:
Merging post 2.6.7rc2 changes from Subversion.
2011-05-23 15:27:52 -04:00
34289260da
Replay changeset 70248:c714e2f92f63 from fubar branch. Original commit
...
message:
Cross-port changes for 2.6.7rc2 from the Subversion branch.
2011-05-23 15:26:11 -04:00
cf0d8ab818
Replay changeset 70238:03e488b5c009 from fubar branch. Original commit
...
message:
Reconcile with the 2.6svn branch. The 2.6.7 release will be made from
Subversion, but there were differences, so this brings them in sync. These
changes should *not* propagate to any newer versions.
2011-05-23 15:22:56 -04:00
Barry Warsaw
Georg Brandl
Benjamin Peterson
Antoine Pitrou
Charles-François Natali
Martin v. Löwis
Éric Araujo