8e91cf6a5e
Fixes issue #14234 : CVE-2012-0876: Randomize hashes of xml attributes
...
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
2012-03-14 14:26:55 -07:00
273cd1812a
update copyright year
2012-02-23 10:53:44 -05:00
31833d4728
Added tag v3.1.5rc1 for changeset ee26aca3219c
2012-02-23 10:46:00 -05:00
36a6558891
version now 3.1.5rc1
2012-02-23 10:45:48 -05:00
c9a42070a6
Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion.
2012-02-21 22:36:27 +01:00
69e9727657
ensure no one tries to hash things before the random seed is found
2012-02-21 11:08:50 -05:00
9571155ae4
Remove setting hash seed to regrtest's random seed and re-execv()ing: this doesn't preserve Python flags and fails from a temp directory.
2012-02-20 22:06:02 +01:00
7c573f7a07
Fix dbm_gnu test relying on set order.
2012-02-20 22:48:06 +01:00
06b1c4f68b
Fix typo.
2012-02-20 23:09:59 +01:00
12897d7d39
Fix typo in conditional.
2012-02-20 23:49:29 +01:00
a3ed11bd34
don't rely on the order of module clearing
2012-02-20 15:20:37 -05:00
2daf6ae249
Issue #13703 : add a way to randomize the hash values of basic types (str, bytes, datetime)
...
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.
The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior.
2012-02-20 19:54:16 +01:00
ec1712a166
Issue #14001 : CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
...
upon malformed POST request.
2012-02-18 14:42:57 +01:00
2f7b286a8c
Revert fix for #13807 mistakenly applied in this branch.
2012-02-03 18:23:05 +00:00
f2bf8a6ac5
Issue #13885 : CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.
2012-01-27 09:48:47 +01:00
889bb2969d
Closes #13807 : Now checks for sys.stderr being there before writing to it.
2012-01-20 11:23:02 +00:00
b462da8c0a
fix this to not depend on dictionary order
2012-01-03 16:23:11 -06:00
ee19c772cb
Remove mentions of previous license in profile module docs ( #12417 followup).
...
Also remove an extra docstring.
2011-07-28 22:56:24 +02:00
8cdc40e3b0
Issue #11603 : Fix a crash when __str__ is rebound as __repr__.
...
Patch by Andreas Stührk.
2011-07-15 21:15:07 +02:00
e22813067e
Issue #12502 : asyncore: fix polling loop with AF_UNIX sockets.
2011-07-14 19:53:38 +02:00
778db49da9
Issue #12352 : Fix a deadlock in multiprocessing.Heap when a block is freed by
...
the garbage collector while the Heap lock is held.
2011-07-02 14:35:49 +02:00
afa44a8096
update profile license ( closes #12417 )
2011-06-27 09:14:34 -05:00
40d9ebe031
Issue #12228 : Fix exchanged flag descriptions in stat.rst. Thanks Sandro Tosi.
2011-06-25 12:03:33 +02:00
fe9230aac6
Fix closes issue12261 - Minor documention changes in the urllib.parse.rst
2011-06-19 13:52:49 -07:00
acde6a0a40
onto 3.1.5
2011-06-11 11:33:01 -05:00
f2ff3054f9
Added tag v3.1.4 for changeset c918ec9f3a76
2011-06-11 09:59:17 -05:00
d858df20d0
bump to 3.1.4
2011-06-11 09:58:58 -05:00
1df0f214a9
fix regression in netrc comment handling ( closes #12009 )
2011-06-10 11:32:52 -05:00
e6eafa2ade
Issue #10801 : Fix test_unicode_filenames() of test_zipfile
...
Just try to open files from the ZIP for reading, don't extract them to avoid
UnicodeEncodeError if the filename is not encodable to the filesystem encoding
(e.g. ASCII locale encoding).
2011-06-10 16:32:54 +02:00
721bb33e3b
Add 3.1.4 UUIDs.
2011-06-05 10:56:44 +02:00
4c226dac02
Do not add txt files twice.
2011-06-05 10:55:57 +02:00
52e61449e3
return NULL on error
2011-05-31 21:38:15 -05:00
a22c98de85
simply use the Python version for pyexpat.__version__ #12221
2011-05-31 18:59:49 -05:00
bb11bb0dbb
Added tag v3.1.4rc1 for changeset 32fcb9e94985
2011-05-29 16:10:15 -05:00
5f250fbafe
update pydoc-topics
2011-05-29 16:09:08 -05:00
9a63745273
bump to 3.1.4rc1
2011-05-29 16:06:00 -05:00
e4427bf9c9
Branch merge
2011-05-29 17:56:20 +02:00
d5a91961dd
Issue #12205 : Fix test_subprocess failure due to uninstalled test data.
2011-05-29 02:39:02 -07:00
87418afb3b
Fix typo in 0311f62714f7
2011-05-29 03:48:49 +02:00
6a21f5527c
Don’t misuse “package data” in pprint example
2011-05-29 03:46:31 +02:00
456ae893d7
Re-add missing doc stub for the distutils check command
2011-05-29 00:22:06 +02:00
000893fab2
Minor touch-ups in distutils.cmd.Command doc
2011-05-29 00:14:45 +02:00
489c8ff26b
Fix test_build_py when sys.dont_write_bytecode is true ( #9831 ).
...
The tests now pass all combinations of -O/-OO and -B. See also #7071
and #6292 for previous variations on the same theme.
test_versionpredicate needs a skip when sys.flags.optimize is true, but
I don’t know how to make that work with a DocTestSuite.
2011-05-28 23:32:50 +02:00
b8e59f77e6
Issue #985064 : Make plistlib more resilient to faulty input plists.
...
Patch by Mher Movsisyan.
2011-05-28 02:19:19 -07:00
9a7c524dc6
Issue #9670 : Increase the default stack size for secondary threads on
...
Mac OS X and FreeBSD to reduce the chances of a crash instead of a
"maximum recursion depth" RuntimeError exception.
(patch by Ronald Oussoren)
2011-05-28 00:19:56 -07:00
0a5dad9ef1
fix spacing
2011-05-27 14:17:04 -05:00
74897ba46f
fix indentation
2011-05-27 14:10:24 -05:00
f33de71514
Minor doc addition for clarity
2011-05-27 04:42:47 +02:00
e0854f9dbf
Add missing closing paren
2011-05-27 04:36:52 +02:00
dec2067b2a
Branch merge
2011-05-26 16:49:59 +02:00
Gregory P. Smith
Benjamin Peterson
Georg Brandl
Charles-François Natali
Vinay Sajip
Antoine Pitrou
Éric Araujo
Mark Dickinson
Senthil Kumaran
Victor Stinner
Martin v. Löwis
Ned Deily