97eda155f8
Issue #12285 : Update NEWS
2016-09-01 21:12:17 -04:00
a12d92bec1
merge 3.3 ( #27783 )
2016-08-16 23:36:20 -07:00
1f0e7c9933
rearrange methodcaller_new so that the main error case does not cause uninitialized memory usage ( closes #27783 )
2016-08-16 23:35:35 -07:00
10bc0f6edf
merge 3.3 ( #27774 )
2016-08-15 22:03:44 -07:00
3a27b0857e
do not decref value borrowed from list ( closes #27774 )
2016-08-15 22:01:41 -07:00
432ea4ff37
fail when negative values are passed to instr()
2016-08-15 21:40:14 -07:00
5295532adb
merge 3.3 ( closes #27760 )
2016-08-13 18:36:55 -07:00
4f976513ef
fix possible integer overflow in binascii.b2a_qp ( closes #27760 )
...
Reported by Thomas E. Hybel
2016-08-13 18:33:33 -07:00
40a77c3381
do not allow reading negative values with getstr()
2016-08-13 18:15:28 -07:00
59b6abd38c
merge 3.3 ( #27758 )
2016-08-13 17:21:22 -07:00
6e01d90cc8
check for overflow in join_append_data ( closes #27758 )
...
Reported by Thomas E. Hybel
2016-08-13 17:17:06 -07:00
436fe5a447
[merge from 3.3] Prevent HTTPoxy attack (CVE-2016-1000110)
...
Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.
Issue #27568 Reported and patch contributed by Rémi Rampin.
2016-07-30 23:34:34 -07:00
4cbb23f8f2
Prevent HTTPoxy attack (CVE-2016-1000110)
...
Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.
Issue #27568 Reported and patch contributed by Rémi Rampin.
2016-07-30 23:24:16 -07:00
b7b5d35545
Issue #27369 : Merge test_pyexpat from 3.3 into 3.4
2016-07-14 02:09:17 +00:00
d27a7c1f22
Issue #27369 : Merge test_pyexpat from 3.2 into 3.3
2016-07-14 01:42:53 +00:00
076ca6c3c8
Issue #27369 : Don’t test error message detail that changed in Expat 2.2.0
2016-07-14 01:31:46 +00:00
2cdcaf1353
Issue #22758 : Move NEWS entry to Library section
2016-07-14 01:17:03 +00:00
5f21f43af7
#22758 : fix regression in handling of secure cookies.
...
This backports the fix from #16611 , per discussion with the release
manager.
2016-07-10 13:32:43 -04:00
ea684921c2
Post-release fixups for Python 3.4.5.
2016-06-26 19:41:21 -07:00
98be9d500e
Version bump for 3.4.5 final.
2016-06-25 14:44:30 -07:00
463c3f3eef
Release bump for 3.4.5rc1.
2016-06-11 22:24:03 -07:00
196d7db395
upgrade expt to 2.1.1 ( closes #26556 )
2016-06-11 13:28:56 -07:00
46b32f307c
raise an error when STARTTLS fails
2016-06-11 13:16:42 -07:00
3d4d01f614
Back out 7e9605697dfc, 2e3c31ab586a, 759b2cecc289.
...
These added a path attribute to pathlib.Path objects, and docs.
Instead, we're going to use PEP 519.
(Starting in the 3.4 branch and merging forward from there since that's what I did originally.)
2016-05-19 13:00:21 -07:00
b9869dfe35
remove useless $ keyword ( closes #17167 )
2016-03-21 22:31:02 -07:00
f11b25b081
properly use the ObjArgs variant of CallMethod in dictview binary operations ( closes #26478 )
2016-03-03 22:05:36 -08:00
90ba2ca68a
#26246 : update copybutton.js after JQuery update. Patch by Liang-Bo Wang.
2016-02-27 08:39:36 +02:00
9491272751
open the cert store readonly
...
Patch from Chi Hsuan Yen.
2016-02-17 22:13:19 -08:00
c4032da201
prevent buffer overflow in get_data ( closes #26171 )
2016-01-20 22:23:44 -08:00
514bb0711f
Issue #25940 : Merge self-signed.pythontest.net testing from 3.3 into 3.4
2016-01-14 12:46:49 +00:00
73f55076f6
Issue #25940 : Merge self-signed.pythontest.net testing from 3.2 into 3.3
2016-01-14 12:21:02 +00:00
3d81d93f34
Issue #25940 : Use self-signed.pythontest.net in SSL tests
...
This is instead of svn.python.org, whose certificate recently expired, and
whose new certificate uses a different root certificate.
The certificate used at the pythontest server was modifed to set the "basic
constraints" CA flag. This flag seems to be required for test_get_ca_certs_
capath() to work (in Python 3.4+).
Added the new self-signed certificate to capath with the following commands:
cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/}
c_rehash -v Lib/test/capath/
c_rehash -v -old Lib/test/capath/
# Note the generated file names
cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0}
mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0}
The new server responds with "No route to host" when connecting to port 444.
2016-01-14 09:36:00 +00:00
d9d0e864b9
Issue #26050 : Add asyncio.StreamReader.readuntil() method.
...
Patch by Марк Коренберг.
2016-01-11 12:28:19 -05:00
c07b16b40f
Sync with asyncio repo
2016-01-11 08:42:49 +02:00
e428231539
Issue #22570 : Add 'path' attribute to pathlib.Path objects.
2016-01-06 11:01:42 -08:00
69bfb15bd8
Issue #26012 : Don't traverse into symlinks for ** pattern in pathlib.Path.[r]glob().
2016-01-06 10:31:33 -08:00
6c2d33a258
Issue #24120 : Ignore PermissionError in pathlib.Path.[r]glob(). Ulrich Petri.
2016-01-06 09:42:07 -08:00
c4e70ffba9
Post-release touchups for Python 3.4.4 final.
2015-12-20 22:42:47 -08:00
fa71932860
Release bump for Python 3.4.4 final.
2015-12-19 19:31:10 -08:00
13cf4904b2
Post-release fixups for Python 3.4.4rc1.
2015-12-06 21:54:29 -08:00
e739601a78
Version bump for 3.4.4rc1.
2015-12-06 05:53:35 -08:00
6364094f49
Issue #25798 : Update OS X 10.5+ 32-bit-only installer to build
...
and link with OpenSSL 1.0.2e.
2015-12-05 23:51:23 -05:00
14b2c82855
fix reordering
2015-12-05 00:27:11 -08:00
68524e1984
merge 3.3
2015-12-05 00:23:11 -08:00
2deaea3119
merge 3.2
2015-12-05 00:21:12 -08:00
5e621176c4
add CVE and issue number
2015-12-05 00:17:57 -08:00
ced699b4c7
#24903 : Remove misleading error message to fix regression.
...
Before the argparse conversion, compileall would (sometimes) accept multiple
paths when -d was specified. Afterward, it does not. The corresponding check
in the original code claimed to prevent multiple *directories* from being
specified...but it didn't really work even to do that. So this patch fixes
the regression by invoking the consenting adults rule: if you specify a
combination of arguments to compileall that produces files with inconsistent
destdirs (which you could do before), it is on you.
Patch by Jake Garver.
2015-12-04 22:54:38 -05:00
31b9410654
Issue #25709 : Fixed problem with in-place string concatenation and utf-8 cache.
2015-12-03 01:02:03 +02:00
afdd51343c
Issue #25764 : Preserve subprocess fork exception when preexec_fn used
...
Also fix handling of failure to release the import lock.
2015-11-30 02:21:41 +00:00
c7217d7c22
Issue #6478 : _strptime's regexp cache now is reset after changing timezone
...
with time.tzset().
2015-12-03 22:21:07 +02:00
Jason R. Coombs
Benjamin Peterson
Senthil Kumaran
Martin Panter
R David Murray
Larry Hastings
Guido van Rossum
Ezio Melotti
Martin Panter
Yury Selivanov
Andrew Svetlov
Ned Deily
Serhiy Storchaka