traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cpython/Lib
History
Christian Heimes 17b1d5d4e3 bpo-17239: Disable external entities in SAX parser (GH-9217) 
The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.

Signed-off-by: Christian Heimes <christian@python.org>



https://bugs.python.org/issue17239
 		2018-09-23 00:50:25 -07:00
..
asyncio bpo-34666: Implement stream.awrite() and stream.aclose() (GH-9274) 2018-09-13 16:53:49 -07:00
collections Clarify that example in comment is about fromkeys() (GH-8141) 2018-07-06 08:52:26 -07:00
concurrent bpo-33238: Add InvalidStateError to concurrent.futures. (GH-7056) 2018-05-30 10:15:06 +03:00
ctypes bpo-25711: Rewrite zipimport in pure Python. (GH-6809) 2018-09-18 22:22:29 +03:00
curses
dbm bpo-32749: Make dbm.dumb databases more cosistent with other dbm databases. (#5497) 2018-02-05 22:47:31 +02:00
distutils bpo-34421: Improve distutils logging for non-ASCII strings. (GH-9126) 2018-09-23 09:12:59 +03:00
email bpo-33476: Fix _header_value_parser when address group is missing final ';' (GH-7484) 2018-07-28 13:55:11 +01:00
encodings Remove obsolete comment about latin-1 in `normalize_encoding` (GH-8739) 2018-09-10 17:54:37 -07:00
ensurepip Improve ensurepip's --help (GH-4686) 2018-05-30 09:45:55 +02:00
html bpo-30629: Remove second call of str.lower() in html.parser.parse_endtag. (#2099) 2017-06-16 21:15:25 -04:00
http bpo-33365: print the header values beside the keys (GH-6611) 2018-06-19 16:20:58 +03:00
idlelib bpo-34047: IDLE: fix mousewheel scrolling direction on macOS (GH-8678) 2018-08-10 09:02:08 +03:00
importlib bpo-25711: Move _ZipImportResourceReader from importlib to zipimport. (GH-9406) 2018-09-19 09:28:06 +03:00
json bpo-23493: json: Change sort_keys in Python encoder same to C (GH-8131) 2018-07-07 08:55:03 +09:00
lib2to3 closes bpo-34515: Support non-ASCII identifiers in lib2to3. (GH-8950) 2018-09-15 10:32:29 -07:00
logging bpo-6721: Hold logging locks across fork() (GH-4071) 2018-09-13 22:08:31 -07:00
msilib bpo-34251: Restore msilib.Win64 to preserve compatibility (GH-8510) 2018-07-28 16:02:56 -05:00
multiprocessing bpo-34610: Fixed iterator of multiprocessing.managers.DictProxy. (GH-9113) 2018-09-17 14:24:01 +03:00
pydoc_data Update NEWS, docs, and patchlevel for 3.7.0b1 2018-01-31 17:14:30 -05:00
site-packages
sqlite3 bpo-34041: Allow creating deterministic functions in Connection.create_function() (GH-8086) 2018-07-08 10:09:20 +03:00
test bpo-17239: Disable external entities in SAX parser (GH-9217) 2018-09-23 00:50:25 -07:00
tkinter bpo-34189: Fix checking for bugfix Tcl version. (GH-8397) 2018-07-22 21:41:48 +03:00
turtledemo bpo-14117: Make minor tweaks to turtledemo (GH-8002) 2018-06-29 01:10:05 -04:00
unittest bpo-32933: Implement __iter__ method on mock_open() (GH-5974) 2018-09-13 01:21:16 +03:00
urllib bpo-21475: Support the Sitemap extension in robotparser (GH-6883) 2018-05-16 10:52:07 -04:00
venv bpo-32718: Make Activate.ps1 for venv cross-platform and available on all platforms (GH-9321) 2018-09-21 15:27:26 -07:00
wsgiref bpo-9372: Deprecate several __getitem__ methods (GH-8609) 2018-08-11 09:05:04 +03:00
xml bpo-17239: Disable external entities in SAX parser (GH-9217) 2018-09-23 00:50:25 -07:00
xmlrpc bpo-33911: Fixed deprecation warning in xmlrpc.server (GH-7847) 2018-07-16 10:46:04 +02:00
__future__.py String annotations [PEP 563] (#4390) 2018-01-26 08:20:18 -08:00
__phello__.foo.py
_bootlocale.py bpo-29240: PEP 540: Add a new UTF-8 Mode (#855) 2017-12-13 12:29:09 +01:00
_collections_abc.py bpo-34427: Fix infinite loop when calling MutableSequence.extend() on self (GH-8813) 2018-08-30 09:56:14 -07:00
_compat_pickle.py
_compression.py
_dummy_thread.py Restore dummy_threading and _dummy_thread, but deprecate them (bpo-31370) (#3648) 2017-09-18 22:04:20 +02:00
_markupbase.py
_osx_support.py
_py_abc.py bpo-33018: Improve issubclass() error checking and message. (GH-5944) 2018-03-22 11:26:06 +00:00
_pydecimal.py bpo-32630: Use contextvars in decimal (GH-5278) 2018-01-27 13:46:46 -05:00
_pyio.py Remove wording that could be deemed to be perjorative (GH-9287) 2018-09-13 21:17:40 -07:00
_sitebuiltins.py
_strptime.py bpo-33541: Remove unused __pad function (GH-4377) 2018-05-20 13:42:30 -04:00
_threading_local.py Delete a broken threading.local example (#5870) 2018-02-25 10:03:40 -05:00
_weakrefset.py bpo-30296 Remove unnecessary tuples, lists, sets, and dicts (#1489) 2017-05-18 07:35:54 -07:00
abc.py bpo-31333: Re-implement ABCMeta in C (#5273) 2018-02-18 12:41:58 +00:00
aifc.py bpo-32056: Improve exceptions in aifc, wave and sunau. (GH-5951) 2018-03-18 09:55:53 +02:00
antigravity.py Change the xkcd link in comment over https. (GH-5452) 2018-09-13 22:45:00 -07:00
argparse.py Remove superseded line from argparse.HelpFormatter() (GH-8839) 2018-08-22 23:14:14 +03:00
ast.py bpo-33851: Fix ast.get_docstring() for a node that lacks a docstring. (GH-7682) 2018-06-15 11:05:15 +03:00
asynchat.py
asyncore.py bpo-29639: change test.support.HOST to "localhost" 2017-09-09 00:30:15 -07:00
base64.py bpo-34164: Fix handling of incorrect padding in base64.b32decode(). (GH-8351) 2018-07-24 12:52:51 +03:00
bdb.py Docs: fix some wrong words (GH-6987) 2018-06-02 07:16:19 -07:00
binhex.py
bisect.py
bz2.py bpo-33487: improve BZ2File Deprecation and documentation. (GH-6785) 2018-09-10 18:15:56 -07:00
cProfile.py Fix docstring of Profiler class (GH-8651) 2018-08-03 18:09:57 +09:00
calendar.py Closes bpo-28281: Remove year (1-9999) limits on the weekday() function. (#4109) 2017-10-26 15:34:11 -04:00
cgi.py bpo-33843: Remove deprecated stuff in cgi module (GH-7662) 2018-06-19 17:28:50 +09:00
cgitb.py bpo-33311: Do not display parameters displayed in parentheses for module call. (GH-6677) 2018-05-09 12:39:32 +03:00
chunk.py
cmd.py
code.py
codecs.py bpo-32110: codecs.StreamReader.read(n) now returns not more than n (#4499) 2017-11-29 01:30:00 +02:00
codeop.py
colorsys.py
compileall.py closes bpo-31650: PEP 552 (Deterministic pycs) implementation (#4575) 2017-12-09 10:26:52 -08:00
configparser.py bpo-32108: Don't clear configparser values if key is assigned to itself (GH-7588) 2018-06-12 13:37:51 -07:00
contextlib.py bpo-33786: Fix asynchronous generators to handle GeneratorExit in athrow() (GH-7467) 2018-06-07 20:31:26 -04:00
contextvars.py bpo-32436: Implement PEP 567 (#5027) 2018-01-22 19:11:18 -05:00
copy.py bpo-11572: Make minor improvements to copy module (GH-8208) 2018-07-09 23:14:54 +03:00
copyreg.py bpo-31107: Fix copyreg mangled slot names calculation. (#2989) 2017-08-04 11:45:00 +03:00
crypt.py bpo-31702: Allow to specify rounds for SHA-2 hashing in crypt.mksalt(). (#4110) 2017-11-16 13:22:51 +02:00
csv.py bpo-30157: Fix csv.Sniffer.sniff() regex pattern. (GH-5601) 2018-02-09 20:00:49 +02:00
dataclasses.py bpo-34363: dataclasses.asdict() and .astuple() now handle fields which are namedtuples. (GH-9151) 2018-09-14 11:32:16 -04:00
datetime.py bpo-29097: Forego fold detection on windows for low timestamp values (GH-2385) 2018-07-25 12:54:58 -04:00
decimal.py
difflib.py bpo-33224: PEP 479 fix for difflib.mdiff() (GH-6381) 2018-04-05 11:19:57 -07:00
dis.py bpo-32970: Improve disassembly of the MAKE_FUNCTION instruction. (GH-5937) 2018-03-11 11:07:06 +02:00
doctest.py bpo-25054, bpo-1647489: Added support of splitting on zerowidth patterns. (#4471) 2017-12-04 14:29:05 +02:00
dummy_threading.py Restore dummy_threading and _dummy_thread, but deprecate them (bpo-31370) (#3648) 2017-09-18 22:04:20 +02:00
enum.py bpo-29577: Enum: mixin classes don't mix well with already mixed Enums (GH-9328) 2018-09-21 19:03:09 -07:00
filecmp.py
fileinput.py bpo-9372: Deprecate several __getitem__ methods (GH-8609) 2018-08-11 09:05:04 +03:00
fnmatch.py bpo-32775: Fix regular expression warnings in fnmatch. (#5583) 2018-02-09 13:30:19 +02:00
formatter.py
fractions.py bpo-32968: Make modulo and floor division involving Fraction and float consistent with other operations (#5956) 2018-08-27 07:59:28 +01:00
ftplib.py bpo-31346: Use PROTOCOL_TLS_CLIENT/SERVER (#3058) 2017-09-15 20:27:30 +02:00
functools.py bpo-21145: Add cached_property decorator in functools (#6982) 2018-08-28 17:11:56 +10:00
genericpath.py bpo-33721: Make some os.path functions and pathlib.Path methods be tolerant to invalid paths. (#7695) 2018-09-18 11:28:51 +03:00
getopt.py
getpass.py
gettext.py bpo-30152: Reduce the number of imports for argparse. (#1269) 2017-09-26 00:55:55 +03:00
glob.py
gzip.py Replace KB unit with KiB (#4293) 2017-11-08 14:44:44 -08:00
hashlib.py bpo-33729: Fix issues with arguments parsing in hashlib. (GH-8346) 2018-07-31 09:50:16 +03:00
heapq.py bpo-34149: Behavior of the min/max with key=None (GH-8328) 2018-07-23 20:58:21 -07:00
hmac.py bpo-33604: Remove deprecated HMAC default value marked for removal in 3.8 (GH-7063) 2018-09-10 11:10:01 -07:00
imaplib.py bpo-18540: Fix EAI_NONAME in imaplib.IMAP4*() (GH-8634) 2018-08-07 05:12:18 +03:00
imghdr.py
imp.py closes bpo-34056: Always return bytes from _HackedGetData.get_data(). (GH-8130) 2018-07-06 20:41:06 -07:00
inspect.py bpo-6700: Fix inspect.getsourcelines for module level frames/tracebacks (GH-8864) 2018-08-24 17:18:00 +03:00
io.py
ipaddress.py bpo-27683: Fix a regression for host() of ipaddress network objects (GH-6016) 2018-03-21 08:25:13 +08:00
keyword.py bpo-30406: Make async and await proper keywords (#1669) 2017-10-05 23:24:46 -04:00
linecache.py
locale.py Remove mojibake in the locale aliases mapping. (GH-6716) 2018-05-06 10:52:38 +03:00
lzma.py
macpath.py bpo-33721: Make some os.path functions and pathlib.Path methods be tolerant to invalid paths. (#7695) 2018-09-18 11:28:51 +03:00
mailbox.py
mailcap.py
mimetypes.py bpo-27485: Rename and deprecate undocumented functions in urllib.parse (GH-2205) 2018-04-25 16:51:54 -07:00
modulefinder.py closes bpo-31650: PEP 552 (Deterministic pycs) implementation (#4575) 2017-12-09 10:26:52 -08:00
netrc.py bpo-28334: netrc() now uses expanduser() to find .netrc file (GH-4537) 2017-11-25 13:37:22 +03:00
nntplib.py
ntpath.py bpo-33721: Make some os.path functions and pathlib.Path methods be tolerant to invalid paths. (#7695) 2018-09-18 11:28:51 +03:00
nturl2path.py
numbers.py Fix miscellaneous typos (#4275) 2017-11-05 15:37:50 +02:00
opcode.py bpo-33041: Rework compiling an "async for" loop. (#6142) 2018-03-23 14:34:35 +02:00
operator.py
optparse.py bpo-34605: Avoid master/slave terms (GH-9101) 2018-09-07 17:30:33 +02:00
os.py Assume the raw environ is always declared. (GH-8707) 2018-08-07 21:51:12 -07:00
pathlib.py bpo-33721: Make some os.path functions and pathlib.Path methods be tolerant to invalid paths. (#7695) 2018-09-18 11:28:51 +03:00
pdb.py bpo-32691: Use mod_spec.parent when running modules with pdb (GH-5474) 2018-02-03 16:40:11 +10:00
pickle.py bpo-11572: Make minor improvements to copy module (GH-8208) 2018-07-09 23:14:54 +03:00
pickletools.py Fix pickletools doc for NEWFALSE. (GH-9432) 2018-09-22 18:13:53 +03:00
pipes.py
pkgutil.py closes bpo-31650: PEP 552 (Deterministic pycs) implementation (#4575) 2017-12-09 10:26:52 -08:00
platform.py bpo-26544: Get rid of dependence from distutils in platform. (GH-8356) 2018-08-27 13:29:51 +03:00
plistlib.py bpo-33908: Remove two superfluous assignments (GH-7116) 2018-06-20 13:07:31 +08:00
poplib.py bpo-32981: Fix catastrophic backtracking vulns (#5955) 2018-03-03 21:33:32 -08:00
posixpath.py bpo-33721: Make some os.path functions and pathlib.Path methods be tolerant to invalid paths. (#7695) 2018-09-18 11:28:51 +03:00
pprint.py
profile.py time.clock() now emits a DeprecationWarning (GH-4020) 2017-10-17 14:46:45 -07:00
pstats.py Revert unneccessary changes made in bpo-30296 and apply other improvements. (GH-2624) 2018-02-26 16:50:11 +02:00
pty.py
py_compile.py bpo-29708: Setting SOURCE_DATE_EPOCH forces hash-based .pyc files (GH-5200) 2018-01-24 13:26:18 -08:00
pyclbr.py bpo-6691: Pyclbr now reports nested classes and functions. (#2503) 2017-07-03 21:31:25 -04:00
pydoc.py bpo-940286: Fix pydoc to show cross refs correctly (GH-8390) 2018-07-23 08:37:47 +03:00
queue.py bpo-14976: Reentrant simple queue (#3346) 2018-01-16 00:27:16 +01:00
quopri.py
random.py Minor code refactoring. Compute len() one fewer times on one code path. (GH-8094) 2018-07-04 15:28:20 -07:00
re.py bpo-34681: Rename class Pattern in sre_parse to State. (GH-9310) 2018-09-18 09:16:26 +03:00
reprlib.py bpo-31370: Remove support for threads-less builds (#3385) 2017-09-07 18:56:24 +02:00
rlcompleter.py
runpy.py
sched.py bpo-31370: Remove support for threads-less builds (#3385) 2017-09-07 18:56:24 +02:00
secrets.py
selectors.py bpo-30624 remaining bare except (#2108) 2017-06-12 14:43:40 +02:00
shelve.py Fix misleading docsting of shelve.open(). (GH-6427) 2018-04-09 17:16:01 +03:00
shlex.py
shutil.py bpo-33671 / shutil.copyfile: use memoryview() with dynamic size on Windows (#7681) 2018-06-19 08:27:29 -07:00
signal.py bpo-34282: Fix Enum._convert shadowing members named _convert (GH-8568) 2018-09-12 10:28:53 -07:00
site.py bpo-19891: Ignore error while writing history file (GH-8483) 2018-08-06 17:28:19 +09:00
smtpd.py
smtplib.py closes bpo-34525: Fix smtplib's authobject() documentation (GH-8965) 2018-09-10 10:29:43 -07:00
sndhdr.py bpo-31985: Deprecate openfp in aifc, sunau, and wave (#4344) 2017-11-10 11:38:25 -05:00
socket.py bpo-34282: Fix Enum._convert shadowing members named _convert (GH-8568) 2018-09-12 10:28:53 -07:00
socketserver.py bpo-33540: Fix socketserver.ThreadingMixIn if block_on_close=False (GH-7310) 2018-06-01 14:21:34 +02:00
sre_compile.py bpo-34681: Rename class Pattern in sre_parse to State. (GH-9310) 2018-09-18 09:16:26 +03:00
sre_constants.py bpo-31690: Allow the inline flags "a", "L", and "u" to be used as group flags for RE. (#3885) 2017-10-24 23:31:42 +03:00
sre_parse.py bpo-34681: Rename class Pattern in sre_parse to State. (GH-9310) 2018-09-18 09:16:26 +03:00
ssl.py bpo-34670: Add TLS 1.3 post handshake auth (GH-9460) 2018-09-22 23:32:31 -07:00
stat.py closes bpo-34353: Add sockets to stat.filemode fallback python implementation. (GH-8703) 2018-08-09 22:12:08 -07:00
statistics.py
string.py bpo-31672: Restore the former behavior when override flags in Template. (#5099) 2018-01-04 19:20:11 +02:00
stringprep.py
struct.py
subprocess.py closes bpo-32490: Fix filename duplication in subprocess exception message. (GH-9163) 2018-09-11 08:54:07 -07:00
sunau.py bpo-32056: Improve exceptions in aifc, wave and sunau. (GH-5951) 2018-03-18 09:55:53 +02:00
symbol.py bpo-30406: Make async and await proper keywords (#1669) 2017-10-05 23:24:46 -04:00
symtable.py bpo-30296 Remove unnecessary tuples, lists, sets, and dicts (#1489) 2017-05-18 07:35:54 -07:00
sysconfig.py bpo-32430: Rename Modules/Setup.dist to Modules/Setup (GH-8229) 2018-07-16 19:03:03 +02:00
tabnanny.py
tarfile.py bpo-34043: Optimize tarfile uncompress performance (GH-8089) 2018-07-06 14:06:00 +09:00
telnetlib.py bpo-30397: Add re.Pattern and re.Match. (#1646) 2017-10-04 20:09:49 +03:00
tempfile.py bpo-27300: Add the errors parameter to tempfile classes. (GH-6696) 2018-05-23 08:07:01 +03:00
textwrap.py bpo-30620: Remove dead lines from textwrap.dedent (GH-2064) 2017-06-15 19:19:43 -07:00
this.py
threading.py bpo-33556: Remove reference to thread module from docstring (GH-6963) 2018-05-18 13:38:36 -05:00
timeit.py bpo-28240: timeit: Update repeat() doc (GH-7419) 2018-06-06 17:55:18 +02:00
token.py bpo-33260: Regenerate token.py after removing ASYNC and AWAIT. (GH-6447) 2018-04-11 19:15:51 +03:00
tokenize.py bpo-33899: Make tokenize module mirror end-of-file is end-of-line behavior (GH-7891) 2018-07-06 10:19:08 +03:00
trace.py bpo-34171: Prevent creating Lib/trace.cover when run the trace module. (GH-8841) 2018-08-25 10:27:55 +03:00
traceback.py bpo-26502: Implement FrameSummary.__len__() (GH-8632) 2018-09-10 10:02:33 -07:00
tracemalloc.py bpo-32121: Add most_recent_first parameter to tracemalloc.Traceback.format (#4534) 2017-11-30 00:05:07 +01:00
tty.py
turtle.py Revert unneccessary changes made in bpo-30296 and apply other improvements. (GH-2624) 2018-02-26 16:50:11 +02:00
types.py bpo-32265: Classify class and static methods of builtin types. (#4776) 2017-12-15 14:13:41 +02:00
typing.py Fix typo in typing.py module docstring (#9014) 2018-09-01 09:56:58 +01:00
uu.py
uuid.py bpo-30977: rework code changes according to post-merge code review (GH-9106) 2018-09-10 16:11:04 +03:00
warnings.py bpo-33375: Get filename for warnings from frame.f_code.co_filename (GH-6622) 2018-06-08 12:28:37 -07:00
wave.py bpo-32056: Improve exceptions in aifc, wave and sunau. (GH-5951) 2018-03-18 09:55:53 +02:00
weakref.py bpo-30152: Reduce the number of imports for argparse. (#1269) 2017-09-26 00:55:55 +03:00
webbrowser.py bpo-31014: Fix the webbrowser module. (GH-7267) 2018-07-08 10:22:32 +03:00
xdrlib.py
zipapp.py bpo-31638: Add compression support to zipapp (GH-3819) 2017-09-29 18:31:52 +01:00
zipfile.py bpo-34472: Add data descriptor signature to zipfile (GH-8871) 2018-09-18 20:00:05 +03:00
zipimport.py bpo-25711: Move _ZipImportResourceReader from importlib to zipimport. (GH-9406) 2018-09-19 09:28:06 +03:00