Make 2.7.18rc1 release notes.

10 files changed, 89 insertions, 16 deletions

diff --git a/Misc/NEWS.d/2.7.18rc1.rst b/Misc/NEWS.d/2.7.18rc1.rst
new file mode 100644
index 0000000..5024e2c
--- /dev/null
+++ b/Misc/NEWS.d/2.7.18rc1.rst
@@ -0,0 +1,89 @@
+.. bpo: 38945
+.. date: 2019-12-01-22-44-40
+.. nonce: ztmNXc
+.. release date: 2020-04-04
+.. section: Security
+
+Newline characters have been escaped when performing uu encoding to prevent
+them from overflowing into to content section of the encoded file. This
+prevents malicious or accidental modification of data during the decoding
+process.
+
+..
+
+.. bpo: 38804
+.. date: 2019-11-15-00-54-42
+.. nonce: vjbM8V
+.. section: Security
+
+Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch by Ben Caller.
+
+..
+
+.. bpo: 38535
+.. date: 2019-10-20-12-43-48
+.. nonce: ESMkVN
+.. section: Core and Builtins
+
+Fixed line numbers and column offsets for AST nodes for calls without
+arguments in decorators.
+
+..
+
+.. bpo: 38576
+.. date: 2020-03-18-01-30-50
+.. nonce: cvI68q
+.. section: Library
+
+Disallow control characters in hostnames in http.client, addressing
+CVE-2019-18348. Such potentially malicious header injection URLs now cause a
+InvalidURL to be raised.
+
+..
+
+.. bpo: 27973
+.. date: 2019-12-30-07-59-34
+.. nonce: mgWXH1
+.. section: Library
+
+Fix urllib.urlretrieve failing on subsequent ftp transfers from the same
+host.
+
+..
+
+.. bpo: 38730
+.. date: 2019-11-06-20-53-54
+.. nonce: UQsW_r
+.. section: Build
+
+Fix problems identified by GCC's ``-Wstringop-truncation`` warning.
+
+..
+
+.. bpo: 37025
+.. date: 2019-10-04-03-46-36
+.. nonce: tLheEe
+.. section: Windows
+
+``AddRefActCtx()`` was needlessly being checked for failure in
+``PC/dl_nt.c``.
+
+..
+
+.. bpo: 38295
+.. date: 2019-12-17-03-43-04
+.. nonce: hgDvlB
+.. section: macOS
+
+Prevent failure of test_relative_path in test_py_compile on macOS Catalina.
+
+..
+
+.. bpo: 38540
+.. date: 2019-10-21-09-24-03
+.. nonce: 314N_T
+.. section: C API
+
+Fixed possible leak in :c:func:`PyArg_Parse` and similar functions for
+format units ``"es#"`` and ``"et#"`` when the macro
+:c:macro:`PY_SSIZE_T_CLEAN` is not defined.
diff --git a/Misc/NEWS.d/next/Build/2019-11-06-20-53-54.bpo-38730.UQsW_r.rst b/Misc/NEWS.d/next/Build/2019-11-06-20-53-54.bpo-38730.UQsW_r.rst
deleted file mode 100644
index 08e4e04..0000000
--- a/Misc/NEWS.d/next/Build/2019-11-06-20-53-54.bpo-38730.UQsW_r.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fix problems identified by GCC's ``-Wstringop-truncation`` warning.
diff --git a/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst b/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst
deleted file mode 100644
index 1d73ad8..0000000
--- a/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Fixed possible leak in :c:func:`PyArg_Parse` and similar functions for
-format units ``"es#"`` and ``"et#"`` when the macro
-:c:macro:`PY_SSIZE_T_CLEAN` is not defined.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2019-10-20-12-43-48.bpo-38535.ESMkVN.rst b/Misc/NEWS.d/next/Core and Builtins/2019-10-20-12-43-48.bpo-38535.ESMkVN.rst
deleted file mode 100644
index 7671fd0..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2019-10-20-12-43-48.bpo-38535.ESMkVN.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fixed line numbers and column offsets for AST nodes for calls without
-arguments in decorators.
diff --git a/Misc/NEWS.d/next/Library/2019-12-30-07-59-34.bpo-27973.mgWXH1.rst b/Misc/NEWS.d/next/Library/2019-12-30-07-59-34.bpo-27973.mgWXH1.rst
deleted file mode 100644
index d50f483..0000000
--- a/Misc/NEWS.d/next/Library/2019-12-30-07-59-34.bpo-27973.mgWXH1.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix urllib.urlretrieve failing on subsequent ftp transfers from the same
-host.
diff --git a/Misc/NEWS.d/next/Library/2020-03-18-01-30-50.bpo-38576.cvI68q.rst b/Misc/NEWS.d/next/Library/2020-03-18-01-30-50.bpo-38576.cvI68q.rst
deleted file mode 100644
index 96af32d..0000000
--- a/Misc/NEWS.d/next/Library/2020-03-18-01-30-50.bpo-38576.cvI68q.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Disallow control characters in hostnames in http.client, addressing
-CVE-2019-18348. Such potentially malicious header injection URLs now cause a
-InvalidURL to be raised.
diff --git a/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst b/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst
deleted file mode 100644
index 1f45142..0000000
--- a/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch by Ben Caller.
diff --git a/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst b/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst
deleted file mode 100644
index 1bf6ed5..0000000
--- a/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst
+++ /dev/null
@@ -1 +0,0 @@
-Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process.
\ No newline at end of file
diff --git a/Misc/NEWS.d/next/Windows/2019-10-04-03-46-36.bpo-37025.tLheEe.rst b/Misc/NEWS.d/next/Windows/2019-10-04-03-46-36.bpo-37025.tLheEe.rst
deleted file mode 100644
index 7c0f9dc..0000000
--- a/Misc/NEWS.d/next/Windows/2019-10-04-03-46-36.bpo-37025.tLheEe.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-``AddRefActCtx()`` was needlessly being checked for failure in
-``PC/dl_nt.c``.
diff --git a/Misc/NEWS.d/next/macOS/2019-12-17-03-43-04.bpo-38295.hgDvlB.rst b/Misc/NEWS.d/next/macOS/2019-12-17-03-43-04.bpo-38295.hgDvlB.rst
deleted file mode 100644
index cc9ceb4..0000000
--- a/Misc/NEWS.d/next/macOS/2019-12-17-03-43-04.bpo-38295.hgDvlB.rst
+++ /dev/null
@@ -1 +0,0 @@
-Prevent failure of test_relative_path in test_py_compile on macOS Catalina.