Python 3.10.20v3.10.20

22 files changed, 196 insertions, 61 deletions

diff --git a/Doc/library/pyexpat.rst b/Doc/library/pyexpat.rst
index ba8b985..a021803 100644
--- a/Doc/library/pyexpat.rst
+++ b/Doc/library/pyexpat.rst
@@ -255,7 +255,7 @@ common XML vulnerabilities.
    The corresponding :attr:`~ExpatError.lineno` and :attr:`~ExpatError.offset`
    should not be used as they may have no special meaning.
 
-   .. versionadded:: next
+   .. versionadded:: 3.10.20
 
 .. method:: xmlparser.SetAllocTrackerMaximumAmplification(max_factor, /)
 
@@ -285,7 +285,7 @@ common XML vulnerabilities.
       that can be adjusted by :meth:`.SetAllocTrackerActivationThreshold`
       is exceeded.
 
-   .. versionadded:: next
+   .. versionadded:: 3.10.20
 
 
 :class:`xmlparser` objects have the following attributes:
diff --git a/Include/patchlevel.h b/Include/patchlevel.h
index 7c005c0..e86e4f0 100644
--- a/Include/patchlevel.h
+++ b/Include/patchlevel.h
@@ -18,12 +18,12 @@
 /*--start constants--*/
 #define PY_MAJOR_VERSION        3
 #define PY_MINOR_VERSION        10
-#define PY_MICRO_VERSION        19
+#define PY_MICRO_VERSION        20
 #define PY_RELEASE_LEVEL        PY_RELEASE_LEVEL_FINAL
 #define PY_RELEASE_SERIAL       0
 
 /* Version as a string */
-#define PY_VERSION              "3.10.19+"
+#define PY_VERSION              "3.10.20"
 /*--end constants--*/
 
 /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py
index 6fa1fdc..c0050e7 100644
--- a/Lib/pydoc_data/topics.py
+++ b/Lib/pydoc_data/topics.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Autogenerated by Sphinx on Thu Oct  9 17:24:48 2025
+# Autogenerated by Sphinx on Tue Mar  3 00:49:25 2026
 topics = {'assert': 'The "assert" statement\n'
            '**********************\n'
            '\n'
diff --git a/Misc/NEWS.d/3.10.20.rst b/Misc/NEWS.d/3.10.20.rst
new file mode 100644
index 0000000..04f8c4b
--- /dev/null
+++ b/Misc/NEWS.d/3.10.20.rst
@@ -0,0 +1,190 @@
+.. date: 2026-01-21-12-34-05
+.. gh-issue: 144125
+.. nonce: TAz5uo
+.. release date: 2026-03-03
+.. section: Security
+
+:mod:`~email.generator.BytesGenerator` will now refuse to serialize (write)
+headers that are unsafely folded or delimited; see
+:attr:`~email.policy.Policy.verify_generated_headers`. (Contributed by Bas
+Bloemsaat and Petr Viktorin in :gh:`121650`).
+
+..
+
+.. date: 2026-01-16-14-40-31
+.. gh-issue: 143935
+.. nonce: U2YtKl
+.. section: Security
+
+Fixed a bug in the folding of comments when flattening an email message
+using a modern email policy. Comments consisting of a very long sequence of
+non-foldable characters could trigger a forced line wrap that omitted the
+required leading space on the continuation line, causing the remainder of
+the comment to be interpreted as a new header field. This enabled header
+injection with carefully crafted inputs.
+
+..
+
+.. date: 2026-01-16-11-51-19
+.. gh-issue: 143925
+.. nonce: mrtcHW
+.. section: Security
+
+Reject control characters in ``data:`` URL media types.
+
+..
+
+.. date: 2026-01-16-11-13-15
+.. gh-issue: 143919
+.. nonce: kchwZV
+.. section: Security
+
+Reject control characters in :class:`http.cookies.Morsel` fields and values.
+
+..
+
+.. date: 2026-01-16-11-07-36
+.. gh-issue: 143916
+.. nonce: dpWeOD
+.. section: Security
+
+Reject C0 control characters within wsgiref.headers.Headers fields, values,
+and parameters.
+
+..
+
+.. date: 2025-12-01-09-36-45
+.. gh-issue: 142145
+.. nonce: tcAUhg
+.. section: Security
+
+Remove quadratic behavior in ``xml.minidom`` node ID cache clearing.  In
+order to do this without breaking existing users, we also add the
+*ownerDocument* attribute to :mod:`xml.dom.minidom` elements and attributes
+created by directly instantiating the ``Element`` or ``Attr`` class. Note
+that this way of creating nodes is not supported; creator functions like
+:py:meth:`xml.dom.Document.documentElement` should be used instead.
+
+..
+
+.. date: 2025-08-15-23-08-44
+.. gh-issue: 137836
+.. nonce: b55rhh
+.. section: Security
+
+Add support of the "plaintext" element, RAWTEXT elements "xmp", "iframe",
+"noembed" and "noframes", and optionally RAWTEXT element "noscript" in
+:class:`html.parser.HTMLParser`.
+
+..
+
+.. date: 2025-06-28-13-23-53
+.. gh-issue: 136063
+.. nonce: aGk0Jv
+.. section: Security
+
+:mod:`email.message`: ensure linear complexity for legacy HTTP parameters
+parsing. Patch by Bénédikt Tran.
+
+..
+
+.. date: 2025-05-30-22-33-27
+.. gh-issue: 136065
+.. nonce: bu337o
+.. section: Security
+
+Fix quadratic complexity in :func:`os.path.expandvars`.
+
+..
+
+.. date: 2024-05-23-11-47-48
+.. gh-issue: 119451
+.. nonce: qkJe9-
+.. section: Security
+
+Fix a potential memory denial of service in the :mod:`http.client` module.
+When connecting to a malicious server, it could cause an arbitrary amount of
+memory to be allocated. This could have led to symptoms including a
+:exc:`MemoryError`, swapping, out of memory (OOM) killed processes or
+containers, or even system crashes.
+
+..
+
+.. date: 2024-05-23-11-44-41
+.. gh-issue: 119452
+.. nonce: PRfsSv
+.. section: Security
+
+Fix a potential memory denial of service in the :mod:`http.server` module.
+When a malicious user is connected to the CGI server on Windows, it could
+cause an arbitrary amount of memory to be allocated. This could have led to
+symptoms including a :exc:`MemoryError`, swapping, out of memory (OOM)
+killed processes or containers, or even system crashes.
+
+..
+
+.. date: 2024-05-21-22-11-31
+.. gh-issue: 119342
+.. nonce: BTFj4Z
+.. section: Security
+
+Fix a potential memory denial of service in the :mod:`plistlib` module. When
+reading a Plist file received from untrusted source, it could cause an
+arbitrary amount of memory to be allocated. This could have led to symptoms
+including a :exc:`MemoryError`, swapping, out of memory (OOM) killed
+processes or containers, or even system crashes.
+
+..
+
+.. date: 2026-02-15-00-00-00
+.. gh-issue: 144833
+.. nonce: TUelo1
+.. section: Library
+
+Fixed a use-after-free in :mod:`ssl` when ``SSL_new()`` returns NULL in
+``newPySSLSocket()``. The error was reported via a dangling pointer after
+the object had already been freed.
+
+..
+
+.. date: 2026-01-31-17-15-49
+.. gh-issue: 144363
+.. nonce: X9f0sU
+.. section: Library
+
+Update bundled `libexpat <https://libexpat.github.io/>`_ to 2.7.4
+
+..
+
+.. date: 2025-09-22-14-40-11
+.. gh-issue: 90949
+.. nonce: UM35nb
+.. section: Library
+
+Add :meth:`~xml.parsers.expat.xmlparser.SetAllocTrackerActivationThreshold`
+and :meth:`~xml.parsers.expat.xmlparser.SetAllocTrackerMaximumAmplification`
+to :ref:`xmlparser <xmlparser-objects>` objects to prevent use of
+disproportional amounts of dynamic memory from within an Expat parser. Patch
+by Bénédikt Tran.
+
+..
+
+.. date: 2024-06-13-12-17-52
+.. gh-issue: 120384
+.. nonce: w1UBGl
+.. section: Core and Builtins
+
+Fix an array out of bounds crash in ``list_ass_subscript``, which could be
+invoked via some specificly tailored input: including concurrent
+modification of a list object, where one thread assigns a slice and another
+clears it.
+
+..
+
+.. date: 2024-06-10-10-42-48
+.. gh-issue: 120298
+.. nonce: napREA
+.. section: Core and Builtins
+
+Fix use-after free in ``list_richcompare_impl`` which can be invoked via
+some specificly tailored evil input.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2024-06-10-10-42-48.gh-issue-120298.napREA.rst b/Misc/NEWS.d/next/Core and Builtins/2024-06-10-10-42-48.gh-issue-120298.napREA.rst
deleted file mode 100644
index 531d395..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2024-06-10-10-42-48.gh-issue-120298.napREA.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix use-after free in ``list_richcompare_impl`` which can be invoked via
-some specificly tailored evil input.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2024-06-13-12-17-52.gh-issue-120384.w1UBGl.rst b/Misc/NEWS.d/next/Core and Builtins/2024-06-13-12-17-52.gh-issue-120384.w1UBGl.rst
deleted file mode 100644
index 4a4db82..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2024-06-13-12-17-52.gh-issue-120384.w1UBGl.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Fix an array out of bounds crash in ``list_ass_subscript``, which could be
-invoked via some specificly tailored input: including concurrent modification
-of a list object, where one thread assigns a slice and another clears it.
diff --git a/Misc/NEWS.d/next/Library/2025-09-22-14-40-11.gh-issue-90949.UM35nb.rst b/Misc/NEWS.d/next/Library/2025-09-22-14-40-11.gh-issue-90949.UM35nb.rst
deleted file mode 100644
index 5611f33..0000000
--- a/Misc/NEWS.d/next/Library/2025-09-22-14-40-11.gh-issue-90949.UM35nb.rst
+++ /dev/null
@@ -1,5 +0,0 @@
-Add :meth:`~xml.parsers.expat.xmlparser.SetAllocTrackerActivationThreshold`
-and :meth:`~xml.parsers.expat.xmlparser.SetAllocTrackerMaximumAmplification`
-to :ref:`xmlparser <xmlparser-objects>` objects to prevent use of
-disproportional amounts of dynamic memory from within an Expat parser.
-Patch by Bénédikt Tran.
diff --git a/Misc/NEWS.d/next/Library/2026-01-31-17-15-49.gh-issue-144363.X9f0sU.rst b/Misc/NEWS.d/next/Library/2026-01-31-17-15-49.gh-issue-144363.X9f0sU.rst
deleted file mode 100644
index c17cea6..0000000
--- a/Misc/NEWS.d/next/Library/2026-01-31-17-15-49.gh-issue-144363.X9f0sU.rst
+++ /dev/null
@@ -1 +0,0 @@
-Update bundled `libexpat <https://libexpat.github.io/>`_ to 2.7.4
diff --git a/Misc/NEWS.d/next/Library/2026-02-15-00-00-00.gh-issue-144833.TUelo1.rst b/Misc/NEWS.d/next/Library/2026-02-15-00-00-00.gh-issue-144833.TUelo1.rst
deleted file mode 100644
index 6d5b18f..0000000
--- a/Misc/NEWS.d/next/Library/2026-02-15-00-00-00.gh-issue-144833.TUelo1.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Fixed a use-after-free in :mod:`ssl` when ``SSL_new()`` returns NULL in
-``newPySSLSocket()``. The error was reported via a dangling pointer after the
-object had already been freed.
diff --git a/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst b/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst
deleted file mode 100644
index 04fd8fa..0000000
--- a/Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst
+++ /dev/null
@@ -1,5 +0,0 @@
-Fix a potential memory denial of service in the :mod:`plistlib` module.
-When reading a Plist file received from untrusted source, it could cause
-an arbitrary amount of memory to be allocated.
-This could have led to symptoms including a :exc:`MemoryError`, swapping, out
-of memory (OOM) killed processes or containers, or even system crashes.
diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst
deleted file mode 100644
index 9895662..0000000
--- a/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst
+++ /dev/null
@@ -1,5 +0,0 @@
-Fix a potential memory denial of service in the :mod:`http.server` module.
-When a malicious user is connected to the CGI server on Windows, it could cause
-an arbitrary amount of memory to be allocated.
-This could have led to symptoms including a :exc:`MemoryError`, swapping, out
-of memory (OOM) killed processes or containers, or even system crashes.
diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst
deleted file mode 100644
index 6d6f25c..0000000
--- a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst
+++ /dev/null
@@ -1,5 +0,0 @@
-Fix a potential memory denial of service in the :mod:`http.client` module.
-When connecting to a malicious server, it could cause
-an arbitrary amount of memory to be allocated.
-This could have led to symptoms including a :exc:`MemoryError`, swapping, out
-of memory (OOM) killed processes or containers, or even system crashes.
diff --git a/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst b/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst
deleted file mode 100644
index 1d152bb..0000000
--- a/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fix quadratic complexity in :func:`os.path.expandvars`.
diff --git a/Misc/NEWS.d/next/Security/2025-06-28-13-23-53.gh-issue-136063.aGk0Jv.rst b/Misc/NEWS.d/next/Security/2025-06-28-13-23-53.gh-issue-136063.aGk0Jv.rst
deleted file mode 100644
index 940a3ad..0000000
--- a/Misc/NEWS.d/next/Security/2025-06-28-13-23-53.gh-issue-136063.aGk0Jv.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-:mod:`email.message`: ensure linear complexity for legacy HTTP parameters
-parsing. Patch by Bénédikt Tran.
diff --git a/Misc/NEWS.d/next/Security/2025-08-15-23-08-44.gh-issue-137836.b55rhh.rst b/Misc/NEWS.d/next/Security/2025-08-15-23-08-44.gh-issue-137836.b55rhh.rst
deleted file mode 100644
index c30c943..0000000
--- a/Misc/NEWS.d/next/Security/2025-08-15-23-08-44.gh-issue-137836.b55rhh.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Add support of the "plaintext" element, RAWTEXT elements "xmp", "iframe",
-"noembed" and "noframes", and optionally RAWTEXT element "noscript" in
-:class:`html.parser.HTMLParser`.
diff --git a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst
deleted file mode 100644
index 05c7df3..0000000
--- a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Remove quadratic behavior in ``xml.minidom`` node ID cache clearing.  In order
-to do this without breaking existing users, we also add the *ownerDocument*
-attribute to :mod:`xml.dom.minidom` elements and attributes created by directly
-instantiating the ``Element`` or ``Attr`` class. Note that this way of creating
-nodes is not supported; creator functions like
-:py:meth:`xml.dom.Document.documentElement` should be used instead.
diff --git a/Misc/NEWS.d/next/Security/2026-01-16-11-07-36.gh-issue-143916.dpWeOD.rst b/Misc/NEWS.d/next/Security/2026-01-16-11-07-36.gh-issue-143916.dpWeOD.rst
deleted file mode 100644
index 44bd0b2..0000000
--- a/Misc/NEWS.d/next/Security/2026-01-16-11-07-36.gh-issue-143916.dpWeOD.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Reject C0 control characters within wsgiref.headers.Headers fields, values,
-and parameters.
diff --git a/Misc/NEWS.d/next/Security/2026-01-16-11-13-15.gh-issue-143919.kchwZV.rst b/Misc/NEWS.d/next/Security/2026-01-16-11-13-15.gh-issue-143919.kchwZV.rst
deleted file mode 100644
index 788c3e4..0000000
--- a/Misc/NEWS.d/next/Security/2026-01-16-11-13-15.gh-issue-143919.kchwZV.rst
+++ /dev/null
@@ -1 +0,0 @@
-Reject control characters in :class:`http.cookies.Morsel` fields and values.
diff --git a/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst b/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst
deleted file mode 100644
index 46109df..0000000
--- a/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst
+++ /dev/null
@@ -1 +0,0 @@
-Reject control characters in ``data:`` URL media types.
diff --git a/Misc/NEWS.d/next/Security/2026-01-16-14-40-31.gh-issue-143935.U2YtKl.rst b/Misc/NEWS.d/next/Security/2026-01-16-14-40-31.gh-issue-143935.U2YtKl.rst
deleted file mode 100644
index c3d8649..0000000
--- a/Misc/NEWS.d/next/Security/2026-01-16-14-40-31.gh-issue-143935.U2YtKl.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Fixed a bug in the folding of comments when flattening an email message
-using a modern email policy. Comments consisting of a very long sequence of
-non-foldable characters could trigger a forced line wrap that omitted the
-required leading space on the continuation line, causing the remainder of
-the comment to be interpreted as a new header field. This enabled header
-injection with carefully crafted inputs.
diff --git a/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst b/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst
deleted file mode 100644
index e6333e7..0000000
--- a/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-:mod:`~email.generator.BytesGenerator` will now refuse to serialize (write) headers
-that are unsafely folded or delimited; see
-:attr:`~email.policy.Policy.verify_generated_headers`. (Contributed by Bas
-Bloemsaat and Petr Viktorin in :gh:`121650`).
diff --git a/README.rst b/README.rst
index 1effc99..5dc482d 100644
--- a/README.rst
+++ b/README.rst
@@ -1,4 +1,4 @@
-This is Python version 3.10.19
+This is Python version 3.10.20
 ==============================
 
 .. image:: https://travis-ci.com/python/cpython.svg?branch=master