diff options
| author | Ned Deily <nad@python.org> | 2023-06-05 20:40:12 (GMT) |
|---|---|---|
| committer | Ned Deily <nad@python.org> | 2023-06-05 20:45:13 (GMT) |
| commit | ecd9946c9d1df7cd1aa15d08d72bbcc0899d272d (patch) | |
| tree | 38f87d626b58799a9753747fe8fd25fa0dee2055 | |
| parent | 417ac32e7dba077a8a130aac38d2b8e4af9e9ae5 (diff) | |
| download | cpython-3.7.17.zip cpython-3.7.17.tar.gz cpython-3.7.17.tar.bz2 | |
Python 3.7.17v3.7.17
13 files changed, 93 insertions, 23 deletions
diff --git a/Include/patchlevel.h b/Include/patchlevel.h index efe4144..8643e49 100644 --- a/Include/patchlevel.h +++ b/Include/patchlevel.h @@ -18,12 +18,12 @@ /*--start constants--*/ #define PY_MAJOR_VERSION 3 #define PY_MINOR_VERSION 7 -#define PY_MICRO_VERSION 16 +#define PY_MICRO_VERSION 17 #define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL #define PY_RELEASE_SERIAL 0 /* Version as a string */ -#define PY_VERSION "3.7.16+" +#define PY_VERSION "3.7.17" /*--end constants--*/ /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2. diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py index 5f09d23..b05c7df 100644 --- a/Lib/pydoc_data/topics.py +++ b/Lib/pydoc_data/topics.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Autogenerated by Sphinx on Tue Dec 6 13:59:35 2022 +# Autogenerated by Sphinx on Mon Jun 5 16:41:19 2023 topics = {'assert': 'The "assert" statement\n' '**********************\n' '\n' diff --git a/Misc/NEWS.d/3.7.17.rst b/Misc/NEWS.d/3.7.17.rst new file mode 100644 index 0000000..201dff3 --- /dev/null +++ b/Misc/NEWS.d/3.7.17.rst @@ -0,0 +1,89 @@ +.. date: 2023-06-05-04-07-52 +.. gh-issue: 103142 +.. nonce: GLWDMX +.. release date: 2023-06-05 +.. section: Security + +The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u +to address several CVEs. + +.. + +.. date: 2023-05-02-17-56-32 +.. gh-issue: 99889 +.. nonce: l664SU +.. section: Security + +Fixed a security in flaw in :func:`uu.decode` that could allow for directory +traversal based on the input if no ``out_file`` was specified. + +.. + +.. date: 2023-05-01-15-03-25 +.. gh-issue: 104049 +.. nonce: b01Y3g +.. section: Security + +Do not expose the local on-disk location in directory indexes produced by +:class:`http.client.SimpleHTTPRequestHandler`. + +.. + +.. date: 2023-03-07-20-59-17 +.. gh-issue: 102153 +.. nonce: 14CLSZ +.. section: Security + +:func:`urllib.parse.urlsplit` now strips leading C0 control and space +characters following the specification for URLs defined by WHATWG in +response to CVE-2023-24329. Patch by Illia Volochii. + +.. + +.. date: 2023-02-08-22-03-04 +.. gh-issue: 101727 +.. nonce: 9P5eZz +.. section: Security + +Updated the OpenSSL version used in Windows and macOS binary release builds +to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per +`the OpenSSL 2023-02-07 security advisory +<https://www.openssl.org/news/secadv/20230207.txt>`_. + +.. + +.. date: 2023-01-24-16-12-00 +.. gh-issue: 101283 +.. nonce: 9tqu39 +.. section: Security + +:class:`subprocess.Popen` now uses a safer approach to find ``cmd.exe`` when +launching with ``shell=True``. Patch by Eryk Sun, based on a patch by Oleg +Iarygin. + +.. + +.. date: 2023-02-17-18-44-27 +.. gh-issue: 101997 +.. nonce: A6_blD +.. section: Library + +Upgrade pip wheel bundled with ensurepip (pip 23.0.1) + +.. + +.. date: 2023-02-27-18-55-32 +.. gh-issue: 102306 +.. nonce: bkokFL +.. section: Build + +Avoid GHA CI macOS test_posix failure by using the appropriate macOS SDK. + +.. + +.. date: 2023-01-09-23-03-57 +.. gh-issue: 100180 +.. nonce: b5phrg +.. section: Windows + +Update Windows installer to OpenSSL 1.1.1s diff --git a/Misc/NEWS.d/next/Build/2023-02-27-18-55-32.gh-issue-102306.bkokFL.rst b/Misc/NEWS.d/next/Build/2023-02-27-18-55-32.gh-issue-102306.bkokFL.rst deleted file mode 100644 index ba331a0..0000000 --- a/Misc/NEWS.d/next/Build/2023-02-27-18-55-32.gh-issue-102306.bkokFL.rst +++ /dev/null @@ -1 +0,0 @@ -Avoid GHA CI macOS test_posix failure by using the appropriate macOS SDK. diff --git a/Misc/NEWS.d/next/Library/2023-02-17-18-44-27.gh-issue-101997.A6_blD.rst b/Misc/NEWS.d/next/Library/2023-02-17-18-44-27.gh-issue-101997.A6_blD.rst deleted file mode 100644 index f9dfd46..0000000 --- a/Misc/NEWS.d/next/Library/2023-02-17-18-44-27.gh-issue-101997.A6_blD.rst +++ /dev/null @@ -1 +0,0 @@ -Upgrade pip wheel bundled with ensurepip (pip 23.0.1) diff --git a/Misc/NEWS.d/next/Security/2023-01-24-16-12-00.gh-issue-101283.9tqu39.rst b/Misc/NEWS.d/next/Security/2023-01-24-16-12-00.gh-issue-101283.9tqu39.rst deleted file mode 100644 index 0efdfa1..0000000 --- a/Misc/NEWS.d/next/Security/2023-01-24-16-12-00.gh-issue-101283.9tqu39.rst +++ /dev/null @@ -1,3 +0,0 @@ -:class:`subprocess.Popen` now uses a safer approach to find -``cmd.exe`` when launching with ``shell=True``. Patch by Eryk Sun, -based on a patch by Oleg Iarygin. diff --git a/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst b/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst deleted file mode 100644 index 43acc82..0000000 --- a/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst +++ /dev/null @@ -1,4 +0,0 @@ -Updated the OpenSSL version used in Windows and macOS binary release builds -to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per -`the OpenSSL 2023-02-07 security advisory -<https://www.openssl.org/news/secadv/20230207.txt>`_. diff --git a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst b/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst deleted file mode 100644 index e57ac4e..0000000 --- a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst +++ /dev/null @@ -1,3 +0,0 @@ -:func:`urllib.parse.urlsplit` now strips leading C0 control and space -characters following the specification for URLs defined by WHATWG in -response to CVE-2023-24329. Patch by Illia Volochii. diff --git a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst b/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst deleted file mode 100644 index 969deb2..0000000 --- a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst +++ /dev/null @@ -1,2 +0,0 @@ -Do not expose the local on-disk location in directory indexes -produced by :class:`http.client.SimpleHTTPRequestHandler`. diff --git a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst b/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst deleted file mode 100644 index b7002e8..0000000 --- a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fixed a security in flaw in :func:`uu.decode` that could allow for -directory traversal based on the input if no ``out_file`` was specified. diff --git a/Misc/NEWS.d/next/Security/2023-06-05-04-07-52.gh-issue-103142.GLWDMX.rst b/Misc/NEWS.d/next/Security/2023-06-05-04-07-52.gh-issue-103142.GLWDMX.rst deleted file mode 100644 index 7e08368..0000000 --- a/Misc/NEWS.d/next/Security/2023-06-05-04-07-52.gh-issue-103142.GLWDMX.rst +++ /dev/null @@ -1,2 +0,0 @@ -The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u -to address several CVEs. diff --git a/Misc/NEWS.d/next/Windows/2023-01-09-23-03-57.gh-issue-100180.b5phrg.rst b/Misc/NEWS.d/next/Windows/2023-01-09-23-03-57.gh-issue-100180.b5phrg.rst deleted file mode 100644 index 5b0f425..0000000 --- a/Misc/NEWS.d/next/Windows/2023-01-09-23-03-57.gh-issue-100180.b5phrg.rst +++ /dev/null @@ -1 +0,0 @@ -Update Windows installer to OpenSSL 1.1.1s @@ -1,4 +1,4 @@ -This is Python version 3.7.16 +This is Python version 3.7.17 ============================= .. image:: https://travis-ci.org/python/cpython.svg?branch=3.7 |