Python 3.8.12v3.8.12

author: Łukasz Langa <lukasz@langa.pl> 2021-08-30 14:26:41 (GMT)
committer: Łukasz Langa <lukasz@langa.pl> 2021-08-30 14:26:41 (GMT)
commit: 07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf (patch)
tree: 8f52d354a9d58a666451a686091388097b1defd6 /Misc/NEWS.d
parent: 8371290753bed7fbb939a51ea7ff0991ea32a89c (diff)
download: cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.zip
cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.tar.gz
cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.tar.bz2
13 files changed, 125 insertions, 28 deletions
diff --git a/Misc/NEWS.d/3.8.12.rst b/Misc/NEWS.d/3.8.12.rst
new file mode 100644
index 0000000..b64613a
--- /dev/null
+++ b/Misc/NEWS.d/3.8.12.rst
@@ -0,0 +1,125 @@
+.. bpo: 42278
+.. date: 2021-08-29-12-39-44
+.. nonce: jvmQz_
+.. release date: 2021-08-30
+.. section: Security
+
+Replaced usage of :func:`tempfile.mktemp` with
+:class:`~tempfile.TemporaryDirectory` to avoid a potential race condition.
+
+..
+
+.. bpo: 44394
+.. date: 2021-06-29-02-45-53
+.. nonce: A220N1
+.. section: Security
+
+Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix
+for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used
+on Windows and macOS.
+
+..
+
+.. bpo: 43124
+.. date: 2021-05-08-11-50-46
+.. nonce: 2CTM6M
+.. section: Security
+
+Made the internal ``putcmd`` function in :mod:`smtplib` sanitize input for
+presence of ``\r`` and ``\n`` characters to avoid (unlikely) command
+injection.
+
+..
+
+.. bpo: 36384
+.. date: 2021-03-30-16-29-51
+.. nonce: sCAmLs
+.. section: Security
+
+:mod:`ipaddress` module no longer accepts any leading zeros in IPv4 address
+strings. Leading zeros are ambiguous and interpreted as octal notation by
+some libraries. For example the legacy function :func:`socket.inet_aton`
+treats leading zeros as octal notation. glibc implementation of modern
+:func:`~socket.inet_pton` does not accept any leading zeros. For a while the
+:mod:`ipaddress` module used to accept ambiguous leading zeros.
+
+..
+
+.. bpo: 44872
+.. date: 2021-08-09-16-16-03
+.. nonce: OKRlhK
+.. section: Core and Builtins
+
+Use new trashcan macros (Py_TRASHCAN_BEGIN/END) in frameobject.c instead of
+the old ones (Py_TRASHCAN_SAFE_BEGIN/END).
+
+..
+
+.. bpo: 33930
+.. date: 2021-08-09-14-29-52
+.. nonce: --5LQ-
+.. section: Core and Builtins
+
+Fix segmentation fault with deep recursion when cleaning method objects.
+Patch by Augusto Goulart and Pablo Galindo.
+
+..
+
+.. bpo: 44856
+.. date: 2021-08-07-01-26-12
+.. nonce: 9rk3li
+.. section: Core and Builtins
+
+Fix reference leaks in the error paths of ``update_bases()`` and
+``__build_class__``. Patch by Pablo Galindo.
+
+..
+
+.. bpo: 45001
+.. date: 2021-08-26-16-25-48
+.. nonce: tn_dKp
+.. section: Library
+
+Made email date parsing more robust against malformed input, namely a
+whitespace-only ``Date:`` header. Patch by Wouter Bolsterlee.
+
+..
+
+.. bpo: 30511
+.. date: 2021-07-20-21-03-18
+.. nonce: eMFkRi
+.. section: Documentation
+
+Clarify that :func:`shutil.make_archive` is not thread-safe due to reliance
+on changing the current working directory.
+
+..
+
+.. bpo: 45007
+.. date: 2021-08-27-23-50-02
+.. nonce: NIBlVG
+.. section: Windows
+
+Update to OpenSSL 1.1.1l in Windows build
+
+..
+
+.. bpo: 45007
+.. date: 2021-08-30-00-04-10
+.. nonce: pixqUB
+.. section: macOS
+
+Update macOS installer builds to use OpenSSL 1.1.1l.
+
+..
+
+.. bpo: 44689
+.. date: 2021-07-20-22-27-01
+.. nonce: mmT_xH
+.. section: macOS
+
+:meth:`ctypes.util.find_library` now works correctly on macOS 11 Big Sur
+even if Python is built on an older version of macOS.  Previously, when
+built on older macOS systems, ``find_library`` was not able to find  macOS
+system libraries when running on Big Sur due to changes in  how system
+libraries are stored.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2021-08-07-01-26-12.bpo-44856.9rk3li.rst b/Misc/NEWS.d/next/Core and Builtins/2021-08-07-01-26-12.bpo-44856.9rk3li.rst
deleted file mode 100644
index 1111d01..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2021-08-07-01-26-12.bpo-44856.9rk3li.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fix reference leaks in the error paths of ``update_bases()`` and ``__build_class__``. Patch by Pablo Galindo.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2021-08-09-14-29-52.bpo-33930.--5LQ-.rst b/Misc/NEWS.d/next/Core and Builtins/2021-08-09-14-29-52.bpo-33930.--5LQ-.rst
deleted file mode 100644
index 827dd3f..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2021-08-09-14-29-52.bpo-33930.--5LQ-.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix segmentation fault with deep recursion when cleaning method objects.
-Patch by Augusto Goulart and Pablo Galindo.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2021-08-09-16-16-03.bpo-44872.OKRlhK.rst b/Misc/NEWS.d/next/Core and Builtins/2021-08-09-16-16-03.bpo-44872.OKRlhK.rst
deleted file mode 100644
index 9a0d000..0000000
--- a/Misc/NEWS.d/next/Core and Builtins/2021-08-09-16-16-03.bpo-44872.OKRlhK.rst
+++ /dev/null
@@ -1 +0,0 @@
-Use new trashcan macros (Py_TRASHCAN_BEGIN/END) in frameobject.c instead of the old ones (Py_TRASHCAN_SAFE_BEGIN/END).
-\ No newline at end of file
diff --git a/Misc/NEWS.d/next/Documentation/2021-07-20-21-03-18.bpo-30511.eMFkRi.rst b/Misc/NEWS.d/next/Documentation/2021-07-20-21-03-18.bpo-30511.eMFkRi.rst
deleted file mode 100644
index a358fb9..0000000
--- a/Misc/NEWS.d/next/Documentation/2021-07-20-21-03-18.bpo-30511.eMFkRi.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Clarify that :func:`shutil.make_archive` is not thread-safe due to
-reliance on changing the current working directory.
diff --git a/Misc/NEWS.d/next/Library/2021-08-26-16-25-48.bpo-45001.tn_dKp.rst b/Misc/NEWS.d/next/Library/2021-08-26-16-25-48.bpo-45001.tn_dKp.rst
deleted file mode 100644
index 55cc409..0000000
--- a/Misc/NEWS.d/next/Library/2021-08-26-16-25-48.bpo-45001.tn_dKp.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Made email date parsing more robust against malformed input, namely a
-whitespace-only ``Date:`` header. Patch by Wouter Bolsterlee.
diff --git a/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst b/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst
deleted file mode 100644
index 6e2926c..0000000
--- a/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-:mod:`ipaddress` module no longer accepts any leading zeros in IPv4 address
-strings. Leading zeros are ambiguous and interpreted as octal notation by
-some libraries. For example the legacy function :func:`socket.inet_aton`
-treats leading zeros as octal notation. glibc implementation of modern
-:func:`~socket.inet_pton` does not accept any leading zeros. For a while
-the :mod:`ipaddress` module used to accept ambiguous leading zeros.
diff --git a/Misc/NEWS.d/next/Security/2021-05-08-11-50-46.bpo-43124.2CTM6M.rst b/Misc/NEWS.d/next/Security/2021-05-08-11-50-46.bpo-43124.2CTM6M.rst
deleted file mode 100644
index e897d6c..0000000
--- a/Misc/NEWS.d/next/Security/2021-05-08-11-50-46.bpo-43124.2CTM6M.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Made the internal ``putcmd`` function in :mod:`smtplib` sanitize input for
-presence of ``\r`` and ``\n`` characters to avoid (unlikely) command injection.
diff --git a/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst b/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst
deleted file mode 100644
index e32563d..0000000
--- a/Misc/NEWS.d/next/Security/2021-06-29-02-45-53.bpo-44394.A220N1.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix
-for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used
-on Windows and macOS.
diff --git a/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst b/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst
deleted file mode 100644
index db880cd..0000000
--- a/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Replaced usage of :func:`tempfile.mktemp` with
-:class:`~tempfile.TemporaryDirectory` to avoid a potential race condition.
diff --git a/Misc/NEWS.d/next/Windows/2021-08-27-23-50-02.bpo-45007.NIBlVG.rst b/Misc/NEWS.d/next/Windows/2021-08-27-23-50-02.bpo-45007.NIBlVG.rst
deleted file mode 100644
index fa076ee..0000000
--- a/Misc/NEWS.d/next/Windows/2021-08-27-23-50-02.bpo-45007.NIBlVG.rst
+++ /dev/null
@@ -1 +0,0 @@
-Update to OpenSSL 1.1.1l in Windows build
diff --git a/Misc/NEWS.d/next/macOS/2021-07-20-22-27-01.bpo-44689.mmT_xH.rst b/Misc/NEWS.d/next/macOS/2021-07-20-22-27-01.bpo-44689.mmT_xH.rst
deleted file mode 100644
index b1e878d..0000000
--- a/Misc/NEWS.d/next/macOS/2021-07-20-22-27-01.bpo-44689.mmT_xH.rst
+++ /dev/null
@@ -1,5 +0,0 @@
- :meth:`ctypes.util.find_library` now works correctly on macOS 11 Big Sur
- even if Python is built on an older version of macOS.  Previously, when
- built on older macOS systems, ``find_library`` was not able to find
- macOS system libraries when running on Big Sur due to changes in
- how system libraries are stored.
diff --git a/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst b/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst
deleted file mode 100644
index e4f1ac6..0000000
--- a/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst
+++ /dev/null
@@ -1 +0,0 @@
-Update macOS installer builds to use OpenSSL 1.1.1l.
author	Łukasz Langa <lukasz@langa.pl>	2021-08-30 14:26:41 (GMT)
committer	Łukasz Langa <lukasz@langa.pl>	2021-08-30 14:26:41 (GMT)
commit	07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf (patch)
tree	8f52d354a9d58a666451a686091388097b1defd6 /Misc/NEWS.d
parent	8371290753bed7fbb939a51ea7ff0991ea32a89c (diff)
download	cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.zip cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.tar.gz cpython-07119dd38c9a6e5da84ca8a0a46acdf8a3e60ecf.tar.bz2