Python 3.10.12v3.10.12

9 files changed, 80 insertions, 17 deletions

diff --git a/Misc/NEWS.d/3.10.12.rst b/Misc/NEWS.d/3.10.12.rst
new file mode 100644
index 0000000..b111fe0
--- /dev/null
+++ b/Misc/NEWS.d/3.10.12.rst
@@ -0,0 +1,80 @@
+.. date: 2023-06-01-03-24-58
+.. gh-issue: 103142
+.. nonce: GLWDMX
+.. release date: 2023-06-06
+.. section: Security
+
+The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u
+to address several CVEs.
+
+..
+
+.. date: 2023-05-02-17-56-32
+.. gh-issue: 99889
+.. nonce: l664SU
+.. section: Security
+
+Fixed a security in flaw in :func:`uu.decode` that could allow for directory
+traversal based on the input if no ``out_file`` was specified.
+
+..
+
+.. date: 2023-05-01-15-03-25
+.. gh-issue: 104049
+.. nonce: b01Y3g
+.. section: Security
+
+Do not expose the local on-disk location in directory indexes produced by
+:class:`http.client.SimpleHTTPRequestHandler`.
+
+..
+
+.. date: 2023-03-07-20-59-17
+.. gh-issue: 102153
+.. nonce: 14CLSZ
+.. section: Security
+
+:func:`urllib.parse.urlsplit` now strips leading C0 control and space
+characters following the specification for URLs defined by WHATWG in
+response to CVE-2023-24329. Patch by Illia Volochii.
+
+..
+
+.. date: 2023-04-27-20-03-08
+.. gh-issue: 103935
+.. nonce: Uaf2M0
+.. section: Library
+
+Use :func:`io.open_code` for files to be executed instead of raw
+:func:`open`
+
+..
+
+.. date: 2023-03-23-15-24-38
+.. gh-issue: 102953
+.. nonce: YR4KaK
+.. section: Library
+
+The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`,
+have a new a *filter* argument that allows limiting tar features than may be
+surprising or dangerous, such as creating files outside the destination
+directory. See :ref:`tarfile-extraction-filter` for details.
+
+..
+
+.. date: 2023-05-28-19-08-42
+.. gh-issue: 89412
+.. nonce: j4cg7K
+.. section: Documentation
+
+Add missing documentation for the ``end_lineno`` and ``end_offset``
+attributes of the :class:`traceback.TracebackException` class.
+
+..
+
+.. date: 2023-04-05-15-59-46
+.. gh-issue: 103262
+.. nonce: nV83ub
+.. section: Build
+
+Fixes Windows installer build to work with latest compilers.
diff --git a/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst b/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst
deleted file mode 100644
index d4bb955..0000000
--- a/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fixes Windows installer build to work with latest compilers.
diff --git a/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst b/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst
deleted file mode 100644
index 00937e5..0000000
--- a/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Add missing documentation for the ``end_lineno`` and ``end_offset`` attributes
-of the :class:`traceback.TracebackException` class.
diff --git a/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst b/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst
deleted file mode 100644
index 48a105a..0000000
--- a/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`,
-have a new a *filter* argument that allows limiting tar features than may be
-surprising or dangerous, such as creating files outside the destination
-directory. See :ref:`tarfile-extraction-filter` for details.
diff --git a/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst b/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst
deleted file mode 100644
index 71b2d87..0000000
--- a/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst
+++ /dev/null
@@ -1 +0,0 @@
-Use :func:`io.open_code` for files to be executed instead of raw :func:`open`
diff --git a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst b/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst
deleted file mode 100644
index e57ac4e..0000000
--- a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-:func:`urllib.parse.urlsplit` now strips leading C0 control and space
-characters following the specification for URLs defined by WHATWG in
-response to CVE-2023-24329. Patch by Illia Volochii.
diff --git a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst b/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst
deleted file mode 100644
index 969deb2..0000000
--- a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Do not expose the local on-disk location in directory indexes
-produced by :class:`http.client.SimpleHTTPRequestHandler`.
diff --git a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst b/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst
deleted file mode 100644
index b7002e8..0000000
--- a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fixed a security in flaw in :func:`uu.decode` that could allow for
-directory traversal based on the input if no ``out_file`` was specified.
diff --git a/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst b/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst
deleted file mode 100644
index 7e08368..0000000
--- a/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u
-to address several CVEs.