diff options
Diffstat (limited to 'Misc/NEWS.d/next/Security')
13 files changed, 0 insertions, 26 deletions
diff --git a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst deleted file mode 100644 index 50292e2..0000000 --- a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst +++ /dev/null @@ -1 +0,0 @@ -Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic. diff --git a/Misc/NEWS.d/next/Security/2019-06-17-09-34-25.bpo-34631.DBfM4j.rst b/Misc/NEWS.d/next/Security/2019-06-17-09-34-25.bpo-34631.DBfM4j.rst deleted file mode 100644 index 90aa301..0000000 --- a/Misc/NEWS.d/next/Security/2019-06-17-09-34-25.bpo-34631.DBfM4j.rst +++ /dev/null @@ -1 +0,0 @@ -Updated OpenSSL to 1.1.1c in Windows installer diff --git a/Misc/NEWS.d/next/Security/2019-06-21-14-42-53.bpo-37364.IIRc2s.rst b/Misc/NEWS.d/next/Security/2019-06-21-14-42-53.bpo-37364.IIRc2s.rst deleted file mode 100644 index 7506fa9..0000000 --- a/Misc/NEWS.d/next/Security/2019-06-21-14-42-53.bpo-37364.IIRc2s.rst +++ /dev/null @@ -1 +0,0 @@ -:func:`io.open_code` is now used when reading :file:`.pth` files. diff --git a/Misc/NEWS.d/next/Security/2019-06-21-15-58-59.bpo-37363.diouyl.rst b/Misc/NEWS.d/next/Security/2019-06-21-15-58-59.bpo-37363.diouyl.rst deleted file mode 100644 index 1b724ff..0000000 --- a/Misc/NEWS.d/next/Security/2019-06-21-15-58-59.bpo-37363.diouyl.rst +++ /dev/null @@ -1,5 +0,0 @@ -Adds audit events for :mod:`ensurepip`, :mod:`ftplib`, :mod:`glob`, -:mod:`imaplib`, :mod:`nntplib`, :mod:`pdb`, :mod:`poplib`, :mod:`shutil`, -:mod:`smtplib`, :mod:`sqlite3`, :mod:`subprocess`, :mod:`telnetlib`, -:mod:`tempfile` and :mod:`webbrowser`, as well as :func:`os.listdir`, -:func:`os.scandir` and :func:`breakpoint`. diff --git a/Misc/NEWS.d/next/Security/2019-07-01-08-46-14.bpo-37463.1CHwjE.rst b/Misc/NEWS.d/next/Security/2019-07-01-08-46-14.bpo-37463.1CHwjE.rst deleted file mode 100644 index 4f4a62e..0000000 --- a/Misc/NEWS.d/next/Security/2019-07-01-08-46-14.bpo-37463.1CHwjE.rst +++ /dev/null @@ -1,4 +0,0 @@ -ssl.match_hostname() no longer accepts IPv4 addresses with additional text -after the address and only quad-dotted notation without trailing -whitespaces. Some inet_aton() implementations ignore whitespace and all data -after whitespace, e.g. '127.0.0.1 whatever'. diff --git a/Misc/NEWS.d/next/Security/2019-07-01-10-31-14.bpo-37363.fSjatj.rst b/Misc/NEWS.d/next/Security/2019-07-01-10-31-14.bpo-37363.fSjatj.rst deleted file mode 100644 index a8bde90..0000000 --- a/Misc/NEWS.d/next/Security/2019-07-01-10-31-14.bpo-37363.fSjatj.rst +++ /dev/null @@ -1,2 +0,0 @@ -Adds audit events for the range of supported run commands (see -:ref:`using-on-general`). diff --git a/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst b/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst deleted file mode 100644 index 9d47578..0000000 --- a/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fix an infinite loop when parsing specially crafted email headers. Patch by -Abhilash Raj. diff --git a/Misc/NEWS.d/next/Security/2019-08-27-01-13-05.bpo-37764.qv67PQ.rst b/Misc/NEWS.d/next/Security/2019-08-27-01-13-05.bpo-37764.qv67PQ.rst deleted file mode 100644 index 27fa8e1..0000000 --- a/Misc/NEWS.d/next/Security/2019-08-27-01-13-05.bpo-37764.qv67PQ.rst +++ /dev/null @@ -1 +0,0 @@ -Fixes email._header_value_parser.get_unstructured going into an infinite loop for a specific case in which the email header does not have trailing whitespace, and the case in which it contains an invalid encoded word. Patch by Ashwin Ramaswami.
\ No newline at end of file diff --git a/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst b/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst deleted file mode 100644 index e3da6fc..0000000 --- a/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst +++ /dev/null @@ -1,2 +0,0 @@ -Update vendorized expat library version to 2.2.8, which resolves -CVE-2019-15903. diff --git a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst deleted file mode 100644 index 98d7be1..0000000 --- a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst +++ /dev/null @@ -1,3 +0,0 @@ -Escape the server title of :class:`xmlrpc.server.DocXMLRPCServer` -when rendering the document page as HTML. -(Contributed by Dong-hee Na in :issue:`38243`.) diff --git a/Misc/NEWS.d/next/Security/2019-10-08-19-29-55.bpo-38418.QL7s0-.rst b/Misc/NEWS.d/next/Security/2019-10-08-19-29-55.bpo-38418.QL7s0-.rst deleted file mode 100644 index b42a000..0000000 --- a/Misc/NEWS.d/next/Security/2019-10-08-19-29-55.bpo-38418.QL7s0-.rst +++ /dev/null @@ -1 +0,0 @@ -Fixes audit event for :func:`os.system` to be named ``os.system``. diff --git a/Misc/NEWS.d/next/Security/2019-11-14-16-13-23.bpo-38622.3DYkfb.rst b/Misc/NEWS.d/next/Security/2019-11-14-16-13-23.bpo-38622.3DYkfb.rst deleted file mode 100644 index 0373c14..0000000 --- a/Misc/NEWS.d/next/Security/2019-11-14-16-13-23.bpo-38622.3DYkfb.rst +++ /dev/null @@ -1 +0,0 @@ -Add additional audit events for the :mod:`ctypes` module. diff --git a/Misc/NEWS.d/next/Security/2019-11-18-16-17-56.bpo-38722.x3mECW.rst b/Misc/NEWS.d/next/Security/2019-11-18-16-17-56.bpo-38722.x3mECW.rst deleted file mode 100644 index 0277d3e..0000000 --- a/Misc/NEWS.d/next/Security/2019-11-18-16-17-56.bpo-38722.x3mECW.rst +++ /dev/null @@ -1,2 +0,0 @@ -:mod:`runpy` now uses :meth:`io.open_code` to open code files. -Patch by Jason Killen. |