diff options
Diffstat (limited to 'Misc')
10 files changed, 87 insertions, 16 deletions
diff --git a/Misc/NEWS.d/3.7.13.rst b/Misc/NEWS.d/3.7.13.rst new file mode 100644 index 0000000..c8d61ca --- /dev/null +++ b/Misc/NEWS.d/3.7.13.rst @@ -0,0 +1,87 @@ +.. bpo: 46985 +.. date: 2022-03-11-13-34-16 +.. nonce: BgoMr2 +.. release date: 2022-03-16 +.. section: Library + +Upgrade pip wheel bundled with ensurepip (pip 22.0.4) + +.. + +.. bpo: 46932 +.. date: 2022-03-07-20-20-34 +.. nonce: xbarAs +.. section: Library + +Update bundled libexpat to 2.4.7 + +.. + +.. bpo: 46811 +.. date: 2022-02-20-21-03-31 +.. nonce: 8BxgdQ +.. section: Library + +Make test suite support Expat >=2.4.5 + +.. + +.. bpo: 46784 +.. date: 2022-02-18-22-10-30 +.. nonce: SVOQJx +.. section: Library + +Fix libexpat symbols collisions with user dynamically loaded or statically +linked libexpat in embedded Python. + +.. + +.. bpo: 46756 +.. date: 2022-02-15-11-57-53 +.. nonce: AigSPi +.. section: Library + +Fix a bug in :meth:`urllib.request.HTTPPasswordMgr.find_user_password` and +:meth:`urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated` which +allowed to bypass authorization. For example, access to URI +``example.org/foobar`` was allowed if the user was authorized for URI +``example.org/foo``. + +.. + +.. bpo: 47024 +.. date: 2022-03-15-11-53-10 +.. nonce: p3PjRy +.. section: Build + +Update Windows builds and macOS installer build to use OpenSSL 1.1.1n. + +.. + +.. bpo: 45405 +.. date: 2021-10-11-16-27-38 +.. nonce: iSfdW5 +.. section: Build + +Prevent ``internal configure error`` when running ``configure`` with recent +versions of clang. Patch by David Bohman. + +.. + +.. bpo: 44549 +.. date: 2022-03-07-17-46-40 +.. nonce: SPrGS9 +.. section: Windows + +Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and +CVE-2019-12900 + +.. + +.. bpo: 46948 +.. date: 2022-03-07-16-34-11 +.. nonce: Ufd4tG +.. section: Windows + +Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows +installer uses the correct path when being repaired. diff --git a/Misc/NEWS.d/next/Build/2021-10-11-16-27-38.bpo-45405.iSfdW5.rst b/Misc/NEWS.d/next/Build/2021-10-11-16-27-38.bpo-45405.iSfdW5.rst deleted file mode 100644 index 13c93d1..0000000 --- a/Misc/NEWS.d/next/Build/2021-10-11-16-27-38.bpo-45405.iSfdW5.rst +++ /dev/null @@ -1,2 +0,0 @@ -Prevent ``internal configure error`` when running ``configure`` -with recent versions of clang. Patch by David Bohman. diff --git a/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst b/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst deleted file mode 100644 index 235ece3..0000000 --- a/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst +++ /dev/null @@ -1 +0,0 @@ -Update Windows builds and macOS installer build to use OpenSSL 1.1.1n. diff --git a/Misc/NEWS.d/next/Library/2022-02-15-11-57-53.bpo-46756.AigSPi.rst b/Misc/NEWS.d/next/Library/2022-02-15-11-57-53.bpo-46756.AigSPi.rst deleted file mode 100644 index 1660640..0000000 --- a/Misc/NEWS.d/next/Library/2022-02-15-11-57-53.bpo-46756.AigSPi.rst +++ /dev/null @@ -1,5 +0,0 @@ -Fix a bug in :meth:`urllib.request.HTTPPasswordMgr.find_user_password` and -:meth:`urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated` which -allowed to bypass authorization. For example, access to URI -``example.org/foobar`` was allowed if the user was authorized for URI -``example.org/foo``. diff --git a/Misc/NEWS.d/next/Library/2022-02-18-22-10-30.bpo-46784.SVOQJx.rst b/Misc/NEWS.d/next/Library/2022-02-18-22-10-30.bpo-46784.SVOQJx.rst deleted file mode 100644 index d190816..0000000 --- a/Misc/NEWS.d/next/Library/2022-02-18-22-10-30.bpo-46784.SVOQJx.rst +++ /dev/null @@ -1 +0,0 @@ -Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python. diff --git a/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst b/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst deleted file mode 100644 index 6969bd1..0000000 --- a/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst +++ /dev/null @@ -1 +0,0 @@ -Make test suite support Expat >=2.4.5 diff --git a/Misc/NEWS.d/next/Library/2022-03-07-20-20-34.bpo-46932.xbarAs.rst b/Misc/NEWS.d/next/Library/2022-03-07-20-20-34.bpo-46932.xbarAs.rst deleted file mode 100644 index 8545c65..0000000 --- a/Misc/NEWS.d/next/Library/2022-03-07-20-20-34.bpo-46932.xbarAs.rst +++ /dev/null @@ -1 +0,0 @@ -Update bundled libexpat to 2.4.7 diff --git a/Misc/NEWS.d/next/Library/2022-03-11-13-34-16.bpo-46985.BgoMr2.rst b/Misc/NEWS.d/next/Library/2022-03-11-13-34-16.bpo-46985.BgoMr2.rst deleted file mode 100644 index 2e08ee8..0000000 --- a/Misc/NEWS.d/next/Library/2022-03-11-13-34-16.bpo-46985.BgoMr2.rst +++ /dev/null @@ -1 +0,0 @@ -Upgrade pip wheel bundled with ensurepip (pip 22.0.4) diff --git a/Misc/NEWS.d/next/Windows/2022-03-07-16-34-11.bpo-46948.Ufd4tG.rst b/Misc/NEWS.d/next/Windows/2022-03-07-16-34-11.bpo-46948.Ufd4tG.rst deleted file mode 100644 index cfc4827..0000000 --- a/Misc/NEWS.d/next/Windows/2022-03-07-16-34-11.bpo-46948.Ufd4tG.rst +++ /dev/null @@ -1,2 +0,0 @@ -Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows -installer uses the correct path when being repaired. diff --git a/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst b/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst deleted file mode 100644 index 0f1ef9a..0000000 --- a/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst +++ /dev/null @@ -1,2 +0,0 @@ -Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and -CVE-2019-12900 |