summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* add a default limit for the amount of data xmlrpclib.gzip_decode will return ↵Benjamin Peterson2014-12-063-3/+36
| | | | (closes #16043)
* use pythontest.net for url fragment testBenjamin Peterson2014-11-051-2/+2
|
* move idna test domain to pythontest.netBenjamin Peterson2014-11-031-3/+4
|
* Added tag v3.2.6 for changeset 0bd5f4f14de9Georg Brandl2014-10-121-0/+1
|
* Bump to 3.2.6v3.2.6Georg Brandl2014-10-125-8/+8
|
* #16040: fix unlimited read from connection in nntplib.Georg Brandl2014-10-123-1/+24
|
* Added tag v3.2.6rc1 for changeset 51382a5598ecGeorg Brandl2014-10-041-0/+1
|
* Copyright year update, add version to licenses.v3.2.6rc1Georg Brandl2014-10-045-5/+11
|
* Bump to 3.2.6rc1Georg Brandl2014-10-046-11/+11
|
* ref #19855: skip uuid test_find_mac on non-Posix as in later branchesGeorg Brandl2014-10-011-2/+3
|
* Fix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX).Georg Brandl2014-10-012-1/+7
|
* Issue #19855: uuid.getnode() on Unix now looks on the PATH for theGeorg Brandl2014-09-304-16/+67
| | | | | | | | | | | | | | executables used to find the mac address, with /sbin and /usr/sbin as fallbacks. Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with virtual interface. Original patch by Kent Frazier. Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, if all necessary functions are already found in libuuid. Patch by Evgeny Sologubov. Issue #16102: Make uuid._netbios_getnode() work again on Python 3.
* Backport b533cc11d114 to fix intermittent test_urllibnet failures.Georg Brandl2014-09-301-1/+1
|
* Add a dummy "touch" target to the Makefile so that the custom buildbots can ↵Georg Brandl2014-09-301-1/+4
| | | | test this branch.
* Fix-up for 0f362676460d: add missing size argument to ↵Georg Brandl2014-09-301-1/+5
| | | | SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b
* Issue #20939: Use www.example.com instead of www.python.org to avoid testNed Deily2014-03-273-18/+25
| | | | failures when ssl is not present.
* Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limitGeorg Brandl2014-09-303-1/+27
| | | | line length. Patch by Emil Lind.
* Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all ↵Georg Brandl2014-09-173-2/+7
| | | | interfaces.
* Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-164-1/+16
| | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
* Issue #22419: Limit the length of incoming HTTP request in wsgiref server toGeorg Brandl2014-09-304-1/+18
| | | | | 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook.
* Issue #22517: When a io.BufferedRWPair object is deallocated, clear itsGeorg Brandl2014-09-303-0/+11
| | | | weakrefs.
* Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 toGeorg Brandl2014-09-303-2/+19
| | | | | prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
* Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read byGeorg Brandl2014-09-304-4/+43
| | | | limiting the call to readline(). Original patch by Christian Heimes.
* Issue #18747: document issue with OpenSSL's CPRNG state and forkChristian Heimes2013-10-292-0/+12
|
* Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read byGeorg Brandl2014-09-303-6/+43
| | | | | limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola.
* Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more thanGeorg Brandl2014-09-304-2/+18
| | | | 100 headers are read. Adapted from patch by Jyrki Pulliainen.
* Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytesGeorg Brandl2014-09-304-6/+185
| | | | | | | inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI).
* Issue #13540: Update references to Action class to match syntax used for ↵Jason R. Coombs2014-08-031-2/+2
| | | | other classes in this file.
* Issue #13540: Removed redundant documentation about Action instance ↵Jason R. Coombs2014-07-201-49/+26
| | | | attributes. Updated example and documentation per recommendations by Steven Bethard in msg149524.
* Issue #13540: Expanded argparse documents to clarify the action APIJason R. Coombs2011-12-141-19/+76
|
* Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-134-5/+25
| | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
* expect the correct platform-dependent linesepBenjamin Peterson2014-06-171-1/+1
|
* url unquote the path before checking if it refers to a CGI script (closes ↵Benjamin Peterson2014-06-153-1/+9
| | | | #21766)
* fix poor spellingBenjamin Peterson2014-04-141-1/+1
|
* disallow a negative idx parameterBenjamin Peterson2014-04-141-4/+5
|
* in scan_once, prevent the reading of arbitrary memory when passed a negative ↵Benjamin Peterson2014-04-144-1/+12
| | | | | | index Bug reported by Guido Vranken.
* fix versionchanged versionBenjamin Peterson2014-04-041-2/+2
|
* remove directory mode check from makedirs (closes #21082)Benjamin Peterson2014-04-014-32/+20
|
* use https docs url (#21115)Benjamin Peterson2014-03-311-2/+2
|
* add Ian BeerBenjamin Peterson2014-03-311-0/+1
|
* fix expandtabs overflow detection to be consistent and not rely on signed ↵Benjamin Peterson2014-03-301-19/+19
| | | | overflow
* use ssl.PROTOCOL_SSLv23 for maximum compatibility (closes #20896)Benjamin Peterson2014-03-121-3/+8
|
* Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts.Stefan Krah2014-01-211-1/+1
|
* update logo url (#20695)Benjamin Peterson2014-02-201-1/+1
|
* open retrieved file in binary mode, since it's now compressedBenjamin Peterson2014-02-201-3/+3
|
* complain when nbytes > buflen to fix possible buffer overflow (closes #20246)Benjamin Peterson2014-01-144-0/+16
|
* Issue #12226: HTTPS is now used by default when connecting to PyPI.Antoine Pitrou2013-12-224-7/+9
|
* Backout 7d399099334d.Georg Brandl2013-11-041-3/+0
|
* Backout 265d369ad3b9.Georg Brandl2013-11-041-2/+1
|
* Backout d80207d15294.Georg Brandl2013-11-041-31/+0
|