summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Bump to 3.3.7v3.3.7Ned Deily2017-09-193-5/+13
|
* Link to generated changelog, not website.Ned Deily2017-09-072-1/+3
|
* Ensure Doc build has Misc/NEWS for changelogNed Deily2017-09-072-1/+15
|
* Bump version for post 3.3.7rc1Ned Deily2017-09-061-1/+1
|
* Bump to 3.3.7rc1v3.3.7rc1Ned Deily2017-09-063-15/+16
|
* Remove unused suspicious rulesNed Deily2017-09-061-6/+0
|
* Backport changes to pyspecific.pyNed Deily2017-09-061-58/+66
|
* Update pydoc topics for 3.3.7rc1Ned Deily2017-09-061-4/+4
|
* Update NEWS.d and suspicious doc filterNed Deily2017-09-0630-6843/+20776
|
* [3.3] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 (#3352)Victor Stinner2017-09-0623-153/+1289
| | | | | | | | | | | | | * bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 * Upgrade libexpat embedded copy from version 2.2.1 to 2.2.3 to get security fixes. * Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial characters for UTF-8 input (libexpat bug 115): https://github.com/libexpat/libexpat/issues/115 * Define XML_POOR_ENTROPY when compiling expat
* Fix doc role typos in argparse.rst.Ned Deily2017-09-041-2/+2
|
* [3.3] bpo-30119: fix ftplib.FTP.putline() to throw an error for a illegal ↵Dong-hee Na2017-07-263-1/+10
| | | | command (#1214) (#2885)
* bpo-26657: Fix Windows directory traversal vulnerability with http.server ↵Victor Stinner2017-07-263-3/+25
| | | | | | | | | (#782) (#2860) Based on patch by Philipp Hagemeister. This fixes a regression caused by revision f4377699fd47. (cherry picked from commit d274b3f1f1e2d8811733fb952c9f18d7da3a376a) (cherry picked from commit 6f6bc1da8aaae52664e7747e328d26eb59c0e74f)
* [3.3] bpo-22928: Disabled HTTP header injections in http.client. (#2817)Serhiy Storchaka2017-07-263-0/+95
| | | | | Original patch by Demian Brecht.. (cherry picked from commit a112a8ae47813f75aa8ad27ee8c42a7c2e937d13)
* [3.3] [3.5] bpo-27945: Fixed various segfaults with dict. (GH-1657) ↵Serhiy Storchaka2017-07-264-29/+143
| | | | | | | (GH-1678) (#2396) Based on patches by Duane Griffin and Tim Mitchell. (cherry picked from commit 753bca3934a7618a4fa96e107ad1c5c18633a683). (cherry picked from commit 2f7f533cf6fb57fcedcbc7bd454ac59fbaf2c655)
* [3.3] bpo-30500: urllib: Simplify splithost by calling into urlparse. ↵Victor Stinner2017-07-264-52/+208
| | | | | | | | | | | | | (#1849) (#2292) The current regex based splitting produces a wrong result. For example:: http://abc#@def Web browsers parse that URL as ``http://abc/#@def``, that is, the host is ``abc``, the path is ``/``, and the fragment is ``#@def``. (cherry picked from commit 90e01e50ef8a9e6c91f30d965563c378a4ad26de) (cherry picked from commit cc54c1c0d2d05fe7404ba64c53df4b1352ed2262)
* [3.3] Backport CI config from master and remove skipped imaplib tests (#2481)Victor Stinner2017-07-202-10/+54
| | | | | | | | | | | | | * Backport Travis CI config from master Add .travis.yml for Travis CI. * bpo-30231: Remove skipped test_imaplib tests (#1419) (#2193) The public cyrus.andrew.cmu.edu IMAP server (port 993) doesn't accept TLS connection using our self-signed x509 certificate. Remove the two tests which are already skipped. (cherry picked from commit 7895a0585b4b6a1c8082d17227307c6ce2c8bb8b)
* [security][3.3] bpo-30730: Prevent environment variables injection in ↵Serhiy Storchaka2017-07-195-8/+70
| | | | subprocess on Windows. (GH-2325) (#2363)
* [3.3] bpo-30585: [security] raise an error when STARTTLS fails (#225)Victor Stinner2017-07-192-0/+8
| | | (cherry picked from commit 46b32f307c48bcb999b22eebf65ffe8ed5cca544)
* Avoid _GNU_SOURCE redefined warning in xmlparse.c (#2670)Segev Finer2017-07-161-1/+1
| | | | (cherry picked from commit f52325598e7a9683787d76a42009fc16790a0089)
* [3.3] bpo-29591, bpo-30694: Upgrade Modules/expat to libexpat 2.2.1 (#2164) ↵Victor Stinner2017-07-1617-607/+1407
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#2204) * bpo-29591: Upgrade Modules/expat to libexpat 2.2 (#2164) * bpo-29591: Upgrade Modules/expat to libexpat 2.2 * bpo-29591: Restore Python changes on expat * bpo-29591: Remove expat config of unsupported platforms Remove the configuration (Modules/expat/*config.h) of unsupported platforms: * Amiga * MacOS Classic on PPC32 * Open Watcom * bpo-29591: Remove useless XML_HAS_SET_HASH_SALT The XML_HAS_SET_HASH_SALT define of Modules/expat/expat.h became useless since our local expat copy was upgrade to expat 2.1 (it's now expat 2.2.0). (cherry picked from commit 23ec4b57e1359f9c539b8defc317542173ae087e) * bpo-30694: Upgrade Modules/expat/ to libexpat 2.2.1 (#2300) New file: Modules/expat/siphash.h. (cherry picked from commit 5ff7132313eb651107b179d20218dfe5d4e47f13) * bpo-30726: PCbuild _elementtree: remove duplicate defines (#2348) bpo-30726, bpo-29591: libexpat 2.2.1 of Modules/expat/ now uses a winconfig.h configuration file which already defines: * XML_NS * XML_DTD * BYTEORDER=1234 * XML_CONTEXT_BYTES=1024 * HAVE_MEMMOVE Remove these defines from PCbuild/_elementtree.vcxproj to prevent compiler warnings. Co-Authored-By: Jeremy Kloth <jeremy.kloth@gmail.com> (cherry picked from commit c8fb58bd7917151e63398587a7fc2126db7c26de) * bpo-30726: Fix elementtree warnings on Windows due to expat upgrade (#2319) * bpo-30726: Fix elementtree warnings on Windows Caused by usage of `getenv` which should be safe. And a few integer truncations which should also be ok. * bpo-30726: Don't ignore libexpat warnings which haypo intends to fix upstream (cherry picked from commit 87c65550730a8f85ce339ba197bce4fb7e836619)
* bpo-23844: Fix test_dh_params failureNed Deily2017-07-163-10/+8
|
* Fix test_site test_license_exists_at_urlNed Deily2017-07-161-1/+1
|
* Fix distutils test_upload failureNed Deily2017-07-161-1/+1
|
* Bump PY_VERSION to 3.3.6+Ned Deily2017-07-161-1/+1
|
* Add "Misc/NEWS.d" directory tree for "blurb". GH-2332larryhastings2017-06-2211-0/+11
| | | | | | | | | | CPython workflow is changing! We're going to start using "blurb" to manage Misc/NEWS entries: https://github.com/python/core-workflow (This will be a big win for release managers, honest.) This checkin simply populates the "Misc/NEWS.d" subdirectory tree so that people can start putting their news entries in there. No other changes (yet).
* ring IDLE.app into 2017, tooNed Deily2017-01-021-1/+1
|
* ring in 2017 for PythonBenjamin Peterson2017-01-028-9/+10
|
* Issue #28563: Make plural form selection more lenient and acceptingSerhiy Storchaka2016-11-142-8/+20
| | | | non-integer numbers. Django tests depend on this.
* Issue #28648: Fixed crash in Py_DecodeLocale() in debug build on Mac OS XSerhiy Storchaka2016-11-122-1/+4
| | | | when decode astral characters.
* Issue #28563: Fixed possible DoS and arbitrary code execution when handleSerhiy Storchaka2016-11-083-45/+216
| | | | | plural form selections in the gettext module. The expression parser now supports exact syntax supported by GNU gettext.
* Issue #26171: Prevent buffer overflow in get_dataBerker Peksag2016-09-142-0/+8
| | | | Backport of 01ddd608b85c.
* rearrange methodcaller_new so that the main error case does not cause ↵Benjamin Peterson2016-08-172-8/+9
| | | | uninitialized memory usage (closes #27783)
* do not decref value borrowed from list (closes #27774)Benjamin Peterson2016-08-162-3/+3
|
* fix possible integer overflow in binascii.b2a_qp (closes #27760)Benjamin Peterson2016-08-142-9/+18
| | | | Reported by Thomas E. Hybel
* check for overflow in join_append_data (closes #27758)Benjamin Peterson2016-08-142-4/+22
| | | | Reported by Thomas E. Hybel
* Issue #20160: Handled passing of large structs to callbacks correctly.Vinay Sajip2016-08-053-2/+65
|
* Switch upload.pypi.io to upload.pypi.orgDonald Stufft2016-08-033-4/+4
|
* Prevent HTTPoxy attack (CVE-2016-1000110)Senthil Kumaran2016-07-315-0/+42
| | | | | | | Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates that the script is in CGI mode. Issue #27568 Reported and patch contributed by Rémi Rampin.
* Issue #27369: Merge test_pyexpat from 3.2 into 3.3Martin Panter2016-07-142-4/+5
|\
| * Issue #27369: Don’t test error message detail that changed in Expat 2.2.03.2Martin Panter2016-07-142-4/+5
| |
| * Issue #22758: Move NEWS entry to Library sectionMartin Panter2016-07-141-3/+3
| |
* | #22758 null mergeR David Murray2016-07-100-0/+0
|\ \ | |/
| * #22758: fix regression in handling of secure cookies.R David Murray2016-07-103-11/+61
| | | | | | | | | | This backports the fix from #16611, per discussion with the release manager.
* | Switch to the new upload url for PyPIDonald Stufft2016-07-063-4/+4
| |
* | Issue #25709: Fixed problem with in-place string concatenation and utf-8 cache.Serhiy Storchaka2015-12-023-0/+27
| |
* | Issue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3Martin Panter2016-01-151-1/+1
|\ \ | |/
| * Issue #25940: On Windows, connecting to port 444 returns ETIMEDOUTMartin Panter2016-01-151-1/+3
| |
* | Issue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3Martin Panter2016-01-147-89/+111
|\ \ | |/
| * Issue #25940: Use self-signed.pythontest.net in SSL testsMartin Panter2016-01-146-96/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is instead of svn.python.org, whose certificate recently expired, and whose new certificate uses a different root certificate. The certificate used at the pythontest server was modifed to set the "basic constraints" CA flag. This flag seems to be required for test_get_ca_certs_ capath() to work (in Python 3.4+). Added the new self-signed certificate to capath with the following commands: cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/} c_rehash -v Lib/test/capath/ c_rehash -v -old Lib/test/capath/ # Note the generated file names cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0} mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0} The new server responds with "No route to host" when connecting to port 444.
generated by cgit v0.12 at 2025-12-28 17:20:30 (GMT)