summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Python 3.8.13, take twov3.8.13Łukasz Langa2022-03-161-1/+1
| | | | This reverts commit e5f711f5eeb6db4290db1b747f42f5d723d12ed3.
* bpo-31327: Update time documentation to reflect possible errors (GH-31460) ↵Miss Islington (bot)2022-03-161-0/+6
| | | | | | | | | | | | | | | | | | | | (GH-31827) As per the comments, this mirrors the [datetime documentation](https://docs.python.org/3/library/datetime.htmlGH-datetime.datetime.fromtimestamp). ``` >>> import time >>> time.localtime(999999999999999999999) Traceback (most recent call last): File "<stdin>", line 1, in <module> OverflowError: timestamp out of range for platform time_t >>> time.localtime(-3600) Traceback (most recent call last): File "<stdin>", line 1, in <module> OSError: [Errno 22] Invalid argument ``` (cherry picked from commit c83fc9c02c9846ec3a2d0123999c98e02f00b3f5) Co-authored-by: slateny <46876382+slateny@users.noreply.github.com>
* bpo-46948: Fix launcher installer build failure due to first part of fix ↵Miss Islington (bot)2022-03-161-0/+2
| | | | | | | (GH-31920) (GH-31924) (cherry picked from commit 708812085355c92f32e547d1f1d1f29aefbbc27e) Co-authored-by: Steve Dower <steve.dower@python.org>
* Post 3.8.13Łukasz Langa2022-03-151-1/+1
|
* Python 3.8.13Łukasz Langa2022-03-1522-61/+204
|
* [3.8] bpo-47024: Update Windows builds and macOS installer build to use ↵Ned Deily2022-03-1510-75/+16
| | | | | | | OpenSSL 1.1.1n. (GH-31912) * bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n. * Revert inadvertent sqlite downgrade
* bpo-46985: Upgrade bundled pip to 22.0.4 (GH-31819) (GH-31851)Ned Deily2022-03-154-4/+3
| | | | | (cherry picked from commit d87f1b787ed38dfd307d82452f2efe9dc5b93942) Co-authored-by: Pradyun Gedam <pgedam@bloomberg.net>
* bpo-45405: Prevent internal configure error when running configure with ↵Ned Deily2022-03-153-6/+12
| | | | | | | | | | | | | | | | | | recent versions of clang. (GH-28845) (GH-31889) Change the configure logic to function properly on macOS when the compiler outputs a platform triplet for option --print-multiarch. The Apple Clang included with Xcode 13.3 now supports --print-multiarch causing configure to fail without this change. Co-authored-by: Ned Deily <nad@python.org> (cherry picked from commit 9c4766772cda67648184f8ddba546a5fc0167f91) Co-authored-by: David Bohman <debohman@gmail.com> Automerge-Triggered-By: GH:ned-deily (cherry picked from commit 9901d153c201d852d27dc9d3074e283c26468f6d) Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
* bpo-46784: Add newly exported expat symbols to the namespace. (GH-31397) ↵Miss Islington (bot)2022-03-082-0/+6
| | | | | | | | | | | | | | | | | | | | (GH-31419) The libexpat 2.4.1 upgrade from introduced the following new exported symbols: * `testingAccountingGetCountBytesDirect` * `testingAccountingGetCountBytesIndirect` * `unsignedCharToPrintable` * `XML_SetBillionLaughsAttackProtectionActivationThreshold` * `XML_SetBillionLaughsAttackProtectionMaximumAmplification` We need to adjust [Modules/expat/pyexpatns.h](https://github.com/python/cpython/blob/master/Modules/expat/pyexpatns.h) (The newer libexpat upgrade has no new symbols). Automerge-Triggered-By: GH:gpshead (cherry picked from commit 6312c1052c0186b4596fc45c42fd3ade9f8f5911) Co-authored-by: Yilei "Dolee" Yang <yileiyang@google.com>
* Update copyright year to 2022. (GH-30335) (GH-31478)Miss Islington (bot)2022-03-089-10/+10
| | | | | | Automerge-Triggered-By: GH:benjaminp (cherry picked from commit ba00f0d93a4aea85ae8089f139856a7c450584d7) Co-authored-by: Benjamin Peterson <benjamin@python.org>
* bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 ↵Steve Dower2022-03-084-3/+5
| | | | and CVE-2019-12900 (GH-31732) (GH-31734)
* bpo-46948: Fix CVE-2022-26488 by ensuring the Windows Installer correctly ↵Steve Dower2022-03-0811-4/+26
| | | | uses the install path during repair (GH-31729)
* bpo-46932: Update bundled libexpat to 2.4.7 (GH-31736) (GH-31740)Miss Islington (bot)2022-03-083-14/+156
| | | | | (cherry picked from commit 176835c3d5c70f4c1b152cc2062b549144e37094) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-46756: Fix authorization check in urllib.request (GH-31353) (GH-31572)Miss Islington (bot)2022-03-023-8/+30
| | | | | | | | | | | Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI "example.org/foobar" was allowed if the user was authorized for URI "example.org/foo". (cherry picked from commit e2e72567a1c94c548868f6ee5329363e6036057a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) (GH-31520)Miss Islington (bot)2022-03-026-62/+133
| | | | | (cherry picked from commit 1935e1cc284942bec8006287c939e295e1a7bf13) Co-authored-by: Dong-hee Na <donghee.na@python.org>
* Don't test with OpenSSL 3.0 on 3.8Łukasz Langa2022-02-221-1/+1
|
* Force use of `windows-2019` on GHA to continue using the v140 platform toolkitŁukasz Langa2022-02-221-2/+2
|
* bpo-46811: Make test suite support Expat >=2.4.5 (GH-31453)Sebastian Pipping2022-02-223-8/+16
| | | | | | | | | | | | | | | | | | | | Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae93832f46b245847bdc252456ddf7742ef45e) Co-authored-by: Sebastian Pipping <sebastian@pipping.org>
* bpo-46400: Update libexpat from 2.4.1 to 2.4.4 (GH-31022) (GH-31297)Dong-hee Na2022-02-216-29/+236
| | | Co-authored-by: Cyril Jouve <jv.cyril@gmail.com>
* bpo-41028: Doc: Move switchers to docsbuild-scripts. (GH-20969) (GH-30344)Miss Islington (bot)2022-02-176-173/+16
| | | | | (cherry picked from commit ee2549c2ba8bae00f2b2fea8a39c6dfbd1d06520) Co-authored-by: Julien Palard <julien@palard.fr>
* bpo-44949: Fix test_readline auto history tests (GH-27813) (GH-31118)Miss Islington (bot)2022-02-172-2/+8
| | | | | (cherry picked from commit 6fb62b42f4db56ed5efe0ca4c1059049276c1083) Co-authored-by: Victor Stinner <vstinner@python.org>
* [3.8] bpo-46474: Avoid REDoS in EntryPoint.pattern (sync with ↵Jason R. Coombs2022-02-142-2/+4
| | | | | | | importlib_metadata 4.10.1) (GH-30803). (#30829) (cherry picked from commit 51c3e28c8a163e58dc753765e3cc51d5a717e70d) Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
* bpo-46648: Skip test_urllib2.test_issue16464() (GH-31161) (GH-31173)Miss Islington (bot)2022-02-081-0/+2
| | | | | | POST requests to http://www.example.com/ fail randomly. (cherry picked from commit 1578de2fcd685c71f9c84e09bac32901dea192c1) Co-authored-by: Victor Stinner <vstinner@python.org>
* bpo-45859: Mark test_field_descriptor in test_collections as CPython-only ↵Miss Islington (bot)2021-12-111-0/+1
| | | | | | | (GH-29691) (GH-29710) (cherry picked from commit 4fad314246399b69ef0c57ba8527d9efade99069) Co-authored-by: Carl Friedrich Bolz-Tereick <cfbolz@gmx.de>
* bpo-45792: Fix contextvar.Token's intersphinx FQN (GH-29533) (GH-29537)Miss Islington (bot)2021-11-161-1/+1
| | | | | | Since `.. module:: contextvars` sets the module using `.. class:: contextvars.Token`, intersphinx records it as `contextvars.contextvars.Token`. (cherry picked from commit e501d70b347c5093018d12482c30a7a98aab86d0) Co-authored-by: Hynek Schlawack <hs@ox.cx>
* bpo-44828: Avoid leaving a zombie Save panel (GH-29372)Ned Deily2021-11-041-1/+2
| | | Patch by Marc Culler of the Tk project.
* bpo-45583: Correct datamodel documentation of int() (GH-29182) (GH-29287)Miss Islington (bot)2021-10-281-2/+2
| | | | | | | It should be noted that this part of the documentation is redundant with function.rst's documentation of int. This one was correctly updated with Python 3.8. (cherry picked from commit d9c1868c25ec6466e8d8ae21fe9315a8a03836ab) Co-authored-by: Arthur Milchior <arthur@milchior.fr>
* bpo-44828: Avoid tkinter file dialog failure on macOS 12 Monterey (GH-29276) ↵Miss Islington (bot)2021-10-283-1/+206
| | | | | | | | | (GH-29279) when using the Tk 8.6.11 provided by python.org macOS installers. Patch by Marc Culler of the Tk project. (cherry picked from commit be8318be05e1a874215fa75b8845ede74b2c69b6) Co-authored-by: Ned Deily <nad@python.org>
* [3.9] bpo-45618: Fix documentation build by pinning Docutils version to ↵Ned Deily2021-10-282-3/+8
| | | | | | | 0.17.1 (GH-29230) (GH-29241) (GH-29245) Co-authored-by: Maciej Olko <maciej.olko@yougov.com> Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* bpo-45436: Fix tkinter tests with Tcl/Tk 8.6.11+ (GH-29077) (GH-29093)Miss Islington (bot)2021-10-202-5/+11
| | | | | | | | | | Since v8.6.11, a few configuration options seem to accept an empty value where they did not previously; particularly the `type` of a `Menu` widget, and the `compound` of any ttk widget with a label. Providing an explicit expected error message to `checkEnumParam` bypasses the check of an empty value, which no longer raises `TclError`. (cherry picked from commit 4fe454c6f54b0948af67b53af6c2f35af6377e69) Co-authored-by: Zachary Ware <zach@python.org>
* bpo-44849: Fix os.set_inheritable() on FreeBSD 14 with O_PATH (GH-27623) ↵Miss Islington (bot)2021-10-192-3/+8
| | | | | | | | | | (GH-28978) Fix the os.set_inheritable() function on FreeBSD 14 for file descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), fallback on the fcntl() implementation. (cherry picked from commit c24896c0e3b32c8a9f614ef51366007b67d5c665) Co-authored-by: Victor Stinner <vstinner@python.org>
* bpo-45310: Fix parrallel shared memory tests (GH-28661) (GH-28979)Victor Stinner2021-10-191-15/+23
| | | | | | | | | Add a PID to names of POSIX shared memory objects to allow running multiprocessing tests (test_multiprocessing_fork, test_multiprocessing_spawn, etc) in parallel. (cherry picked from commit eb4495e8e275c83d691add116c4f2b74e73e3cc8) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* bpo-45195: Fix test_readline.test_nonascii() (GH-28329) (GH-28984)Miss Islington (bot)2021-10-192-1/+6
| | | | | | | Fix test_readline.test_nonascii(): sometimes, the newline character is not written at the end, so don't expect it in the output. (cherry picked from commit 797c8eb9ef511f0c25f10a453b35c4d2fe383c30) Co-authored-by: Victor Stinner <vstinner@python.org>
* [3.8] bpo-44394: Ensure libexpat is linked against libm (GH-28617) (GH-28620)Miss Islington (bot)2021-09-291-1/+3
| | | | | | (cherry picked from commit 6c1154b9de29e1c9cd3d05f5289543e5cff73895) Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com> Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* bpo-45220: Avoid automatically selecting the Windows 11 SDK preview when ↵Miss Islington (bot)2021-09-292-0/+6
| | | | | | | building (GH-28393) (GH-28622) (cherry picked from commit f4b94b1f57827083990272b5f282aa1493ae2bf4) Co-authored-by: Steve Dower <steve.dower@python.org>
* [docs] Update documentation for `multiprocessing.get_start_method` ↵Miss Islington (bot)2021-09-231-1/+7
| | | | | | | (GH-18170) (GH-28535) (cherry picked from commit af90b5498b8c6acd67b50fdad007d26dfd1c5823) Co-authored-by: Sam Sneddon <me@gsnedders.com>
* bpo-45104: Clarify when __init__ is called (GH-28210) (GH-28213)Miss Islington (bot)2021-09-071-1/+1
| | | | | (cherry picked from commit fa15df77f02ba4a66ba0b71989381a426038be01) Co-authored-by: Raymond Hettinger <rhettinger@users.noreply.github.com>
* bpo-45022: Pin current libffi build to fixed version in preparation for ↵Steve Dower2021-09-033-9/+17
| | | | | | | | | upcoming update (GH-27982) (GH-28001) Also improve the build script for libffi, which is not used as part of the regular build. (cherry picked from commit 969ae7f7356584e30667b4e490ffa2ffa1810429) Co-authored-by: Steve Dower <steve.dower@python.org>
* Post 3.8.12Łukasz Langa2021-08-301-1/+1
|
* Python 3.8.12v3.8.12Łukasz Langa2021-08-3016-38/+135
|
* [3.8] bpo-45007: Update multissl to openssl 1.1.1l as well (GH-28044) (GH-28063)Christian Heimes2021-08-301-2/+2
| | | | | | | | This was missed while upgrading CI.. (cherry picked from commit d6cb5dd9e19210f5963ff8beadde7ca2fda71574) Co-authored-by: Łukasz Langa <lukasz@langa.pl> Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* bpo-45007: Update macOS installer builds to use OpenSSL 1.1.1l (GH-28051) ↵Miss Islington (bot)2021-08-303-3/+64
| | | | | | | (GH-28059) (cherry picked from commit 94b2639fad50d7ff8acd12c11e5fe5f9a6e1da5c) Co-authored-by: Ned Deily <nad@python.org>
* bpo-44689: ctypes.util.find_library() now finds macOS 11+ system libraries ↵Miss Islington (bot)2021-08-302-3/+31
| | | | | | | | when built on older macOS systems (GH-27251) (GH-28054) Previously, when built on older macOS systems, `find_library` was not able to find macOS system libraries when running on Big Sur due to changes in how system libraries are stored. (cherry picked from commit 71853a73024a98aa38a3c0444fe364dbd9709134) Co-authored-by: Tobias Bergkvist <tobias@bergkv.ist>
* [3.8] bpo-45007: Update to OpenSSL 1.1.1l in Windows build and CI (GH-28009) ↵Łukasz Langa2021-08-296-22/+23
| | | | | | | | (GH-28041) (cherry picked from commit d3bdbbf9a4352a24fc2bfc7a63a024b244b61aba) Co-authored-by: Steve Dower <steve.dower@python.org>
* [3.8] bpo-43124: Fix smtplib multiple CRLF injection (GH-25987) (GH-28036)Miss Islington (bot)2021-08-293-3/+65
| | | | | | | Co-authored-by: Łukasz Langa <lukasz@langa.pl> (cherry picked from commit 0897253f426068ea6a6fbe0ada01689af9ef1019) Co-authored-by: Miguel Brito <5544985+miguendes@users.noreply.github.com>
* bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28033)Miss Islington (bot)2021-08-2922-190/+1388
| | | | | | | | | | Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. Co-authored-by: Łukasz Langa <lukasz@langa.pl> (cherry picked from commit 3fc5d84046ddbd66abac5b598956ea34605a4e5d) Co-authored-by: Victor Stinner <vstinner@python.org>
* bpo-42278: Use tempfile.TemporaryDirectory rather than tempfile.mktemp in ↵Miss Islington (bot)2021-08-292-6/+9
| | | | | | | | pydoc (GH-23200) (GH-28026) Co-authored-by: Łukasz Langa <lukasz@langa.pl> (cherry picked from commit c9227df5a9d8e958a2324cf0deba8524d1ded26a) Co-authored-by: E-Paine <63801254+E-Paine@users.noreply.github.com>
* Fix typo in a comment in Modules/_ssl.c: s/validata/validate/ (GH-27993) ↵Miss Islington (bot)2021-08-271-1/+1
| | | | | | | (GH-27999) (cherry picked from commit 28db1f61f20352c02e4ae1518e5aeb6505df3045) Co-authored-by: Adam Dangoor <adamdangoor@gmail.com>
* bpo-44997: macOS does not support loadable SQLite extensions (GH-27979) ↵Miss Islington (bot)2021-08-271-0/+2
| | | | | | | | (GH-27996) Authored-by: Ronald Oussoren <ronaldoussoren@mac.com> (cherry picked from commit 2ec9428e3516b6e7c6583687aa3b39fb96925577) Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* bpo-45001: Make email date parsing more robust against malformed input ↵Miss Islington (bot)2021-08-263-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (GH-27946) (GH-27974) Various date parsing utilities in the email module, such as email.utils.parsedate(), are supposed to gracefully handle invalid input, typically by raising an appropriate exception or by returning None. The internal email._parseaddr._parsedate_tz() helper used by some of these date parsing routines tries to be robust against malformed input, but unfortunately it can still crash ungracefully when a non-empty but whitespace-only input is passed. This manifests as an unexpected IndexError. In practice, this can happen when parsing an email with only a newline inside a ‘Date:’ header, which unfortunately happens occasionally in the real world. Here's a minimal example: $ python Python 3.9.6 (default, Jun 30 2021, 10:22:16) [GCC 11.1.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import email.utils >>> email.utils.parsedate('foo') >>> email.utils.parsedate(' ') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.9/email/_parseaddr.py", line 176, in parsedate t = parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 50, in parsedate_tz res = _parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 72, in _parsedate_tz if data[0].endswith(',') or data[0].lower() in _daynames: IndexError: list index out of range The fix is rather straight-forward: guard against empty lists, after splitting on whitespace, but before accessing the first element. (cherry picked from commit 989f6a3800f06b2bd31cfef7c3269a443ad94fac) Co-authored-by: wouter bolsterlee <wouter@bolsterl.ee>
generated by cgit v0.12 at 2026-01-04 02:12:39 (GMT)