| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Backport b533cc11d114 to fix intermittent test_urllibnet failures. | Georg Brandl | 2014-09-30 | 1 | -1/+1 |
| | | |||||
| * | Fix-up for 0f362676460d: add missing size argument to ↵ | Georg Brandl | 2014-09-30 | 1 | -1/+5 |
| | | | | | SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b | ||||
| * | Issue #20939: Use www.example.com instead of www.python.org to avoid test | Ned Deily | 2014-03-27 | 2 | -18/+18 |
| | | | | | failures when ssl is not present. | ||||
| * | Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit | Georg Brandl | 2014-09-30 | 2 | -1/+24 |
| | | | | | line length. Patch by Emil Lind. | ||||
| * | Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all ↵ | Georg Brandl | 2014-09-17 | 2 | -2/+4 |
| | | | | | interfaces. | ||||
| * | Lax cookie parsing in http.cookies could be a security issue when combined | Antoine Pitrou | 2014-09-16 | 2 | -1/+11 |
| | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov. | ||||
| * | Issue #22419: Limit the length of incoming HTTP request in wsgiref server to | Georg Brandl | 2014-09-30 | 2 | -1/+13 |
| | | | | | | 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook. | ||||
| * | Issue #22517: When a io.BufferedRWPair object is deallocated, clear its | Georg Brandl | 2014-09-30 | 1 | -0/+6 |
| | | | | | weakrefs. | ||||
| * | Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to | Georg Brandl | 2014-09-30 | 2 | -2/+15 |
| | | | | | | prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen. | ||||
| * | Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by | Georg Brandl | 2014-09-30 | 3 | -4/+40 |
| | | | | | limiting the call to readline(). Original patch by Christian Heimes. | ||||
| * | Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by | Georg Brandl | 2014-09-30 | 2 | -6/+39 |
| | | | | | | limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola. | ||||
| * | Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than | Georg Brandl | 2014-09-30 | 2 | -0/+13 |
| | | | | | 100 headers are read. Adapted from patch by Jyrki Pulliainen. | ||||
| * | Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes | Georg Brandl | 2014-09-30 | 2 | -0/+119 |
| | | | | | | | | inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI). | ||||
| * | Issue #21323: Fix http.server to again handle scripts in CGI subdirectories, | Ned Deily | 2014-07-13 | 2 | -5/+21 |
| | | | | | broken by the fix for security issue #19435. Patch by Zach Byrne. | ||||
| * | expect the correct platform-dependent linesep | Benjamin Peterson | 2014-06-17 | 1 | -1/+1 |
| | | |||||
| * | url unquote the path before checking if it refers to a CGI script (closes ↵ | Benjamin Peterson | 2014-06-15 | 2 | -1/+6 |
| | | | | | #21766) | ||||
| * | in scan_once, prevent the reading of arbitrary memory when passed a negative ↵ | Benjamin Peterson | 2014-04-14 | 1 | -0/+4 |
| | | | | | | | index Bug reported by Guido Vranken. | ||||
| * | remove directory mode check from makedirs (closes #21082) | Benjamin Peterson | 2014-04-01 | 2 | -27/+8 |
| | | |||||
| * | use https docs url (#21115) | Benjamin Peterson | 2014-03-31 | 1 | -2/+2 |
| | | |||||
| * | use ssl.PROTOCOL_SSLv23 for maximum compatibility (closes #20896) | Benjamin Peterson | 2014-03-12 | 1 | -3/+8 |
| | | |||||
| * | Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts. | Stefan Krah | 2014-01-21 | 1 | -1/+1 |
| | | |||||
| * | update logo url (#20695) | Benjamin Peterson | 2014-02-20 | 1 | -1/+1 |
| | | |||||
| * | open retrieved file in binary mode, since it's now compressed | Benjamin Peterson | 2014-02-20 | 1 | -3/+3 |
| | | |||||
| * | complain when nbytes > buflen to fix possible buffer overflow (closes #20246) | Benjamin Peterson | 2014-01-14 | 1 | -0/+8 |
| | | |||||
| * | Issue #12226: HTTPS is now used by default when connecting to PyPI. | Antoine Pitrou | 2013-12-22 | 3 | -7/+7 |
| | | |||||
| * | Backout 265d369ad3b9. | Georg Brandl | 2013-11-04 | 1 | -2/+1 |
| | | |||||
| * | Backout d80207d15294. | Georg Brandl | 2013-11-04 | 1 | -31/+0 |
| | | |||||
| * | Issue #19286: [distutils] Only match files in build_py.find_data_files. | Jason R. Coombs | 2013-11-02 | 1 | -1/+2 |
| | | |||||
| * | Issue #19286: Adding test demonstrating the failure when a directory is ↵ | Jason R. Coombs | 2013-11-02 | 1 | -0/+31 |
| | | | | | found in the package_data globs. | ||||
| * | merge 3.1 (#19435) | Benjamin Peterson | 2013-10-30 | 2 | -5/+16 |
| |\ | |||||
| | * | use the collapsed path in the run_cgi method (closes #19435) | Benjamin Peterson | 2013-10-30 | 2 | -5/+14 |
| | | | |||||
| * | | Merge #14984: only import pwd on POSIX. | R David Murray | 2013-09-18 | 1 | -1/+3 |
| |\ \ | |/ | |||||
| | * | #14984: only import pwd on POSIX. | R David Murray | 2013-09-18 | 1 | -1/+3 |
| | | | |||||
| * | | Merge #14984: On POSIX, enforce permissions when reading default .netrc. | R David Murray | 2013-09-18 | 2 | -6/+47 |
| |\ \ | |/ | |||||
| | * | #14984: On POSIX, enforce permissions when reading default .netrc. | R David Murray | 2013-09-18 | 2 | -6/+47 |
| | | | | | | | | | | | | | | | | | Initial patch by Bruno Piguet. This is implemented as if a useful .netrc file could exist without passwords, which is possible in the general case; but in fact our netrc implementation does not support it. Fixing that issue will be an enhancement. | ||||
| | * | Fix tkinter regression introduced by the security fix in #16248. | Georg Brandl | 2013-09-14 | 1 | -1/+1 |
| | | | |||||
| | * | Issue #16248: Disable code execution from the user's home directory by ↵ | Antoine Pitrou | 2012-12-09 | 1 | -1/+3 |
| | | | | | | | | | | | | | tkinter when the -E flag is passed to Python. Patch by Zachary Ware. | ||||
| | * | bump to 3.1.5 finalv3.1.5 | Benjamin Peterson | 2012-04-06 | 2 | -2/+2 |
| | | | |||||
| | * | bump to 3.1.5rc2 | Benjamin Peterson | 2012-03-15 | 2 | -2/+2 |
| | | | |||||
| | * | version now 3.1.5rc1v3.1.5rc1 | Benjamin Peterson | 2012-02-23 | 2 | -2/+2 |
| | | | |||||
| | * | Remove setting hash seed to regrtest's random seed and re-execv()ing: this ↵ | Georg Brandl | 2012-02-20 | 1 | -5/+0 |
| | | | | | | | | | doesn't preserve Python flags and fails from a temp directory. | ||||
| | * | Fix dbm_gnu test relying on set order. | Georg Brandl | 2012-02-20 | 1 | -1/+1 |
| | | | |||||
| * | | Fix tkinter regression introduced by the security fix in #16248. | Georg Brandl | 2013-09-14 | 1 | -1/+1 |
| | | | |||||
| * | | Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of ↵ | Antoine Pitrou | 2013-05-18 | 2 | -1/+19 |
| | | | | | | | | | service using certificates with many wildcards (CVE-2013-2099). | ||||
| * | | Bump to version 3.2.5.v3.2.5 | Georg Brandl | 2013-05-12 | 2 | -2/+2 |
| | | | |||||
| * | | Issue #17915: Fix interoperability of xml.sax with file objects returned by | Georg Brandl | 2013-05-12 | 2 | -0/+36 |
| | | | | | | | | | codecs.open(). | ||||
| * | | Issue #1159051: Back out a fix for handling corrupted gzip files that | Georg Brandl | 2013-05-12 | 3 | -66/+38 |
| | | | | | | | | | broke backwards compatibility. | ||||
| * | | Issue #17843: Remove bz2 test data that triggers antivirus warnings. | Georg Brandl | 2013-05-12 | 2 | -7/+6 |
| | | | |||||
| * | | Issue #15535: Fix pickling of named tuples. | Georg Brandl | 2013-05-12 | 2 | -0/+5 |
| | | | |||||
| * | | Close #17666: Fix reading gzip files with an extra field. | Serhiy Storchaka | 2013-04-08 | 2 | -1/+9 |
| | | | |||||
 |
index : cpython.git | |
| https://github.com/python/cpython.git |
| summaryrefslogtreecommitdiffstats |