summaryrefslogtreecommitdiffstats
path: root/Lib
Commit message (Collapse)AuthorAgeFilesLines
* Bump to 3.2.6rc1Georg Brandl2014-10-042-2/+2
|
* ref #19855: skip uuid test_find_mac on non-Posix as in later branchesGeorg Brandl2014-10-011-2/+3
|
* Issue #19855: uuid.getnode() on Unix now looks on the PATH for theGeorg Brandl2014-09-302-16/+52
| | | | | | | | | | | | | | executables used to find the mac address, with /sbin and /usr/sbin as fallbacks. Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with virtual interface. Original patch by Kent Frazier. Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, if all necessary functions are already found in libuuid. Patch by Evgeny Sologubov. Issue #16102: Make uuid._netbios_getnode() work again on Python 3.
* Backport b533cc11d114 to fix intermittent test_urllibnet failures.Georg Brandl2014-09-301-1/+1
|
* Fix-up for 0f362676460d: add missing size argument to ↵Georg Brandl2014-09-301-1/+5
| | | | SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b
* Issue #20939: Use www.example.com instead of www.python.org to avoid testNed Deily2014-03-272-18/+18
| | | | failures when ssl is not present.
* Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limitGeorg Brandl2014-09-302-1/+24
| | | | line length. Patch by Emil Lind.
* Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all ↵Georg Brandl2014-09-172-2/+4
| | | | interfaces.
* Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-162-1/+11
| | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
* Issue #22419: Limit the length of incoming HTTP request in wsgiref server toGeorg Brandl2014-09-302-1/+13
| | | | | 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook.
* Issue #22517: When a io.BufferedRWPair object is deallocated, clear itsGeorg Brandl2014-09-301-0/+6
| | | | weakrefs.
* Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 toGeorg Brandl2014-09-302-2/+15
| | | | | prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
* Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read byGeorg Brandl2014-09-303-4/+40
| | | | limiting the call to readline(). Original patch by Christian Heimes.
* Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read byGeorg Brandl2014-09-302-6/+39
| | | | | limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola.
* Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more thanGeorg Brandl2014-09-302-0/+13
| | | | 100 headers are read. Adapted from patch by Jyrki Pulliainen.
* Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytesGeorg Brandl2014-09-302-0/+119
| | | | | | | inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI).
* Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-132-5/+21
| | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
* expect the correct platform-dependent linesepBenjamin Peterson2014-06-171-1/+1
|
* url unquote the path before checking if it refers to a CGI script (closes ↵Benjamin Peterson2014-06-152-1/+6
| | | | #21766)
* in scan_once, prevent the reading of arbitrary memory when passed a negative ↵Benjamin Peterson2014-04-141-0/+4
| | | | | | index Bug reported by Guido Vranken.
* remove directory mode check from makedirs (closes #21082)Benjamin Peterson2014-04-012-27/+8
|
* use https docs url (#21115)Benjamin Peterson2014-03-311-2/+2
|
* use ssl.PROTOCOL_SSLv23 for maximum compatibility (closes #20896)Benjamin Peterson2014-03-121-3/+8
|
* Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts.Stefan Krah2014-01-211-1/+1
|
* update logo url (#20695)Benjamin Peterson2014-02-201-1/+1
|
* open retrieved file in binary mode, since it's now compressedBenjamin Peterson2014-02-201-3/+3
|
* complain when nbytes > buflen to fix possible buffer overflow (closes #20246)Benjamin Peterson2014-01-141-0/+8
|
* Issue #12226: HTTPS is now used by default when connecting to PyPI.Antoine Pitrou2013-12-223-7/+7
|
* Backout 265d369ad3b9.Georg Brandl2013-11-041-2/+1
|
* Backout d80207d15294.Georg Brandl2013-11-041-31/+0
|
* Issue #19286: [distutils] Only match files in build_py.find_data_files.Jason R. Coombs2013-11-021-1/+2
|
* Issue #19286: Adding test demonstrating the failure when a directory is ↵Jason R. Coombs2013-11-021-0/+31
| | | | found in the package_data globs.
* merge 3.1 (#19435)Benjamin Peterson2013-10-302-5/+16
|\
| * use the collapsed path in the run_cgi method (closes #19435)Benjamin Peterson2013-10-302-5/+14
| |
* | Merge #14984: only import pwd on POSIX.R David Murray2013-09-181-1/+3
|\ \ | |/
| * #14984: only import pwd on POSIX.R David Murray2013-09-181-1/+3
| |
* | Merge #14984: On POSIX, enforce permissions when reading default .netrc.R David Murray2013-09-182-6/+47
|\ \ | |/
| * #14984: On POSIX, enforce permissions when reading default .netrc.R David Murray2013-09-182-6/+47
| | | | | | | | | | | | | | | | Initial patch by Bruno Piguet. This is implemented as if a useful .netrc file could exist without passwords, which is possible in the general case; but in fact our netrc implementation does not support it. Fixing that issue will be an enhancement.
| * Fix tkinter regression introduced by the security fix in #16248.Georg Brandl2013-09-141-1/+1
| |
| * Issue #16248: Disable code execution from the user's home directory by ↵Antoine Pitrou2012-12-091-1/+3
| | | | | | | | | | | | tkinter when the -E flag is passed to Python. Patch by Zachary Ware.
| * bump to 3.1.5 finalv3.1.5Benjamin Peterson2012-04-062-2/+2
| |
| * bump to 3.1.5rc2Benjamin Peterson2012-03-152-2/+2
| |
| * version now 3.1.5rc1v3.1.5rc1Benjamin Peterson2012-02-232-2/+2
| |
| * Remove setting hash seed to regrtest's random seed and re-execv()ing: this ↵Georg Brandl2012-02-201-5/+0
| | | | | | | | doesn't preserve Python flags and fails from a temp directory.
| * Fix dbm_gnu test relying on set order.Georg Brandl2012-02-201-1/+1
| |
* | Fix tkinter regression introduced by the security fix in #16248.Georg Brandl2013-09-141-1/+1
| |
* | Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of ↵Antoine Pitrou2013-05-182-1/+19
| | | | | | | | service using certificates with many wildcards (CVE-2013-2099).
* | Bump to version 3.2.5.v3.2.5Georg Brandl2013-05-122-2/+2
| |
* | Issue #17915: Fix interoperability of xml.sax with file objects returned byGeorg Brandl2013-05-122-0/+36
| | | | | | | | codecs.open().
* | Issue #1159051: Back out a fix for handling corrupted gzip files thatGeorg Brandl2013-05-123-66/+38
| | | | | | | | broke backwards compatibility.
generated by cgit v0.12 at 2024-09-29 20:25:14 (GMT)