summaryrefslogtreecommitdiffstats
path: root/Misc/NEWS.d/next/Security
Commit message (Expand)AuthorAgeFilesLines
* Python 3.8.20v3.8.203.8Łukasz Langa2024-09-067-20/+0
* [3.8] gh-123678: Upgrade libexpat 2.6.3 (#123712)Seth Michael Larson2024-09-051-0/+1
* [3.8] gh-121285: Remove backtracking when parsing tarfile headers (GH-121286)...Seth Michael Larson2024-09-041-0/+2
* [3.8] gh-122133: Authenticate socket connection for `socket.socketpair()` fal...Miss Islington (bot)2024-07-301-0/+5
* [3.8] gh-121957: Emit audit events for python -i and python -m asyncio (GH-12...Łukasz Langa2024-07-221-0/+3
* [3.8] gh-118486: Support mkdir(mode=0o700) on Windows (GH-118488) (GH-118742)Steve Dower2024-05-241-0/+4
* [3.8] gh-114572: Fix locking in cert_store_stats and get_ca_certs (#118442)Seth Michael Larson2024-05-101-0/+4
* [3.8] gh-116741: Upgrade libexpat to 2.6.2 (GH-117296) (GH-118188)Seth Michael Larson2024-05-071-0/+1
* Python 3.8.19v3.8.19Łukasz Langa2024-03-193-10/+0
* [3.8] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (...Sebastian Pipping2024-03-061-0/+8
* [3.8] Upgrade bundled libexpat to 2.6.0 (GH-115399) (GH-115475)Seth Michael Larson2024-02-211-0/+1
* [3.8] gh-113659: Skip hidden .pth files (GH-113660) (GH-114147)Serhiy Storchaka2024-01-171-0/+1
* Python 3.8.18v3.8.18Łukasz Langa2023-08-241-7/+0
* [3.8] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw...Łukasz Langa2023-08-221-0/+7
* Python 3.8.17v3.8.17Łukasz Langa2023-06-066-16/+0
* [3.8] gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (GH-105174) (...Łukasz Langa2023-06-061-0/+2
* [3.8] gh-102153: Start stripping C0 control and space chars in `urlsplit` (GH...stratakis2023-06-051-0/+3
* [3.8] gh-104049: do not expose on-disk location from SimpleHTTPRequestHandler...Miss Islington (bot)2023-05-221-0/+2
* [3.8] gh-99889: Fix directory traversal security flaw in uu.decode() (GH-1040...Miss Islington (bot)2023-05-221-0/+2
* [3.8] gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727) (GH-101752)Steve Dower2023-03-071-0/+4
* [3.8] gh-101283: Improved fallback logic for subprocess with shell=True on Wi...Miss Islington (bot)2023-02-091-0/+3
* Python 3.8.16v3.8.16Łukasz Langa2022-12-066-20/+0
* [3.8] gh-100001: Omit control characters in http.server stderr logs. (GH-1000...Miss Islington (bot)2022-12-061-0/+6
* [3.8] gh-87604: Avoid publishing list of active per-interpreter audit hooks v...Miss Islington (bot)2022-11-211-0/+2
* [3.8] gh-98433: Fix quadratic time idna decoding. (GH-99092) (GH-99222) (GH-9...Miss Islington (bot)2022-11-101-0/+6
* [3.8] gh-98517: Fix buffer overflows in _sha3 module (GH-98519) (#98527)Miss Islington (bot)2022-10-281-0/+1
* [3.8] gh-98739: Update libexpat from 2.4.9 to 2.5.0 (GH-98742) (#98787)Miss Islington (bot)2022-10-281-0/+1
* [3.8] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (G...Miss Islington (bot)2022-10-111-0/+4
* Python 3.8.15v3.8.15Łukasz Langa2022-10-112-6/+0
* [3.8] gh-97616: list_resize() checks for integer overflow (GH-97617) (GH-97628)Miss Islington (bot)2022-10-041-0/+3
* [3.8] gh-97612: Fix shell injection in get-remote-certificate.py (GH-97613) (...Miss Islington (bot)2022-10-041-0/+3
* Python 3.8.14v3.8.14Łukasz Langa2022-09-062-17/+0
* [3.8] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96503)Gregory P. Smith2022-09-051-0/+14
* gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879) (G...Miss Islington (bot)2022-06-221-0/+3
* Python 3.8.12v3.8.12Łukasz Langa2021-08-304-13/+0
* [3.8] bpo-43124: Fix smtplib multiple CRLF injection (GH-25987) (GH-28036)Miss Islington (bot)2021-08-291-0/+2
* bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28033)Miss Islington (bot)2021-08-291-0/+3
* bpo-42278: Use tempfile.TemporaryDirectory rather than tempfile.mktemp in pyd...Miss Islington (bot)2021-08-291-0/+2
* [3.8] bpo-36384: [doc] Correct typos in CVE-2021-29921 fix description (GH-27...Łukasz Langa2021-08-191-1/+1
* [3.8] bpo-36384: Leading zeros in IPv4 addresses are no longer tolerated (GH-...achraf-mer2021-08-171-0/+6
* Python 3.8.11v3.8.11Łukasz Langa2021-06-283-9/+0
* bpo-44022: Fix http client infinite line reading (DoS) after a HTTP 100 Conti...Miss Islington (bot)2021-05-061-0/+2
* [3.8] bpo-43882 - urllib.parse should sanitize urls containing ASCII newline ...Miss Islington (bot)2021-05-051-0/+6
* Merge tag 'v3.8.10' into 3.8Łukasz Langa2021-05-033-8/+0
|\
| * Python 3.8.10v3.8.10Łukasz Langa2021-05-033-8/+0
* | bpo-42800: Add audit events for f_code and tb_frame (GH-24182)Miss Islington (bot)2021-05-031-0/+1
|/
* bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (...Erlend Egeberg Aasland2021-05-021-0/+4
* bpo-43472: Ensure PyInterpreterState_New audit events are raised when called ...Miss Islington (bot)2021-04-211-0/+3
* bpo-43075: Fix ReDoS in urllib AbstractBasicAuthHandler (GH-24391)Miss Islington (bot)2021-04-071-0/+1
* Python 3.8.9v3.8.9Łukasz Langa2021-04-023-14/+0
generated by cgit v0.12 at 2026-01-04 20:13:35 (GMT)