summaryrefslogtreecommitdiffstats
path: root/Misc/NEWS.d/next/Security
Commit message (Expand)AuthorAgeFilesLines
* Python 3.10.13v3.10.13Pablo Galindo2023-08-241-7/+0
* [3.10] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close fla...Ɓukasz Langa2023-08-221-0/+7
* Python 3.10.12v3.10.12Pablo Galindo2023-06-064-9/+0
* [3.10] gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (GH-105174) ...Gregory P. Smith2023-06-051-0/+2
* [3.10] [3.11] gh-102153: Start stripping C0 control and space chars in `urlsp...Miss Islington (bot)2023-05-171-0/+3
* [3.10] gh-99889: Fix directory traversal security flaw in uu.decode() (GH-104...Miss Islington (bot)2023-05-091-0/+2
* [3.10] gh-104049: do not expose on-disk location from SimpleHTTPRequestHandle...Miss Islington (bot)2023-05-091-0/+2
* Python 3.10.11v3.10.11Pablo Galindo2023-04-042-7/+0
* gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727)Steve Dower2023-02-091-0/+4
* Apply suggestions from code reviewMiss Islington (bot)2023-02-081-0/+3
* Python 3.10.9v3.10.9Pablo Galindo2022-12-066-31/+0
* gh-100001: Omit control characters in http.server stderr logs. (GH-100002)Miss Islington (bot)2022-12-051-0/+6
* gh-87604: Avoid publishing list of active per-interpreter audit hooks via the...Miss Islington (bot)2022-11-151-0/+2
* [3.11] gh-98433: Fix quadratic time idna decoding. (GH-99092) (GH-99222)Miss Islington (bot)2022-11-081-0/+6
* gh-98739: Update libexpat from 2.4.9 to 2.5.0 (GH-98742)Miss Islington (bot)2022-10-271-0/+1
* [3.10] gh-98517: Fix buffer overflows in _sha3 module (#98519)Theo Buehler2022-10-211-0/+1
* [3.10] gh-97514: Don't use Linux abstract sockets for multiprocessing (GH-985...Miss Islington (bot)2022-10-201-0/+15
* Python 3.10.8v3.10.8Pablo Galindo2022-10-113-10/+0
* gh-97612: Fix shell injection in get-remote-certificate.py (GH-97613)Miss Islington (bot)2022-09-281-0/+3
* gh-97616: list_resize() checks for integer overflow (GH-97617)Miss Islington (bot)2022-09-281-0/+3
* [3.10] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (...Miss Islington (bot)2022-09-201-0/+4
* Python 3.10.7v3.10.7Pablo Galindo2022-09-051-14/+0
* [3.10] gh-95778: Correctly pre-check for int-to-str conversion (GH-96537) (#9...Gregory P. Smith2022-09-041-1/+1
* [3.10] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96501)Gregory P. Smith2022-09-021-0/+14
* Python 3.10.6v3.10.6Pablo Galindo2022-08-012-5/+0
* gh-92888: Fix memoryview bad `__index__` use after free (GH-92946) (GH-93950)Ken Jin2022-06-231-0/+2
* gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879)Miss Islington (bot)2022-06-211-0/+3
* Python 3.10.0rc2v3.10.0rc2Pablo Galindo2021-09-073-7/+0
* bpo-43124: Fix smtplib multiple CRLF injection (GH-25987)Miss Islington (bot)2021-08-291-0/+2
* bpo-44394: Update libexpat copy to 2.4.1 (GH-26945)Miss Islington (bot)2021-08-291-0/+3
* bpo-42278: Use tempfile.TemporaryDirectory rather than tempfile.mktemp in pyd...Miss Islington (bot)2021-08-291-0/+2
* Python 3.10.0rc1v3.10.0rc1Pablo Galindo2021-08-021-1/+0
* [3.10] bpo-44600: Fix line numbers for pattern matching cleanup code (GH-2734...Miss Islington (bot)2021-07-261-0/+1
* Python 3.10.0b4v3.10.0b4Pablo Galindo2021-07-101-5/+0
* bpo-41180: Replace marshal code.__new__ audit event with marshal.load[s] and ...Steve Dower2021-06-301-0/+5
* Python 3.10.0b2v3.10.0b2Pablo Galindo2021-05-311-2/+0
* bpo-44022: Fix http client infinite line reading (DoS) after a HTTP 100 Conti...Miss Islington (bot)2021-05-051-0/+2
* Python 3.10.0b1v3.10.0b1Pablo Galindo2021-05-0311-34/+0
* bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (...Erlend Egeberg Aasland2021-05-021-0/+4
* bpo-36384: Leading zeros in IPv4 addresses are no longer tolerated (GH-25099)Christian Heimes2021-05-021-0/+6
* bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)Christian Heimes2021-05-011-0/+5
* bpo-42800: add audit hooks for f_code and tb_frame (GH-24182)Ryan Hileman2021-04-291-0/+1
* bpo-43882 - urllib.parse should sanitize urls containing ASCII newline and ta...Senthil Kumaran2021-04-291-0/+6
* bpo-43762: Add audit events for loading of sqlite3 extensions (GH-25246)Erlend Egeberg Aasland2021-04-261-0/+3
* bpo-37363: Add audit events to the `http.client` module (GH-21321)Saiyang Gou2021-04-231-0/+1
* bpo-43756: Add new audit event for new arguments added to glob.glob (GH-25239)Saiyang Gou2021-04-211-0/+2
* bpo-43472: Ensure PyInterpreterState_New audit events are raised when called ...Steve Dower2021-04-211-0/+3
* bpo-43362: Fix invalid free and return check in _sha3 module (GH-25463)Christian Heimes2021-04-181-0/+2
* bpo-43075: Fix ReDoS in urllib AbstractBasicAuthHandler (GH-24391)Yeting Li2021-04-071-0/+1
* Python 3.10.0a7v3.10.0a7Pablo Galindo2021-04-053-14/+0
generated by cgit v0.12 at 2025-09-12 10:42:30 (GMT)