summaryrefslogtreecommitdiffstats
path: root/Misc/NEWS.d/next/Security
Commit message (Expand)AuthorAgeFilesLines
* gh-121957: Emit audit events for `python -i` and `python -m asyncio` (GH-121958)Łukasz Langa2024-07-221-0/+3
* gh-112301: Add fortify source level 3 to default compiler options (gh-121520)Nate Ohlson2024-07-181-0/+2
* gh-112301: Enable compiler flags with low performance impact and no warnings ...Nate Ohlson2024-06-261-0/+2
* gh-118773: Use language-invariant SDDL string instead of aliases for ACLs. (G...Steve Dower2024-05-091-0/+2
* gh-118486: Update docs for CVE-2024-4030 reference (GH-118737)Steve Dower2024-05-081-0/+4
* Python 3.13.0b1v3.13.0b1Thomas Wouters2024-05-082-4/+0
* gh-116741: Upgrade libexpat to 2.6.2 (#117296)Seth Michael Larson2024-04-231-0/+1
* gh-117233: Detect support for several hashes at hashlib build time (GH-117234)Will Childs-Klein2024-04-111-0/+3
* Python 3.13.0a5v3.13.0a5Thomas Wouters2024-03-122-12/+0
* gh-115398: Increment PyExpat_CAPI_MAGIC for SetReparseDeferralEnabled additio...Gregory P. Smith2024-03-041-5/+5
* gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115...Sebastian Pipping2024-02-291-0/+8
* gh-114572: Fix locking in cert_store_stats and get_ca_certs (#114573)David Benjamin2024-02-161-0/+4
* Python 3.13.0a4v3.13.0a4Thomas Wouters2024-02-152-2/+0
* gh-115399: Upgrade bundled libexpat to 2.6.0 (#115431)Seth Michael Larson2024-02-141-0/+1
* gh-115243: Fix crash in deque.index() when the deque is concurrently modified...kcatss2024-02-141-0/+1
* Python 3.13.0a3v3.13.0a3Thomas Wouters2024-01-172-3/+0
* gh-113659: Skip hidden .pth files (GH-113660)Serhiy Storchaka2024-01-161-0/+1
* gh-112302: Add Software Bill-of-Materials (SBOM) tracking for dependencies (#...Seth Michael Larson2023-12-071-0/+2
* Python 3.13.0a1v3.13.0a1Thomas Wouters2023-10-135-18/+0
* gh-107565: Update Windows build to use OpenSSL 3.0.10 (GH-108928)Zachary Ware2023-09-051-2/+0
* gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw (#108...Łukasz Langa2023-08-221-0/+7
* GH-107774: Add missing audit event for PEP 669 (GH-107775)Mark Shannon2023-08-101-0/+3
* gh-102509: Start initializing `ob_digit` of `_PyLongValue` (GH-102510)Illia Volochii2023-07-281-0/+2
* gh-106669: Revert "gh-102988: Detect email address parsing errors ... (#10512...Gregory P. Smith2023-07-211-4/+4
* gh-102988: Detect email address parsing errors and return empty tuple to indi...Thomas Dwyer2023-07-101-0/+4
* gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (#105174)Gregory P. Smith2023-06-011-0/+2
* gh-99108: Refresh HACL* (#104808)Jonathan Protzenko2023-05-241-0/+2
* Python 3.12.0b1v3.12.0b1Thomas Wouters2023-05-224-9/+0
* gh-102153: Start stripping C0 control and space chars in `urlsplit` (#102508)Illia Volochii2023-05-171-0/+3
* gh-99889: Fix directory traversal security flaw in uu.decode() (#104096)Sam Carroll2023-05-091-0/+2
* gh-99108: Replace SHA3 implementation HACL* version (#103597)Jonathan Protzenko2023-05-081-0/+2
* gh-104049: do not expose on-disk location from SimpleHTTPRequestHandler (#104...Ethan Furman2023-05-031-0/+2
* Python 3.12.0a6v3.12.0a6Thomas Wouters2023-03-074-13/+0
* gh-99108: Import MD5 and SHA1 from HACL* (#102089)Jonathan Protzenko2023-02-221-0/+2
* gh-99108: Import SHA2-384/512 from HACL* (#101707)Jonathan Protzenko2023-02-141-0/+4
* gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727)Gregory P. Smith2023-02-091-0/+4
* gh-101283: Improved fallback logic for subprocess with shell=True on Windows ...Oleg Iarygin2023-02-081-0/+3
* Python 3.12.0a5v3.12.0a5Thomas Wouters2023-02-071-4/+0
* gh-99108: Replace SHA2-224 & 256 with verified code from HACL* (#99109)Jonathan Protzenko2023-02-071-0/+4
* Python 3.12.0a3v3.12.0a3Thomas Wouters2022-12-062-8/+0
* gh-100001: Omit control characters in http.server stderr logs. (#100002)Gregory P. Smith2022-12-051-0/+6
* Merge the 3.12.0a2 release into main.Thomas Wouters2022-11-151-0/+2
|\
| * gh-87604: Avoid publishing list of active per-interpreter audit hooks via the...Steve Dower2022-11-141-0/+2
* | Python 3.12.0a2v3.12.0a2Thomas Wouters2022-11-142-15/+0
|/
* gh-98433: Fix quadratic time idna decoding. (#99092)Gregory P. Smith2022-11-081-0/+14
* gh-98739: Update libexpat from 2.4.9 to 2.5.0 (#98742)Shaun Walbridge2022-10-271-0/+1
* Python 3.12.0a1v3.12.0a1Thomas Wouters2022-10-246-28/+0
* gh-97514: Don't use Linux abstract sockets for multiprocessing (#98501)Gregory P. Smith2022-10-201-0/+15
* gh-97669: Remove outdated example scripts (#97675)Victor Stinner2022-10-041-3/+0
* gh-97612: Fix shell injection in get-remote-certificate.py (#97613)Victor Stinner2022-09-281-0/+3
generated by cgit v0.12 at 2025-09-02 13:29:03 (GMT)