summaryrefslogtreecommitdiffstats
path: root/Modules
Commit message (Collapse)AuthorAgeFilesLines
* [3.8] gh-123678: Upgrade libexpat 2.6.3 (#123712)Seth Michael Larson2024-09-053-15/+35
| | | (cherry picked from commit fdc04ad75a410ed3af99edfc32c38b5fc3375f52)
* [3.8] gh-112275: Fix HEAD_LOCK deadlock in child process after fork ↵Miss Islington (bot)2024-09-051-1/+1
| | | | | | | | | | | (GH-112336) (GH-123688) (#123713) HEAD_LOCK is called from _PyEval_ReInitThreads->_PyThreadState_DeleteExcept before _PyRuntimeState_ReInitThreads reinit runtime->interpreters.mutex which might be locked before fork. (cherry picked from commit 522799a05e3e820339718151ac055af6d864d463) (cherry picked from commit 0152431f179e85f582a4c393aa3b99d3918a1109) Co-authored-by: Łukasz Langa <lukasz@langa.pl> Co-authored-by: ChuBoning <102216855+ChuBoning@users.noreply.github.com>
* [3.8] gh-119690: Fixes buffer type confusion in _winapi.CreateFile and ↵Miss Islington (bot)2024-09-041-2/+2
| | | | | | | _winapi.CreateNamedPipe audit events (GH-119735) (#123680) (cherry picked from commit 2e861ac1cd4359463f6a13efd3d3578fce71e5ab) Co-authored-by: Steve Dower <steve.dower@python.org>
* [3.8] gh-121957: Emit audit events for python -i and python -m asyncio ↵Łukasz Langa2024-07-221-0/+4
| | | | (GH-122121)
* [3.8] gh-118486: Support mkdir(mode=0o700) on Windows (GH-118488) (GH-118742)Steve Dower2024-05-241-3/+41
| | | Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* [3.8] gh-114572: Fix locking in cert_store_stats and get_ca_certs (#118442)Seth Michael Larson2024-05-101-3/+88
| | | (cherry picked from commit 732c7d512e7cdf656a3f02a38c329b14a14a8573)
* [3.8] gh-116741: Upgrade libexpat to 2.6.2 (GH-117296) (GH-118188)Seth Michael Larson2024-05-073-16/+36
| | | (cherry picked from commit c9829eec0883a8991ea4d319d965e123a3cf6c20)
* [3.8] gh-116773: Fix overlapped memory corruption crash (GH-116774) (GH-117083)jkriegshauser2024-03-271-0/+18
| | | Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* [3.8] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) ↵Sebastian Pipping2024-03-065-2/+153
| | | | | | | | | | | | | | | | | | (GH-115623) (GH-116275) Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: - `xml.etree.ElementTree.XMLParser.flush` - `xml.etree.ElementTree.XMLPullParser.flush` - `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled` - `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled` - `xml.sax.expatreader.ExpatParser.flush` Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 . Includes code suggested-by: Snild Dolkow <snild@sony.com> and by core dev Serhiy Storchaka. Co-authored-by: Gregory P. Smith <greg@krypto.org>
* [3.8] gh-107077: Raise SSLCertVerificationError even if the error is set via ↵Miss Islington (bot)2024-02-211-0/+4
| | | | | | | | | | SSL_ERROR_SYSCALL (GH-107586) (GH-107591) (cherry picked from commit 77e09192b5f1caf14cd5f92ccb53a4592e83e8bc) Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com> Co-authored-by: T. Wouters <thomas@python.org> Co-authored-by: Łukasz Langa <lukasz@langa.pl> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* [3.8] Upgrade bundled libexpat to 2.6.0 (GH-115399) (GH-115475)Seth Michael Larson2024-02-2111-262/+401
| | | | | | Manual backport due to code differences. (cherry picked from commit e071b0d558b2f5cddd5a9fc6afadb4ba109ec77e) Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* [3.8] bpo-37013: Fix the error handling in socket.if_indextoname() ↵Miss Islington (bot)2024-01-171-5/+11
| | | | | | | | | (GH-13503) (GH-113474) * Fix a crash when pass UINT_MAX. * Fix an integer overflow on 64-bit non-Windows platforms. (cherry picked from commit 0daf555c6fb3feba77989382135a58215e1d70a5) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.8] gh-101180: Fix a bug where iso2022_jp_3 and iso2022_jp_2004 codecs ↵Łukasz Langa2023-11-061-3/+6
| | | | | | | read out of bounds (gh-111695) (gh-111781) (cherry picked from commit c8faa3568afd255708096f6aa8df0afa80cf7697) Co-authored-by: Masayuki Moriyama <masayuki.moriyama@miraclelinux.com>
* [3.8] gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (GH-105174) ↵Łukasz Langa2023-06-062-2/+167
| | | | | | | | | | | | | | | | | (GH-105200) (GH-105205) (#105370) Upgrade builds to OpenSSL 1.1.1u. Also updates _ssl_data_111.h from OpenSSL 1.1.1u, _ssl_data_300.h from 3.0.9. Manual edits to the _ssl_data_300.h file prevent it from removing any existing definitions in case those exist in some peoples builds and were important (avoiding regressions during backporting). (cherry picked from commit ede89af) (cherry picked from commit e15de14c16ce98e773c31607bd70ee911e4ac073) Co-authored-by: Gregory P. Smith <greg@krypto.org> Co-authored-by: Ned Deily <nad@python.org>
* [3.8] gh-98517: Fix buffer overflows in _sha3 module (GH-98519) (#98527)Miss Islington (bot)2022-10-281-7/+8
| | | | | | | | | | | | | This is a port of the applicable part of XKCP's fix [1] for CVE-2022-37454 and avoids the segmentation fault and the infinite loop in the test cases published in [2]. [1]: https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a [2]: https://mouha.be/sha-3-buffer-overflow/ Regression test added by: Gregory P. Smith [Google LLC] <greg@krypto.org> (cherry picked from commit 0e4e058602d93b88256ff90bbef501ba20be9dd3) Co-authored-by: Theo Buehler <botovq@users.noreply.github.com>
* [3.8] gh-98739: Update libexpat from 2.4.9 to 2.5.0 (GH-98742) (#98787)Miss Islington (bot)2022-10-283-18/+35
| | | | | | | Update libexpat from 2.4.9 to 2.5.0 to address CVE-2022-43680. Co-authored-by: Shaun Walbridge <shaun.walbridge@gmail.com> (cherry picked from commit 3e07f827b359617664ad0880f218f17ae4483299)
* [3.8] gh-97005: Update libexpat from 2.4.7 to 2.4.9 (gh-97006) (gh-97013)Miss Islington (bot)2022-10-047-17/+27
| | | | | | | | gh-97005: Update libexpat from 2.4.7 to 2.4.9 (gh-97006) Co-authored-by: Gregory P. Smith [Google] <greg@krypto.org> (cherry picked from commit 10e3d398c31cc1695752fc52bc6ca2ce9ef6237e) Co-authored-by: Dong-hee Na <donghee.na@python.org>
* [3.8] gh-80254: Disallow recursive usage of cursors in sqlite3 converters ↵Erlend Egeberg Aasland2022-05-161-14/+32
| | | | | | | | | (#92333) (cherry picked from commit c908dc5b4798c311981bd7e1f7d92fb623ee448b) Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com> Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
* bpo-46784: Add newly exported expat symbols to the namespace. (GH-31397) ↵Miss Islington (bot)2022-03-081-0/+5
| | | | | | | | | | | | | | | | | | | | (GH-31419) The libexpat 2.4.1 upgrade from introduced the following new exported symbols: * `testingAccountingGetCountBytesDirect` * `testingAccountingGetCountBytesIndirect` * `unsignedCharToPrintable` * `XML_SetBillionLaughsAttackProtectionActivationThreshold` * `XML_SetBillionLaughsAttackProtectionMaximumAmplification` We need to adjust [Modules/expat/pyexpatns.h](https://github.com/python/cpython/blob/master/Modules/expat/pyexpatns.h) (The newer libexpat upgrade has no new symbols). Automerge-Triggered-By: GH:gpshead (cherry picked from commit 6312c1052c0186b4596fc45c42fd3ade9f8f5911) Co-authored-by: Yilei "Dolee" Yang <yileiyang@google.com>
* bpo-46932: Update bundled libexpat to 2.4.7 (GH-31736) (GH-31740)Miss Islington (bot)2022-03-082-14/+155
| | | | | (cherry picked from commit 176835c3d5c70f4c1b152cc2062b549144e37094) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487) (GH-31520)Miss Islington (bot)2022-03-025-62/+132
| | | | | (cherry picked from commit 1935e1cc284942bec8006287c939e295e1a7bf13) Co-authored-by: Dong-hee Na <donghee.na@python.org>
* bpo-46400: Update libexpat from 2.4.1 to 2.4.4 (GH-31022) (GH-31297)Dong-hee Na2022-02-215-29/+235
| | | Co-authored-by: Cyril Jouve <jv.cyril@gmail.com>
* bpo-44689: ctypes.util.find_library() now finds macOS 11+ system libraries ↵Miss Islington (bot)2021-08-301-3/+26
| | | | | | | | when built on older macOS systems (GH-27251) (GH-28054) Previously, when built on older macOS systems, `find_library` was not able to find macOS system libraries when running on Big Sur due to changes in how system libraries are stored. (cherry picked from commit 71853a73024a98aa38a3c0444fe364dbd9709134) Co-authored-by: Tobias Bergkvist <tobias@bergkv.ist>
* bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28033)Miss Islington (bot)2021-08-2920-176/+1367
| | | | | | | | | | Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. Co-authored-by: Łukasz Langa <lukasz@langa.pl> (cherry picked from commit 3fc5d84046ddbd66abac5b598956ea34605a4e5d) Co-authored-by: Victor Stinner <vstinner@python.org>
* Fix typo in a comment in Modules/_ssl.c: s/validata/validate/ (GH-27993) ↵Miss Islington (bot)2021-08-271-1/+1
| | | | | | | (GH-27999) (cherry picked from commit 28db1f61f20352c02e4ae1518e5aeb6505df3045) Co-authored-by: Adam Dangoor <adamdangoor@gmail.com>
* bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ ↵Erlend Egeberg Aasland2021-05-022-9/+5
| | | | | | | (GH-25818) (cherry picked from commit c96cc089f60d2bf7e003c27413c3239ee9de2990) Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* bpo-32745: Fix a regression in the handling of ctypes' c_wchar_p type ↵Miss Islington (bot)2021-05-021-1/+2
| | | | | | | | | | (GH-8721) (#25811) Embedded nulls would cause a ValueError to be raised. Thanks go to Eryk Sun for their analysis. Co-authored-by: Łukasz Langa <lukasz@langa.pl> (cherry picked from commit 73766b0341674f3920f4ea86a6f8288b801960f9) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.8] bpo-41100: Support macOS 11 Big Sur and Apple Silicon Macs (#25806)Ned Deily2021-05-026-26/+178
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * bpo-41100: Support macOS 11 and Apple Silicon on Python 3.8 This is a partial backport of bpo-41100 changes `e8b1c038b14b5fc8120aab62c9bf5fb840274cb6` and `96d906b144e6e6aa96c5ffebecbcc5d38034bbda` for Python 3.8. We introduce the ability to build Python from source for `arm64` on macOS, but we do not make a promise of support. This allows us to omit support for Universal2 binaries as well as weak-linking of symbols from the macOS SDK based on the deployment target, which are larger changes much more difficult to merge. This also includes a backport of subsequent bpo-42688 change `7e729978fa08a360cbf936dc215ba7dd25a06a08` to fix build errors with external `libffi`. * bpo-41116: Ensure system supplied libraries are found on macOS 11 (GH-23301) (GH-23455) On macOS system provided libraries are in a shared library cache and not at their usual location. This PR teaches distutils to search in the SDK, even if there was no "-sysroot" argument in the compiler flags. (cherry picked from commit 404a719b5127602c1a948f8e189ab61cd3f147d8) * bpo-42504: fix for MACOSX_DEPLOYMENT_TARGET=11 (GH-23556) macOS releases numbering has changed as of macOS 11 Big Sur. Previously, major releases were of the form 10.x, 10.x+1, 10.x+2, etc; as of Big Sur, they are now x, x+1, etc, so, for example, 10.15, 10.15.1, ..., 10.15.7, 11, 11.0.1, 11.1, ..., 12, 12.1, etc. Allow Python to build with single-digit deployment target values. Patch provided by FX Coudert. (cherry picked from commit 5291639e611dc3f55a34666036f2c3424648ba50) * bpo-42504: Ensure that get_config_var('MACOSX_DEPLOYMENT_TARGET') is a string (GH-24341) (GH-24410) * bpo-42504: Ensure that get_config_var('MACOSX_DEPLOYMENT_TARGET') is a string (cherry picked from commit 49926cf2bcc8b44d9b8f148d81979ada191dd9d5) Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com> Co-authored-by: FX Coudert <fxcoudert@gmail.com> Co-authored-by: Max Bélanger <aeromax@gmail.com>
* Fix thread locks in zlib module may go wrong in rare case (#22132)Ma Lin2021-04-261-4/+4
| | | Setting `next_in` before acquiring the thread lock may mix up compress/decompress state in other threads.
* [3.8] bpo-43920: Make load_verify_locations(cadata) error message consistent ↵Christian Heimes2021-04-231-7/+16
| | | | | | | | (GH-25554) (GH-25556) Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit b9ad88be0304136c3fe5959c65a5d2c75490cd80) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-38822: Check specifically for a drive, not just a colon (GH-25540)Miss Islington (bot)2021-04-221-2/+2
| | | | | (cherry picked from commit e07d8098892e85ecc56969d2c9a5afb3ea33ce8f) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-38822: Fixed os.stat failing on inaccessible directories. (GH-25527)Miss Islington (bot)2021-04-221-2/+21
| | | | | | It would just fail if the path was inaccessible and had a trailing slash. It should fall back to the parent directory's metadata. (cherry picked from commit fe63a401a9b3ca1751b81b5d6ddb2beb7f3675c1) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-26227: Fixes decoding of host names on Windows from ANSI instead of ↵Miss Islington (bot)2021-04-211-1/+1
| | | | | | | UTF-8 (GH-25510) (cherry picked from commit dc516ef8395d15da0ab225eb0dceb2e0581f51ca) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-43472: Ensure PyInterpreterState_New audit events are raised when called ↵Miss Islington (bot)2021-04-211-1/+1
| | | | | | | through _xxsubinterpreters module (GH-25506) (cherry picked from commit 7b86e47617d81a4b14d929743425f448971e8c86) Co-authored-by: Steve Dower <steve.dower@python.org>
* [3.8] bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899) ↵Christian Heimes2021-04-171-0/+5
| | | | | | | | (GH-25452) Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not copy hostflags from *struct SSL_CTX* to *struct SSL*. (cherry picked from commit 330b49e397168df789fd0dd20cfe7e81b8e47258)
* [3.8] bpo-43799: OpenSSL 3.0.0: declare OPENSSL_API_COMPAT 1.1.1 (GH-25329) ↵Christian Heimes2021-04-132-20/+22
| | | | | | (GH-25383) Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit a4833883c9b81b6b272cc7c5b67fa1658b65304c)
* bpo-43105: Importlib now resolves relative paths when creating module spec ↵Steve Dower2021-04-092-1/+102
| | | | objects from file locations (GH-25121)
* [3.8] bpo-43788: Generate version specific _ssl_data.h (GH-25300) (GH-25311)Christian Heimes2021-04-093-0/+14966
| | | | | (cherry picked from commit 150af7543214e1541fa582374502ac1cd70e8eb4) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-43794: OpenSSL 3.0.0: set OP_IGNORE_UNEXPECTED_EOF by default (GH-25309)Miss Islington (bot)2021-04-091-0/+8
| | | | | | Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 6f37ebc61e9e0d13bcb1a2ddb7fc9723c04b6372) Co-authored-by: Christian Heimes <christian@python.org>
* [3.8] bpo-43789: OpenSSL 3.0.0 Don't call passwd callback again in error ↵Miss Islington (bot)2021-04-091-0/+7
| | | | | | | case (GH-25303) (GH-25306) (cherry picked from commit d3b73f32ef7c693a6ae8c54eb0e62df3b5315caf) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-33164: blake2: Fix Coverity scan (GH-25060)Miss Islington (bot)2021-03-304-4/+4
| | | | | (cherry picked from commit 068ebf9729d440cef03e4c57e3db83c851146172) Co-authored-by: Inada Naoki <songofacandy@gmail.com>
* bpo-43577: Fix deadlock with SSLContext._msg_callback and sni_callback ↵Miss Islington (bot)2021-03-212-0/+6
| | | | | | | | | | | | | | | (GH-24957) OpenSSL copies the internal message callback from SSL_CTX->msg_callback to SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback to use the callback value of the new context. PySSL_set_context() now resets the callback and _PySSL_msg_callback() resets thread state in error path. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 77cde5042a2f1eae489c11a67540afaf43cd5cdf) Co-authored-by: Christian Heimes <christian@python.org>
* [3.8] bpo-43439: Wrapt the tuple in the audit events for the gc module ↵Pablo Galindo2021-03-141-2/+2
| | | | | | | (GH-24836) (GH24854) (cherry picked from commit 9c376bc1c4c8bcddb0bc4196b79ec8c75da494a8) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* [3.8] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24810)Pablo Galindo2021-03-101-0/+11
| | | | | (cherry picked from commit b4f9089d4aa787c5b74134c98e5f0f11d9e63095) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* [3.8] bpo-43406: Fix possible race condition where ``PyErr_CheckSignals`` ↵Antoine Pitrou2021-03-061-15/+39
| | | | | | | | tries to execute a non-Python signal handler (GH-24756) (GH-24762) We can receive signals (at the C level, in `trip_signal()` in signalmodule.c) while `signal.signal` is being called to modify the corresponding handler. Later when `PyErr_CheckSignals()` is called to handle the given signal, the handler may be a non-callable object and would raise a cryptic asynchronous exception.. (cherry picked from commit 68245b7a1030287294c65c298975ab9026543fd2) Co-authored-by: Antoine Pitrou <antoine@python.org>
* bpo-43260: io: Prevent large data remains in textio buffer. (GH-24592)Inada Naoki2021-02-221-3/+17
| | | | | | | | | When very large data remains in TextIOWrapper, flush() may fail forever. So prevent that data larger than chunk_size is remained in TextIOWrapper internal buffer. Co-Authored-By: Eryk Sun. (cherry picked from commit 01806d5beba3d208bb56adba6829097d803bf54f)
* bpo-42819, readline: Disable bracketed paste (GH-24108)Miss Islington (bot)2021-02-151-0/+23
| | | | | (cherry picked from commit 755f3c1521b422bc2177013d289f5439975fdc4f) Co-authored-by: Dustin Rodrigues <dust.rod@gmail.com>
* bpo-43108: Fix a reference leak in the curses module (GH-24420) (GH-24429)Miss Islington (bot)2021-02-151-1/+3
| | | | | | | (cherry picked from commit bb739ec922c6992a2be38f9fd3c544c2cc322dde) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com> Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* bpo-43204: Fix LibTomCrypt URL in md5module.c and sha*module.c comments ↵Miss Islington (bot)2021-02-144-4/+4
| | | | | | | | | | (GH-24507) (GH-24516) Automerge-Triggered-By: GH:tiran (cherry picked from commit 5ec7d535581bc99918e032891167a96abd224ed6) Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no> Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* [3.9] bpo-41604: Don't decrement the reference count of the previous ↵Miss Islington (bot)2021-01-311-1/+3
| | | | | | | | | | user_ptr when set_panel_usertpr fails (GH-21933). (GH-24403) (cherry picked from commit 3243e8a4b4b4cf321f9b28335d565742a34b1976) Co-authored-by: Anonymous Maarten <madebr@users.noreply.github.com> (cherry picked from commit 3c8d6934436e20163be802f5239c5b4e4925eeec) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
generated by cgit v0.12 at 2025-12-27 06:15:52 (GMT)