larryhastings
ad1fb813a6
Add "Misc/NEWS.d" directory tree for "blurb". GH-2331
...
CPython workflow is changing! We're going to start using "blurb"
to manage Misc/NEWS entries:
https://github.com/python/core-workflow
(This will be a big win for release managers, honest.)
This checkin simply populates the "Misc/NEWS.d" subdirectory tree
so that people can start putting their news entries in there.
No other changes (yet).
2017-06-22 16:00:46 -07:00
Victor Stinner
fa53dbdec8
Issues #27850 and #27766 : Remove 3DES from ssl default cipher list and add ChaCha20 Poly1305. ( #224 )
...
Backport: replace 3.5.3 with 3.4.7 in the doc versionchanged.
(cherry picked from commit 03d13c0cbf
2017-03-09 16:49:11 -08:00
Barry Warsaw
f37b0cb230
bpo-25008: Deprecate smtpd and point to aiosmtpd ( #274 ) ( #280 )
2017-02-24 15:31:48 -05:00
Larry Hastings
a52b0a474e
Post-release updates for 3.4.6.
2017-01-17 00:49:13 -08:00
Larry Hastings
7f10edebf0
Version bump for Python 3.4.6.
2017-01-16 00:19:54 -08:00
Larry Hastings
a7aa988ddc
Post-release fixups for Python 3.4.6rc1.
2017-01-02 18:29:26 -08:00
Larry Hastings
d12551fe71
Version bump for 3.4.6rc1.
2017-01-01 22:12:36 -08:00
Serhiy Storchaka
84293aff9f
Issue #28648 : Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
...
when decode astral characters.
2016-11-12 14:29:48 +02:00
Serhiy Storchaka
b626643734
Issue #28648 : Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
...
when decode astral characters.
2016-11-12 14:28:06 +02:00
Serhiy Storchaka
1c3fdd900d
Issue #28563 : Fixed possible DoS and arbitrary code execution when handle
...
plural form selections in the gettext module. The expression parser now
supports exact syntax supported by GNU gettext.
2016-11-08 21:20:09 +02:00
Serhiy Storchaka
07bcf05fcf
Issue #28563 : Fixed possible DoS and arbitrary code execution when handle
...
plural form selections in the gettext module. The expression parser now
supports exact syntax supported by GNU gettext.
2016-11-08 21:17:46 +02:00
Serhiy Storchaka
77eede35fc
Issue #28426 : Fixed potential crash in PyUnicode_AsDecodedObject() in debug build.
2016-10-25 10:07:51 +03:00
Zachary Ware
068534ab03
Issue #28248 : Update Windows build to use OpenSSL 1.0.2j
2016-10-10 21:57:20 -05:00
Yury Selivanov
cb9424f643
Issue #27759 : Fix selectors incorrectly retain invalid file descriptors.
...
(Backported to 3.4 as this bug might be exploited to for DoS)
2016-10-06 14:03:03 -04:00
Berker Peksag
d751040b1a
Issue #26171 : Prevent buffer overflow in get_data
...
Backport of 01ddd608b85c.
2016-09-14 08:37:28 +03:00
Jason R. Coombs
79ae9671ff
Issue #12885 : Revert commits in 3.4 branch which is security-only fixes.
2016-09-01 23:27:45 -04:00
Jason R. Coombs
6f5d3fd4d1
Issue #12885 : Correct issue reference in NEWS
2016-09-01 22:08:25 -04:00
Jason R. Coombs
97eda155f8
Issue #12285 : Update NEWS
2016-09-01 21:12:17 -04:00
Benjamin Peterson
1f0e7c9933
rearrange methodcaller_new so that the main error case does not cause uninitialized memory usage ( closes #27783 )
2016-08-16 23:35:35 -07:00
Benjamin Peterson
3a27b0857e
do not decref value borrowed from list ( closes #27774 )
2016-08-15 22:01:41 -07:00
Benjamin Peterson
4f976513ef
fix possible integer overflow in binascii.b2a_qp ( closes #27760 )
...
Reported by Thomas E. Hybel
2016-08-13 18:33:33 -07:00
Benjamin Peterson
6e01d90cc8
check for overflow in join_append_data ( closes #27758 )
...
Reported by Thomas E. Hybel
2016-08-13 17:17:06 -07:00
Senthil Kumaran
4cbb23f8f2
Prevent HTTPoxy attack (CVE-2016-1000110)
...
Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.
Issue #27568 Reported and patch contributed by Rémi Rampin.
2016-07-30 23:24:16 -07:00
Martin Panter
d27a7c1f22
Issue #27369 : Merge test_pyexpat from 3.2 into 3.3
2016-07-14 01:42:53 +00:00
Martin Panter
076ca6c3c8
Issue #27369 : Don’t test error message detail that changed in Expat 2.2.0
2016-07-14 01:31:46 +00:00
