diff options
Diffstat (limited to 'Misc/NEWS.d/next')
9 files changed, 0 insertions, 23 deletions
diff --git a/Misc/NEWS.d/next/Library/2019-04-08-13-00-13.bpo-36564._n67m_.rst b/Misc/NEWS.d/next/Library/2019-04-08-13-00-13.bpo-36564._n67m_.rst deleted file mode 100644 index ddd17aec1d..0000000000 --- a/Misc/NEWS.d/next/Library/2019-04-08-13-00-13.bpo-36564._n67m_.rst +++ /dev/null @@ -1,3 +0,0 @@ -Fix infinite loop in email header folding logic that would be triggered when -an email policy's max_line_length is not long enough to include the required -markup and any values in the message. Patch by Paul Ganssle diff --git a/Misc/NEWS.d/next/Library/2019-09-27-15-24-45.bpo-38216.-7yvZR.rst b/Misc/NEWS.d/next/Library/2019-09-27-15-24-45.bpo-38216.-7yvZR.rst deleted file mode 100644 index ac8e2b042d..0000000000 --- a/Misc/NEWS.d/next/Library/2019-09-27-15-24-45.bpo-38216.-7yvZR.rst +++ /dev/null @@ -1,4 +0,0 @@ -Allow the rare code that wants to send invalid http requests from the -`http.client` library a way to do so. The fixes for bpo-30458 led to -breakage for some projects that were relying on this ability to test their -own behavior in the face of bad requests. diff --git a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst deleted file mode 100644 index 50292e29ed..0000000000 --- a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst +++ /dev/null @@ -1 +0,0 @@ -Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic. diff --git a/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst b/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst deleted file mode 100644 index 9d47578c62..0000000000 --- a/Misc/NEWS.d/next/Security/2019-07-16-08-11-00.bpo-37461.1Ahz7O.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fix an infinite loop when parsing specially crafted email headers. Patch by -Abhilash Raj. diff --git a/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst b/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst deleted file mode 100644 index e3da6fcdd1..0000000000 --- a/Misc/NEWS.d/next/Security/2019-09-23-21-02-46.bpo-38174.MeWuJd.rst +++ /dev/null @@ -1,2 +0,0 @@ -Update vendorized expat library version to 2.2.8, which resolves -CVE-2019-15903. diff --git a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst deleted file mode 100644 index 98d7be1295..0000000000 --- a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst +++ /dev/null @@ -1,3 +0,0 @@ -Escape the server title of :class:`xmlrpc.server.DocXMLRPCServer` -when rendering the document page as HTML. -(Contributed by Dong-hee Na in :issue:`38243`.) diff --git a/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst b/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst deleted file mode 100644 index 1f45142d9f..0000000000 --- a/Misc/NEWS.d/next/Security/2019-11-15-00-54-42.bpo-38804.vjbM8V.rst +++ /dev/null @@ -1 +0,0 @@ -Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch by Ben Caller. diff --git a/Misc/NEWS.d/next/Security/2019-11-21-21-36-54.bpo-37228.yBZnFG.rst b/Misc/NEWS.d/next/Security/2019-11-21-21-36-54.bpo-37228.yBZnFG.rst deleted file mode 100644 index 0fafb63402..0000000000 --- a/Misc/NEWS.d/next/Security/2019-11-21-21-36-54.bpo-37228.yBZnFG.rst +++ /dev/null @@ -1,6 +0,0 @@ -Due to significant security concerns, the *reuse_address* parameter of
-:meth:`asyncio.loop.create_datagram_endpoint` is no longer supported. This is
-because of the behavior of ``SO_REUSEADDR`` in UDP. For more details, see the
-documentation for ``loop.create_datagram_endpoint()``.
-(Contributed by Kyle Stanley, Antoine Pitrou, and Yury Selivanov in
-:issue:`37228`.)
diff --git a/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst b/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst deleted file mode 100644 index 1bf6ed567b..0000000000 --- a/Misc/NEWS.d/next/Security/2019-12-01-22-44-40.bpo-38945.ztmNXc.rst +++ /dev/null @@ -1 +0,0 @@ -Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process.
\ No newline at end of file |