summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Add Blurb entry for 3.5.6 final.Larry Hastings2018-08-021-0/+8
|
* Post-release version bump for 3.5.6rc1.Larry Hastings2018-07-191-1/+1
|
* Version bump for 3.5.6rc1.v3.5.6rc1Larry Hastings2018-07-192-6/+6
|
* PyDoc topics refresh & blurb release for 3.5.6rc1.Larry Hastings2018-07-195-8/+30
|
* bpo-33216: Clarify the documentation for CALL_FUNCTION_* (#8338)larryhastings2018-07-192-22/+72
| | | Clarify the documentation for the CALL_FUNCTION_* bytecodes. They changed in 3.5 in subtle ways and the documentation has never been correct, much less clear.
* Doc: Backport language switcher (bpo-33700, bpo-31045) (#8048)Julien Palard2018-07-025-74/+160
|
* Backport 3.7.0 final changesNed Deily2018-06-272-2/+2
|
* [3.5] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5991)Steve Dower2018-05-143-38/+97
| | | | | | * bpo-33001: Minimal fix to prevent buffer overrun in os.symlink * Remove invalid test
* [3.5] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) (#6034)Ned Deily2018-03-116-4/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prevent low-grade poplib REDOS (CVE-2018-1060) The regex to test a mail server's timestamp is susceptible to catastrophic backtracking on long evil responses from the server. Happily, the maximum length of malicious inputs is 2K thanks to a limit introduced in the fix for CVE-2013-1752. A 2KB evil response from the mail server would result in small slowdowns (milliseconds vs. microseconds) accumulated over many apop calls. This is a potential DOS vector via accumulated slowdowns. Replace it with a similar non-vulnerable regex. The new regex is RFC compliant. The old regex was non-compliant in edge cases. * Prevent difflib REDOS (CVE-2018-1061) The default regex for IS_LINE_JUNK is susceptible to catastrophic backtracking. This is a potential DOS vector. Replace it with an equivalent non-vulnerable regex. Also introduce unit and REDOS tests for difflib. Co-authored-by: Tim Peters <tim.peters@gmail.com> Co-authored-by: Christian Heimes <christian@python.org>. (cherry picked from commit 0e6c8ee2358a2e23117501826c008842acb835ac)
* Post-release bump for Python 3.5.5.Larry Hastings2018-02-041-1/+1
|
* Version bump for 3.5.5.v3.5.5Larry Hastings2018-02-042-5/+5
|
* Finalize blurb archive for 3.5.5 (no new blurbs).Larry Hastings2018-02-041-0/+8
|
* Merge branch '3.5' of github.com:python/cpython into 3.5Larry Hastings2018-02-042-2/+4
|\
| * Update docs template for 3.8Ned Deily2018-01-312-2/+4
| |
* | Post-release version bump for 3.5.5rc1.Larry Hastings2018-02-041-1/+1
| |
* | Whoops, missed checking in version bump.v3.5.5rc1Larry Hastings2018-01-231-4/+4
| |
* | Bump version and copyright year for 3.5.5rc1.Larry Hastings2018-01-236-14/+14
| |
* | blurb release and pydoc topics for 3.5.5rc1.Larry Hastings2018-01-238-106/+13161
|/
* [3.5] bpo-32072: Fix issues with binary plists. (GH-4455) (#4656)Serhiy Storchaka2018-01-233-37/+114
| | | | | | | | | | | | | | * [3.5] bpo-32072: Fix issues with binary plists. (GH-4455) * Fixed saving bytearrays. * Identical objects will be saved only once. * Equal references will be load as identical objects. * Added support for saving and loading recursive data structures. (cherry picked from commit a897aee) * Fix implementation dependent assertion in test_plistlib. (#4813) It is failed with an advanced optimizer.
* [3.5] bpo-32551: Consistently configure sys.path[0] (#5197)Nick Coghlan2018-01-233-28/+124
| | | | | | | | | | | | | | | | | | | | | | | | Directory and zipfile execution previously added the parent directory of the directory or zipfile as sys.path[0] and then subsequently overwrote it with the directory or zipfile itself. This caused problems in isolated mode, as it overwrote the "stdlib as a zip archive" entry in sys.path, as the parent directory was never added. The attempted fix to that issue in bpo-29319 created the opposite problem in *non*-isolated mode, by potentially leaving the parent directory on sys.path instead of overwriting it. This change fixes the root cause of the problem by removing the whole "add-and-overwrite" dance for sys.path[0], and instead simply never adds the parent directory to sys.path in the first place. (cherry picked from commit d2977a3ae2cc6802921b1e3b6e9d13fcfbda872d)
* [3.5] bpo-32563: Get expat to compile under C89 (#5201)Nick Coghlan2018-01-231-8/+12
| | | | | | | | | | | | | | | | * [3.5] bpo-32563: Get expat to compile under C89 expat: Add artificial scopes in xmltok.c utf8_toUtf8() to fix c89 compilation. Cherry-picked from libexpat commit e0b290eb3d8f4c4b45137a7d7f4f8db812145bd2 * Backport XML RPC test skip to 3.5 The buildbot service upgrade removed the XML-RPC interface, so this test no longer works (through no fault of the standard library). * Don't configure a nonexistent Python
* [3.5] bpo-32620: Remove failing pyenv call from CI config (#5274)Nick Coghlan2018-01-232-3/+1
| | | | | | | | | | * [3.5] Remove failing pyenv call from CI config * Backport XML RPC test skip to 3.5 The buildbot service upgrade removed the XML-RPC interface, so this test no longer works (through no fault of the standard library).
* bpo-30657: Fix CVE-2017-1000158 (#4664)Miro Hrončok2017-12-083-1/+11
| | | | | Fixes possible integer overflow in PyBytes_DecodeEscape. Co-Authored-By: Jay Bosamiya <jaybosamiya@gmail.com>
* Exclude VENVDIR in Doc builds (#3977)Ned Deily2017-10-122-2/+3
|
* Remove retired and security branches from active docs (#3882)Ned Deily2017-10-031-2/+0
|
* bpo-31095: fix potential crash during GC (GH-2974) (#3196)INADA Naoki2017-09-2614-14/+60
| | | (cherry picked from commit a6296d34a478b4f697ea9db798146195075d496c)
* [3.5] bpo-31170: Fix inclusion of expat in Windows build projects. (#3751)Steve Dower2017-09-264-1/+15
| | | | | | * bpo-31170: Fix inclusion of expat in Windows build projects. * Fixes line endings
* [3.5][Security] bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 (#3354)Victor Stinner2017-09-2423-153/+1289
| | | | | | | | | | | | | * bpo-30947, bpo-31170: Update expat from 2.2.1 to 2.2.4 * Upgrade libexpat embedded copy from version 2.2.1 to 2.2.3 to get security fixes. * Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial characters for UTF-8 input (libexpat bug 115): https://github.com/libexpat/libexpat/issues/115 * Define XML_POOR_ENTROPY when compiling expat
* bpo-31568, Travis CI: Fix python3.5 (#3737)Victor Stinner2017-09-241-0/+3
| | | | Works around Travis CI bug about the python3.5 binary: https://github.com/travis-ci/travis-ci/issues/8363
* [3.5] Fix broken `Show Source` links on documentation pages (GH-3113) (#3126)Mariatta2017-09-081-1/+1
| | | | | | The `Show Source` was broken because of a change made in sphinx 1.5.1 In Sphinx 1.4.9, the sourcename was "index.txt". In Sphinx 1.5.1+, it is now "index.rst.txt". (cherry picked from commit b9ff498793611d1c6a9b99df464812931a1e2d69)
* [3.5] bpo-31036: Allow sphinx and blurb to be found automatically (GH-3440)Ned Deily2017-09-081-7/+14
| | | | | | | | | Rather than requiring the path to blurb and/or sphinx-build to be specified to the make rule, enhance the Doc/Makefile to look for each first in a virtual environment created by make venv and, if not found, look on the normal process PATH. This allows the Doc/Makefile to take advantage of an installed spinx-build or blurb and, thus, do the right thing most of the time. Also, make the directory for the venv be configurable and document the `make venv` target.
* Merge 3.5.4 release into main 3.5 branch.Larry Hastings2017-08-082-3/+1
|\
| * Remove .mention-bot (GH-2923) (GH-2971)Mariatta2017-07-311-3/+0
| | | | | | (cherry picked from commit e1e60bd95c376f9b18cbaf9481364281c6cc1bc7)
| * bpo-25910: Update LICENSE (GH-2873) (GH-2968)Mariatta2017-07-311-6/+5
| | | | | | | | Use the copy provided in https://bugs.python.org/issue25910GH-msg295200 (cherry picked from commit 8474d87165593bac2bc231287f42c4cff3fd6aaf)
| * Fix trivial typo in multiprocessing documentation (GH-2930) (GH-2941)Mariatta2017-07-281-1/+1
| | | | | | (cherry picked from commit 6fcb69dad579cc9a7dc15eabead43b6c37464f8c)
| * [3.5] bpo-31036: use an existing Misc/NEWS rather than trying to use blurb ↵Ned Deily2017-07-271-1/+13
| | | | | | | | | | | | | | | | (#2874) * bpo-31036: use an existing Misc/NEWS rather than trying to use blurb * bpo-31036: avoid echoing comments
| * [3.5] bpo-30876: Add new import test files to projects. (GH-2851). (#2913)Serhiy Storchaka2017-07-271-0/+1
| | | | | | (cherry picked from commit d5ed47dea25e04a3a144eddf99a4ac4a29242dbc)
* | Post-release version bump for 3.5.4 final.Larry Hastings2017-08-081-1/+1
| |
* | Version bump for 3.5.4 final.v3.5.4Larry Hastings2017-08-072-5/+5
| |
* | Blurb release and pydoc topics for 3.5.4 final.Larry Hastings2017-08-073-13089/+86
| |
* | bpo-25910: Update LICENSE (GH-2873) (GH-2968)Mariatta2017-08-071-6/+5
| | | | | | | | | | | | Use the copy provided in https://bugs.python.org/issue25910GH-msg295200 (cherry picked from commit 8474d87165593bac2bc231287f42c4cff3fd6aaf) (cherry picked from commit f6306e737203ac1bf1717bbf62bc58dac24b68db)
* | Fix trivial typo in multiprocessing documentation (GH-2930) (GH-2941)Mariatta2017-08-071-1/+1
| | | | | | | | | | (cherry picked from commit 6fcb69dad579cc9a7dc15eabead43b6c37464f8c) (cherry picked from commit 52c41f18086f3d8b1eb3854b568f04717c724e3d)
* | [3.5] bpo-31036: use an existing Misc/NEWS rather than trying to use blurb ↵Ned Deily2017-08-071-1/+13
|/ | | | | | | | | | (#2874) * bpo-31036: use an existing Misc/NEWS rather than trying to use blurb * bpo-31036: avoid echoing comments (cherry picked from commit 3de144890ad3bc50694368a1b33be6d7f3a780b3)
* [3.5] [security] bpo-30119: fix ftplib.FTP.putline() to throw an error for a ↵Dong-hee Na2017-07-263-1/+9
| | | | illegal command (#1214) (#2887)
* [3.5] bpo-31018: Switch to GH-pragma pack from __declspec(align) (GH-2848) ↵Segev Finer2017-07-251-1/+4
| | | | | (#2869) (cherry picked from commit 39243779f4c97ec6f700fa73c007ca66dfa9408e)
* Post-release version bump for 3.5.4rc1.Larry Hastings2017-07-251-1/+1
|
* Merge main 3.5 branch into 3.5.4rc1.Larry Hastings2017-07-253-9/+9
|\
| * bpo-30908: Fix dangling thread in test_os.TestSendfile (#2680) (#2845)Victor Stinner2017-07-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | tearDown() now clears explicitly the self.server variable to make sure that the thread is completely cleared when tearDownClass() checks if all threads have been cleaned up. Fix the following warning: $ ./python -m test --fail-env-changed -m test.test_os.TestSendfile.test_keywords -R 3:1 test_os (...) Warning -- threading_cleanup() failed to cleanup 0 threads after 3 sec (count: 0, dangling: 2) (...) Tests result: ENV CHANGED (cherry picked from commit d1cc037d1442cc35d1b194ec8e50901514360949)
| * Backport Mac installer fixes for git-based workflow (#2838)Ned Deily2017-07-241-5/+4
| |
| * bpo-29572: Update macOS installer build to OpenSSL 1.0.2k (#457) (#2835)Ned Deily2017-07-242-4/+4
| | | | | | (cherry picked from commit cfcd76777e35c83d548d8736f5d7dc92fe56d806)
View Lorry Controller Status