Skip to main content

Browse the archive

Staging
v0.5.1
https://github.com/python/cpython
09 December 2020, 11:06:31 UTC
Raw File
Tip revision: 05c28b08f6e2fc8782472b026c98a3fdd61a2ba9 authored by Larry Hastings on 07 May 2019, 18:29:45 UTC
Post-release version bump for 3.4.10.
Tip revision: 05c28b0
3.4.10rc1.rst 
.. bpo: 35746
.. date: 2019-01-15-18-16-05
.. nonce: nMSd0j
.. release date: 2019-03-03
.. section: Security

[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
not handle CRL distribution points with empty DP or URI correctly. A
malicious or buggy certificate can result into segfault. Vulnerability
(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.

..

.. bpo: 34791
.. date: 2018-09-24-18-49-25
.. nonce: 78GmIG
.. section: Security

The xml.sax and xml.dom.domreg no longer use environment variables to
override parser implementations when sys.flags.ignore_environment is set by
-E or -I arguments.

..

.. bpo: 34623
.. date: 2018-09-10-16-05-39
.. nonce: Ua9jMv
.. section: Security

CVE-2018-14647: The C accelerated _elementtree module now initializes hash
randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG.

..

.. bpo: 33329
.. date: 2018-04-23-13-21-39
.. nonce: lQ-Eod
.. section: Library

Fix multiprocessing regression on newer glibcs
back to top