Skip to main content

Browse the archive

Staging
v0.5.1
https://github.com/python/cpython
09 December 2020, 11:06:31 UTC
Raw File
Tip revision: e76cbc781044ee01b059f3702c580e66266b84c5 authored by Larry Hastings on 18 March 2019, 16:51:26 UTC
Version bump for 3.4.10.
Tip revision: e76cbc7
3.4.10rc1.rst 
.. bpo: 35746
.. date: 2019-01-15-18-16-05
.. nonce: nMSd0j
.. release date: 2019-03-03
.. section: Security

[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
not handle CRL distribution points with empty DP or URI correctly. A
malicious or buggy certificate can result into segfault. Vulnerability
(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.

..

.. bpo: 34791
.. date: 2018-09-24-18-49-25
.. nonce: 78GmIG
.. section: Security

The xml.sax and xml.dom.domreg no longer use environment variables to
override parser implementations when sys.flags.ignore_environment is set by
-E or -I arguments.

..

.. bpo: 34623
.. date: 2018-09-10-16-05-39
.. nonce: Ua9jMv
.. section: Security

CVE-2018-14647: The C accelerated _elementtree module now initializes hash
randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG.

..

.. bpo: 33329
.. date: 2018-04-23-13-21-39
.. nonce: lQ-Eod
.. section: Library

Fix multiprocessing regression on newer glibcs
back to top