Revision history - None - origin: https://github.com/python/cpython

Staging
v0.5.1

visit type:

https://github.com/python/cpython

09 December 2020, 11:06:31 UTC

Revision	Author	Date	Message	Commit Date
c498cd8	scoder	31 March 2018, 12:23:30 UTC	bpo-31544: Fix a reference leak to 'self' after the previous target error handling fixes. (GH-6318) This change generally splits the xmlparser creation code into an unsafe part with "rollback" error handling and a safe "object initialisation done" part with normal decref cleanup.	31 March 2018, 12:23:30 UTC
7f48a42	Miss Islington (bot)	28 March 2018, 08:55:30 UTC	bpo-33163: Upgrade pip to 9.0.3 and setuptools to v39.0.1. (GH-6284) (cherry picked from commit c0518cde7a8404f310cd3495e77e612820ecad4f) Co-authored-by: Ned Deily <nad@python.org>	28 March 2018, 08:55:30 UTC
a266507	Miss Islington (bot)	26 March 2018, 12:11:15 UTC	Fix description about SimpleXMLRPCServer constructor parameter bind_and_activate. (GH-776) Passing True as the `bind_and_activate` do immediately opening and binding to their socket. (cherry picked from commit e6223579c87b93f3e60d28796f521587d88091d4) Co-authored-by: cocoatomo <cocoatomo77@gmail.com>	26 March 2018, 12:11:15 UTC
e3e8bdc	Miss Islington (bot)	26 March 2018, 10:58:47 UTC	Fix typo and edit for clarity in the docstrings of sys.float_info. (GH-2251) (cherry picked from commit 0301c9bdd1ebd788d1334cf3fe06c48f35bab0dc) Co-authored-by: Stefano Taschini <taschini@users.noreply.github.com>	26 March 2018, 10:58:47 UTC
edd5418	Christian Heimes	24 March 2018, 18:34:15 UTC	[2.7] bpo-33127: Compatibility patch for LibreSSL 2.7.0 (GH-6210) (GH-6215) LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7. Documentation updates and fixes for failing tests will be provided in another patch set. Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1) Co-authored-by: Christian Heimes <christian@python.org>	24 March 2018, 18:34:15 UTC
0694b6a	scoder	24 March 2018, 05:56:41 UTC	bpo-31544: Avoid calling "PyObject_GetAttrString()" (and potentially executing user code) with a live exception set. (GH-3992)	24 March 2018, 05:56:41 UTC
1ce4e5b	Miss Islington (bot)	22 March 2018, 04:14:22 UTC	Upgrade pip to v9.0.3 and setuptools to v39.0.1 (GH-6184) (cherry picked from commit d93b5161af12291f3f98a260c90cc2975ea9e9cd) Co-authored-by: Donald Stufft <donald@stufft.io>	22 March 2018, 04:14:22 UTC
7ee0936	Miss Islington (bot)	21 March 2018, 06:55:44 UTC	Fix typos in mmap() error messages (GH-6173) (cherry picked from commit 9308dea3e1fd565d50a76a667e4e8ef0568b7053) Co-authored-by: Zackery Spytz <zspytz@gmail.com>	21 March 2018, 06:55:44 UTC
4e907d8	Miss Islington (bot)	17 March 2018, 15:54:45 UTC	Update pip to 9.0.2 and setuptools to 38.6.1 (GH-6133) (GH-6135) (cherry picked from commit 7f81bb2addbbccfa45a2fc1aa6030f26dcf4bd78) Co-authored-by: Donald Stufft <donald@stufft.io>	17 March 2018, 15:54:45 UTC
baca85f	xdegaye	13 March 2018, 21:06:14 UTC	[2.7] bpo-17288: Prevent jumps from 'return' and 'exception' trace events. (GH-6111) (cherry picked from commit e32bbaf376a09c149fa7c7f2919d7c9ce4e2a055)	13 March 2018, 21:06:14 UTC
3854f58	Miss Islington (bot)	11 March 2018, 08:55:59 UTC	[2.7] bpo-33026: Fix jumping out of "with" block by setting f_lineno. (GH-6026). (GH-6074) (GH-6076) (cherry picked from commit 26c9f565d016db21257a60d29ab2c99383dd5ac7) (cherry picked from commit 04aadf23eac51fec2e436c5960c1362bbb7d03de) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>	11 March 2018, 08:55:59 UTC
34bb88d	Xiang Zhang	09 March 2018, 02:21:58 UTC	Clear possible exception before calling PyTuple_Pack in IMPORT_NAME (GH-6033)	09 March 2018, 02:21:58 UTC
55d5bfb	Jamie Davis	06 March 2018, 05:59:02 UTC	[2.7] closes bpo-32997: Fix REDOS in fpformat (GH-5984) The regex to decode a number in fpformat is susceptible to catastrophic backtracking. This is a potential DOS vector if a server is using fpformat on untrusted number strings. Replace it with an equivalent non-vulnerable regex. The match behavior of the new regex is slightly different. It captures the whole integer part of the number in one group, Leading zeros are stripped off later.	06 March 2018, 05:59:02 UTC
e052d40	Benjamin Peterson	04 March 2018, 06:18:17 UTC	[2.7] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) * Prevent low-grade poplib REDOS (CVE-2018-1060) The regex to test a mail server's timestamp is susceptible to catastrophic backtracking on long evil responses from the server. Happily, the maximum length of malicious inputs is 2K thanks to a limit introduced in the fix for CVE-2013-1752. A 2KB evil response from the mail server would result in small slowdowns (milliseconds vs. microseconds) accumulated over many apop calls. This is a potential DOS vector via accumulated slowdowns. Replace it with a similar non-vulnerable regex. The new regex is RFC compliant. The old regex was non-compliant in edge cases. * Prevent difflib REDOS (CVE-2018-1061) The default regex for IS_LINE_JUNK is susceptible to catastrophic backtracking. This is a potential DOS vector. Replace it with an equivalent non-vulnerable regex. Also introduce unit and REDOS tests for difflib. Co-authored-by: Tim Peters <tim.peters@gmail.com> Co-authored-by: Christian Heimes <christian@python.org>. (cherry picked from commit 0e6c8ee2358a2e23117501826c008842acb835ac)	04 March 2018, 06:18:17 UTC
20003f9	Brett Cannon	02 March 2018, 22:10:21 UTC	bpo-32963: Fix the tutorial to state source has a default encoding of ASCII (GH-5961)	02 March 2018, 22:10:21 UTC
aa40f92	Alexey Izbyshev	01 March 2018, 10:27:34 UTC	[2.7] bpo-32903: Fix a memory leak in os.chdir() on Windows (GH-5801). (#5947) (cherry picked from commit 3e197c7a6740d564ad52fb7901c07d5ff49460f5) Co-authored-by: Alexey Izbyshev <izbyshev@users.noreply.github.com>	01 March 2018, 10:27:34 UTC
c20c97f	bennorth	26 February 2018, 22:35:03 UTC	bpo-18533: Avoid RuntimeError from repr() of recursive dictview (#4823) (#5357) (cherry picked from commit d7773d92bd11640a8c950d6c36a9cef1cee36f96)	26 February 2018, 22:35:03 UTC
ecaa372	Miss Islington (bot)	25 February 2018, 21:22:43 UTC	bpo-32500: Correct the documentation for PySequence_Size() and PySequence_Length() (GH-5767) Dropped the part that says: "For objects that do not provide sequence protocol". (cherry picked from commit 7a1e1786f98ad49caa157dcdf14ada9d0b07d0fd) Co-authored-by: Zackery Spytz <zspytz@gmail.com>	25 February 2018, 21:22:43 UTC
b7c1a94	Cheryl Sabella	25 February 2018, 20:50:26 UTC	[2.7] bpo-25059: Clarify the print separator usage in tutorial (GH-5879) By default `print` adds spaces between its arguments. (cherry picked from commit 84c4b0cc67ceb4b70842b78c718b6e8214874d6a)	25 February 2018, 20:50:26 UTC
7634947	Miss Islington (bot)	25 February 2018, 19:38:24 UTC	bpo-31454: Include information about "import X as Y" in Modules tutorial (GH-4041) (cherry picked from commit fbee88244e8921afdb29fde51a9a010a8ae18277) Co-authored-by: Mario Corchero <mariocj89@gmail.com>	25 February 2018, 19:38:24 UTC
07c13ee	Miss Islington (bot)	25 February 2018, 15:34:46 UTC	Delete a broken threading.local example (GH-5870) This code never did anything correct or useful. The class attribute will never be affected, and the condition will never be true. (cherry picked from commit 5fb632e83136399bad9427ee23ec8b771695290a) Co-authored-by: Aaron Gallagher <habnabit@users.noreply.github.com>	25 February 2018, 15:34:46 UTC
df1732a	Christian Heimes	25 February 2018, 13:28:55 UTC	[2.7] bpo-30622: Fix NPN for OpenSSL 1.1.1-pre1 (GH-5876) (#5882) Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 29eab55309b9f78b79074d26db16a44e7841c639) Co-authored-by: Christian Heimes <christian@python.org>	25 February 2018, 13:28:55 UTC
439956a	Christian Heimes	25 February 2018, 12:08:05 UTC	Fix ssl module, Python 2.7 doesn't have Py_MAX (#5878) Signed-off-by: Christian Heimes <christian@python.org>	25 February 2018, 12:08:05 UTC
4bb9b9a	Christian Heimes	25 February 2018, 11:31:17 UTC	[2.7] bpo-32647: Link ctypes extension with libdl. (GH-5550) (#5877) The ctypes module used to depend on indirect linking for dlopen. The shared extension is now explicitly linked against libdl on platforms with dl. Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 5bb9692575f10f4a7c7f1c2c0c70956baf6d5c23) Co-authored-by: Christian Heimes <christian@python.org>	25 February 2018, 11:31:17 UTC

Newer
Older