Content - d7e5886c197e66bf44e953e67d4f74e2949bfc9f - e16c173/Misc/NEWS.d/3.4.9rc1.rst

Staging
v0.5.1

swh:1:snp:635f4099902912592851108bcac178ff574f7c5f

Tip revision: 0a5a5af9b6b47727c5ee3def4508dab312949075 authored by Larry Hastings on 02 August 2018, 09:18:47 UTC
Version bump for 3.4.9 final.

Tip revision: 0a5a5af

3.4.9rc1.rst

.. bpo: 33001
.. date: 2018-03-05-10-09-51
.. nonce: elj4Aa
.. release date: 2018-07-19
.. section: Security

Minimal fix to prevent buffer overrun in os.symlink on Windows

..

.. bpo: 32981
.. date: 2018-03-02-10-24-52
.. nonce: O_qDyj
.. section: Security

Regexes in difflib and poplib were vulnerable to catastrophic backtracking.
These regexes formed potential DOS vectors (REDOS). They have been
refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch by Jamie
Davis.