Commit 89dea466 authored by Benjamin Peterson's avatar Benjamin Peterson

Roll up news for 2.7.17rc1.

parent f5b1abbb
.. bpo: 38243
.. date: 2019-09-25-13-21-09
.. nonce: 1pfz24
.. release date: 2019-10-07
.. section: Security
Escape the server title of :class:`DocXMLRPCServer.DocXMLRPCServer` when
rendering the document page as HTML. (Contributed by Dong-hee Na in
:issue:`38243`.)
..
.. bpo: 38174
.. date: 2019-09-23-21-02-46
.. nonce: MeWuJd
.. section: Security
Update vendorized expat library version to 2.2.8, which resolves
CVE-2019-15903.
..
.. bpo: 34631
.. date: 2019-06-17-08-43-19
.. nonce: pJ8CGR
.. section: Security
Updated OpenSSL to 1.0.2s in Windows installer
..
.. bpo: 35647
.. date: 2019-05-20-00-49-29
.. nonce: oWmiGU
.. section: Security
Don't set cookie for a request when the request path is a prefix match of
the cookie's path attribute but doesn't end with "/". Patch by Karthikeyan
Singaravelan.
..
.. bpo: 35121
.. date: 2019-05-20-00-35-12
.. nonce: RRi-HU
.. section: Security
Don't send cookies of domain A without Domain attribute to domain B when
domain A is a suffix match of domain B while using a cookiejar with
:class:`cookielib.DefaultCookiePolicy` policy. Patch by Karthikeyan
Singaravelan.
..
.. bpo: 34155
.. date: 2019-05-04-13-33-37
.. nonce: MJll68
.. section: Security
Fix parsing of invalid email addresses with more than one ``@`` (e.g.
a@b@c.com.) to not return the part before 2nd ``@`` as valid email address.
Patch by maxking & jpic.
..
.. bpo: 36742
.. date: 2019-04-29-15-34-59
.. nonce: QCUY0i
.. section: Security
Fixes mishandling of pre-normalization characters in urlsplit().
..
.. bpo: 30458
.. date: 2019-04-10-08-53-30
.. nonce: 51E-DA
.. section: Security
Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or
control characters through into the underlying http client request. Such
potentially malicious header injection URLs now cause an httplib.InvalidURL
exception to be raised.
..
.. bpo: 36216
.. date: 2019-03-06-09-38-40
.. nonce: 6q1m4a
.. section: Security
Changes urlsplit() to raise ValueError when the URL contains characters that
decompose under IDNA encoding (NFKC-normalization) into characters that
affect how the URL is parsed.
..
.. bpo: 35907
.. date: 2019-02-13-17-21-10
.. nonce: ckk2zg
.. section: Security
CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and
``local_file://`` URL schemes in :func:`urllib.urlopen`,
:meth:`urllib.URLopener.open` and :meth:`urllib.URLopener.retrieve`.
..
.. bpo: 38106
.. date: 2019-09-12-16-36-16
.. nonce: 4pApn7
.. section: Core and Builtins
Fix race in PyThread_release_lock that was leading to memory corruption and
deadlocks. The fix applies to POSIX systems where Python locks are
implemented with mutex and condition variable because POSIX semaphores are
either not provided, or are known to be broken. One particular example of
such system is macOS.
..
.. bpo: 37329
.. date: 2019-06-18-15-08-32
.. nonce: 7XVDRv
.. section: Core and Builtins
valgrind: suppress a false alarm in memory leak checks. _PyWarnings_Init()
only allocates memory once at startup but it is not released at exit. Ignore
this issue to be able to catch other bugs more easily.
..
.. bpo: 26423
.. date: 2019-05-27-18-00-19
.. nonce: RgUOE8
.. section: Core and Builtins
Fix possible overflow in ``wrap_lenfunc()`` when ``sizeof(long) <
sizeof(Py_ssize_t)`` (e.g., 64-bit Windows).
..
.. bpo: 27987
.. date: 2019-04-16-11-52-21
.. nonce: n2_DcQ
.. section: Core and Builtins
pymalloc returns memory blocks aligned by 16 bytes, instead of 8 bytes, on
64-bit platforms to conform x86-64 ABI. Recent compilers assume this
alignment more often. Patch by Inada Naoki.
..
.. bpo: 36504
.. date: 2019-04-02-04-10-32
.. nonce: k_V8Bm
.. section: Core and Builtins
Fix signed integer overflow in _ctypes.c's ``PyCArrayType_new()``.
..
.. bpo: 36459
.. date: 2019-03-27-22-35-16
.. nonce: UAvkKp
.. section: Core and Builtins
Fix a possible double ``PyMem_FREE()`` due to tokenizer.c's ``tok_nextc()``.
..
.. bpo: 36430
.. date: 2019-03-25-23-37-26
.. nonce: sd9xxQ
.. section: Core and Builtins
Fix a possible reference leak in :func:`itertools.count`.
..
.. bpo: 18368
.. date: 2019-03-14-17-30-46
.. nonce: WXaHAo
.. section: Core and Builtins
PyOS_StdioReadline() no longer leaks memory when realloc() fails.
..
.. bpo: 36262
.. date: 2019-03-11-15-37-33
.. nonce: v3N6Fz
.. section: Core and Builtins
Fix an unlikely memory leak on conversion from string to float in the
function ``_Py_dg_strtod()`` used by ``float(str)``, ``complex(str)``,
:func:`pickle.load`, :func:`marshal.load`, etc.
..
.. bpo: 36149
.. date: 2019-02-28-13-52-18
.. nonce: GJdnh4
.. section: Core and Builtins
Fix use of uninitialized memory in cPickle when reading a truncated pickle
from a file object.
..
.. bpo: 33006
.. date: 2018-03-07-09-10-42
.. nonce: Bzx3LA
.. section: Core and Builtins
Clarified Doc string for builtin filter function. 2nd Argument can be any
iterable. Patch by Tony Flury
..
.. bpo: 38216
.. date: 2019-09-27-15-24-45
.. nonce: -7yvZR
.. section: Library
Allow the rare code that wants to send invalid http requests from the
`http.client` library a way to do so. The fixes for bpo-30458 led to
breakage for some projects that were relying on this ability to test their
own behavior in the face of bad requests.
..
.. bpo: 38175
.. date: 2019-09-15-10-30-33
.. nonce: 61XlUv
.. section: Library
Fix a memory leak in comparison of :class:`sqlite3.Row` objects.
..
.. bpo: 33936
.. date: 2019-09-14-10-34-00
.. nonce: 8wCI_n
.. section: Library
_hashlib no longer calls obsolete OpenSSL initialization function with
OpenSSL 1.1.0+.
..
.. bpo: 34410
.. date: 2019-08-31-01-52-59
.. nonce: 7KbWZQ
.. section: Library
Fixed a crash in the :func:`tee` iterator when re-enter it. RuntimeError is
now raised in this case.
..
.. bpo: 37965
.. date: 2019-08-28-14-04-18
.. nonce: 7xGE-C
.. section: Library
Fix C compiler warning caused by distutils.ccompiler.CCompiler.has_function.
..
.. bpo: 34521
.. date: 2019-08-23-14-47-09
.. nonce: Y2BYu5
.. section: Library
Fix file descriptors transfer in multiprocessing on FreeBSD: use
``CMSG_SPACE()`` rather than ``CMSG_LEN()``; see :rfc:`3542`.
..
.. bpo: 37664
.. date: 2019-07-24-18-27-44
.. nonce: o-GYZC
.. section: Library
Update wheels bundled with ensurepip (pip 19.2.3 and setuptools 41.2.0)
..
.. bpo: 37437
.. date: 2019-06-27-20-33-50
.. nonce: du39_A
.. section: Library
Update vendorized expat version to 2.2.7.
..
.. bpo: 36742
.. date: 2019-06-10-12-02-45
.. nonce: UEdHXJ
.. section: Library
:func:`urlparse.urlsplit` error message for invalid ``netloc`` according to
NFKC normalization is now a :class:`str` string, rather than a
:class:`unicode` string, to prevent error when displaying the error.
..
.. bpo: 12639
.. date: 2019-05-30-16-16-47
.. nonce: TQFOR4
.. section: Library
:meth:`msilib.Directory.start_component()` no longer fails if *keyfile* is
not ``None``.
..
.. bpo: 36713
.. date: 2019-05-23-15-57-36
.. nonce: sjPhnf
.. section: Library
Rename the :meth:`test_ascii_replace` to :meth:`test_ascii_strict`.
..
.. bpo: 28552
.. date: 2019-04-18-16-10-29
.. nonce: MW1TLt
.. section: Library
Fix :mod:`distutils.sysconfig` if :data:`sys.executable` is ``None`` or an
empty string: use :func:`os.getcwd` to initialize ``project_base``. Fix
also the distutils build command: don't use :data:`sys.executable` if it is
``None`` or an empty string.
..
.. bpo: 36337
.. date: 2019-03-18-10-08-30
.. nonce: QhJnXy
.. section: Library
Fix buffer overflow in :meth:`~socket.socket.send` and
:meth:`~socket.socket.sendall` methods of :func:`socket.socket` for data
larger than 2 GiB.
..
.. bpo: 36291
.. date: 2019-03-14-15-54-46
.. nonce: UalHXP
.. section: Library
Fix a possible reference leak in the json module.
..
.. bpo: 36289
.. date: 2019-03-14-15-42-48
.. nonce: wYKS47
.. section: Library
Fix a possible reference leak in the io module.
..
.. bpo: 36212
.. date: 2019-03-14-14-40-22
.. nonce: IEgRI8
.. section: Library
Fix two possible reference leaks in the hotshot module.
..
.. bpo: 36235
.. date: 2019-03-08-13-32-21
.. nonce: _M72wU
.. section: Library
Fix ``CFLAGS`` in ``customize_compiler()`` of ``distutils.sysconfig``: when
the ``CFLAGS`` environment variable is defined, don't override ``CFLAGS``
variable with the ``OPT`` variable anymore. Initial patch written by David
Malcolm.
..
.. bpo: 35807
.. date: 2019-03-06-13-21-33
.. nonce: W7mmu3
.. section: Library
Update ensurepip to install pip 19.0.3 and setuptools 40.8.0.
..
.. bpo: 36186
.. date: 2019-03-04-16-39-16
.. nonce: Hqw1A_
.. section: Library
Fix linuxaudiodev.linux_audio_device() error handling: close the internal
file descriptor if it fails to open the device.
..
.. bpo: 13096
.. date: 2019-03-04-16-13-01
.. nonce: SGPt_n
.. section: Library
Fix memory leak in ctypes POINTER handling of large values.
..
.. bpo: 36179
.. date: 2019-03-04-10-42-46
.. nonce: jEyuI-
.. section: Library
Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in
out-of-memory cases.
..
.. bpo: 36106
.. date: 2019-02-25-13-21-43
.. nonce: VuhEiQ
.. section: Library
Resolve potential name clash with libm's sinpi(). Patch by Dmitrii
Pasechnik.
..
.. bpo: 31292
.. date: 2017-08-30-20-27-00
.. nonce: dKIaZb
.. section: Library
Fix ``setup.py check --restructuredtext`` for files containing ``include``
directives.
..
.. bpo: 37487
.. date: 2019-07-06-17-19-26
.. nonce: QagfZ5
.. section: Documentation
Fix PyList_GetItem index description to include 0.
..
.. bpo: 37149
.. date: 2019-07-06-02-19-02
.. nonce: NumHn3
.. section: Documentation
Replace the dead link to the Tkinter 8.5 reference by John Shipman, New
Mexico Tech, with a link to the archive.org copy.
..
.. bpo: 35126
.. date: 2019-02-18-10-01-07
.. nonce: LWwl8X
.. section: Documentation
Improve the examples in the "How do I convert a number to string?" question
of the "Programming" section of the FAQ. Contributed by Stéphane Wirtel.
..
.. bpo: 35605
.. date: 2018-12-30-09-56-13
.. nonce: gAWt32
.. section: Documentation
Fix documentation build for sphinx<1.6. Patch by Anthony Sottile.
..
.. bpo: 35564
.. date: 2018-12-22-22-52-05
.. nonce: TuEU_D
.. section: Documentation
Explicitly set master_doc variable in conf.py for compliance with Sphinx 2.0
..
.. bpo: 33832
.. date: 2018-06-15-15-57-37
.. nonce: xBFhKw
.. section: Documentation
Add glossary entry for 'magic method'.
..
.. bpo: 37411
.. date: 2019-06-26-15-28-45
.. nonce: 5lGNhM
.. section: Tests
Fix test_wsgiref.testEnviron() to no longer depend on the environment
variables (don't fail if "X" variable is set).
..
.. bpo: 37359
.. date: 2019-06-24-10-47-07
.. nonce: CkdtyO
.. section: Tests
Add --cleanup option to python3 -m test to remove ``test_python_*``
directories of previous failed jobs. Add "make cleantest" to run ``python3
-m test --cleanup``.
..
.. bpo: 37362
.. date: 2019-06-21-15-47-33
.. nonce: D3xppx
.. section: Tests
test_gdb no longer fails if it gets an "unexpected" message on stderr: it
now ignores stderr. The purpose of test_gdb is to test that python-gdb.py
commands work as expected, not to test gdb.
..
.. bpo: 36816
.. date: 2019-05-08-15-55-46
.. nonce: WBKRGZ
.. section: Tests
Update Lib/test/selfsigned_pythontestdotnet.pem to match
self-signed.pythontest.net's new TLS certificate.
..
.. bpo: 35925
.. date: 2019-05-06-18-29-54
.. nonce: gwQPuC
.. section: Tests
Skip specific nntplib and ssl networking tests when they would otherwise
fail due to a modern OS or distro with a default OpenSSL policy of rejecting
connections to servers with weak certificates or disabling TLS below
TLSv1.2.
..
.. bpo: 36560
.. date: 2019-04-09-14-08-02
.. nonce: _ejeOr
.. section: Tests
Fix reference leak hunting in regrtest: compute also deltas (of reference
count and file descriptor count) during warmup, to ensure that everything is
initialized before starting to hunt reference leaks.
..
.. bpo: 36234
.. date: 2019-03-08-12-53-37
.. nonce: NRVK6W
.. section: Tests
test_posix.PosixUidGidTests: add tests for invalid uid/gid type (str). Patch
written by David Malcolm.
..
.. bpo: 36019
.. date: 2019-03-05-13-27-36
.. nonce: ebUjCm
.. section: Tests
Add test.support.TEST_HTTP_URL and replace references of
http://www.example.com by this new constant. Contributed by Stéphane Wirtel.
..
.. bpo: 27313
.. date: 2019-02-24-03-19-43
.. nonce: Sj9veH
.. section: Tests
Avoid test_ttk_guionly ComboboxTest failure with macOS Cocoa Tk.
..
.. bpo: 26386
.. date: 2019-02-24-02-44-52
.. nonce: YZylPP
.. section: Tests
Re-enable missing widget testcases in test_ttk_guionly.
..
.. bpo: 34836
.. date: 2019-01-11-14-01-19
.. nonce: 7fat9-
.. section: Tests
Fix ``test_default_ecdh_curve`` when TLSv1.3 is enabled by default.
..
.. bpo: 38301
.. date: 2019-09-28-02-37-11
.. nonce: 123456
.. section: Build
In Solaris family, we must be sure to use ``-D_REENTRANT``. Patch by Jesús
Cea Avión.
..
.. bpo: 14353
.. date: 2019-05-12-10-52-37
.. nonce: LK1qWM
.. section: Build
Fix detection of the bind_textdomain_codeset function for building gettext
support into the locale module.
..
.. bpo: 36605
.. date: 2019-04-11-18-50-58
.. nonce: gk5czf
.. section: Build
``make tags`` and ``make TAGS`` now also parse ``Modules/_io/*.c`` and
``Modules/_io/*.h``.
..
.. bpo: 35264
.. date: 2018-11-16-15-19-09
.. nonce: h5GxH3
.. section: Build
Fix SSL module build with OpenSSL 1.1.0
..
.. bpo: 38117
.. date: 2019-09-16-12-47-12
.. nonce: JaiB0X
.. section: Windows
Updates bundled OpenSSL to 1.0.2t
..
.. bpo: 37445
.. date: 2019-06-28-18-10-29
.. nonce: LsdYO6
.. section: Windows
Include the ``FORMAT_MESSAGE_IGNORE_INSERTS`` flag in ``FormatMessageW()``
calls.
..
.. bpo: 35360
.. date: 2019-06-18-09-53-15
.. nonce: tdqSmo
.. section: Windows
Update Windows builds to use SQLite 3.28.0.
..
.. bpo: 1104
.. date: 2017-11-24-12-53-54
.. nonce: 1CWSZp
.. section: Windows
Correctly handle string length in ``msilib.SummaryInfo.GetProperty()`` to
prevent it from truncating the last character.
..
.. bpo: 38117
.. date: 2019-09-15-21-45-15
.. nonce: _U9F2r
.. section: macOS
Updated OpenSSL to 1.0.2t in macOS installer for 2.7.x.
..
.. bpo: 19960
.. date: 2019-06-20-01-16-16
.. nonce: LpLUPF
.. section: macOS
When building 2.7 on macOS without system header files installed in
``/usr/include``, a few extension modules dependent on system-supplied
third-party libraries were not being built, most notably zlib.
..
.. bpo: 35360
.. date: 2019-06-18-10-02-11
.. nonce: -CWbfy
.. section: macOS
Update macOS installer to use SQLite 3.28.0.
..
.. bpo: 34631
.. date: 2019-06-18-05-39-01
.. nonce: StdZhE
.. section: macOS
Updated OpenSSL to 1.0.2s in macOS installer.
..
.. bpo: 36231
.. date: 2019-06-03-05-49-49
.. nonce: RfmW_p
.. section: macOS
Support building Python on macOS without /usr/include installed. As of macOS
10.14, system header files are only available within an SDK provided by
either the Command Line Tools or the Xcode app.
..
.. bpo: 37177
.. date: 2019-06-07-00-17-41
.. nonce: voU6pQ
.. section: IDLE
Properly 'attach' search dialogs to their main window so that they behave
like other dialogs and do not get hidden behind their main window.
..
.. bpo: 13102
.. date: 2019-05-05-16-27-53
.. nonce: AGNWYJ
.. section: IDLE
When saving a file, call os.fsync() so bits are flushed to e.g. USB drive.
..
.. bpo: 37675
.. date: 2019-07-24-16-20-54
.. nonce: 951Cvf
.. section: Tools/Demos
2to3 now works when run from a zipped standard library.
..
.. bpo: 14546
.. date: 2019-04-30-14-30-29
.. nonce: r38Y-6
.. section: Tools/Demos
Fix the argument handling in Tools/scripts/lll.py.
..
.. bpo: 37170
.. date: 2019-06-06-08-47-04
.. nonce: hO_fpM
.. section: C API
Fix the cast on error in :c:func:`PyLong_AsUnsignedLongLongMask()`.
``make tags`` and ``make TAGS`` now also parse ``Modules/_io/*.c`` and
``Modules/_io/*.h``.
Fix detection of the bind_textdomain_codeset function for building gettext
support into the locale module.
In Solaris family, we must be sure to use ``-D_REENTRANT``.
Patch by Jesús Cea Avión.
Fix the cast on error in :c:func:`PyLong_AsUnsignedLongLongMask()`.
Clarified Doc string for builtin filter function. 2nd Argument can be any
iterable. Patch by Tony Flury
Fix use of uninitialized memory in cPickle when reading a truncated pickle
from a file object.
Fix an unlikely memory leak on conversion from string to float in the function
``_Py_dg_strtod()`` used by ``float(str)``, ``complex(str)``,
:func:`pickle.load`, :func:`marshal.load`, etc.
PyOS_StdioReadline() no longer leaks memory when realloc() fails.
Fix a possible reference leak in :func:`itertools.count`.
Fix a possible double ``PyMem_FREE()`` due to tokenizer.c's ``tok_nextc()``.
Fix signed integer overflow in _ctypes.c's ``PyCArrayType_new()``.
pymalloc returns memory blocks aligned by 16 bytes, instead of 8 bytes, on
64-bit platforms to conform x86-64 ABI. Recent compilers assume this alignment
more often. Patch by Inada Naoki.
Fix possible overflow in ``wrap_lenfunc()`` when
``sizeof(long) < sizeof(Py_ssize_t)`` (e.g., 64-bit Windows).
valgrind: suppress a false alarm in memory leak checks. _PyWarnings_Init()
only allocates memory once at startup but it is not released at exit. Ignore
this issue to be able to catch other bugs more easily.
Fix race in PyThread_release_lock that was leading to memory corruption and
deadlocks. The fix applies to POSIX systems where Python locks are implemented
with mutex and condition variable because POSIX semaphores are either not
provided, or are known to be broken. One particular example of such system is
macOS.
Explicitly set master_doc variable in conf.py for compliance with Sphinx 2.0
Fix documentation build for sphinx<1.6. Patch by Anthony Sottile.
Improve the examples in the "How do I convert a number to string?" question
of the "Programming" section of the FAQ. Contributed by Stéphane Wirtel.
Replace the dead link to the Tkinter 8.5 reference by John Shipman, New
Mexico Tech, with a link to the archive.org copy.
When saving a file, call os.fsync() so bits are flushed to e.g. USB drive.
Properly 'attach' search dialogs to their main window so that they behave
like other dialogs and do not get hidden behind their main window.
Fix ``setup.py check --restructuredtext`` for
files containing ``include`` directives.
Resolve potential name clash with libm's sinpi(). Patch by Dmitrii Pasechnik.
Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in
out-of-memory cases.
Fix memory leak in ctypes POINTER handling of large values.
Fix linuxaudiodev.linux_audio_device() error handling: close the internal file descriptor if it fails to open the device.
Update ensurepip to install pip 19.0.3 and setuptools 40.8.0.
Fix ``CFLAGS`` in ``customize_compiler()`` of ``distutils.sysconfig``: when
the ``CFLAGS`` environment variable is defined, don't override ``CFLAGS``
variable with the ``OPT`` variable anymore. Initial patch written by David
Malcolm.
Fix two possible reference leaks in the hotshot module.
Fix buffer overflow in :meth:`~socket.socket.send` and
:meth:`~socket.socket.sendall` methods of :func:`socket.socket` for data larger
than 2 GiB.
Fix :mod:`distutils.sysconfig` if :data:`sys.executable` is ``None`` or an
empty string: use :func:`os.getcwd` to initialize ``project_base``. Fix
also the distutils build command: don't use :data:`sys.executable` if it is
``None`` or an empty string.
Rename the :meth:`test_ascii_replace` to :meth:`test_ascii_strict`.
:meth:`msilib.Directory.start_component()` no longer fails if *keyfile* is
not ``None``.
:func:`urlparse.urlsplit` error message for invalid ``netloc`` according to
NFKC normalization is now a :class:`str` string, rather than a
:class:`unicode` string, to prevent error when displaying the error.
Update wheels bundled with ensurepip (pip 19.2.3 and setuptools 41.2.0)
Fix file descriptors transfer in multiprocessing on FreeBSD: use
``CMSG_SPACE()`` rather than ``CMSG_LEN()``; see :rfc:`3542`.
Fix C compiler warning caused by distutils.ccompiler.CCompiler.has_function.
Fixed a crash in the :func:`tee` iterator when re-enter it. RuntimeError is
now raised in this case.
_hashlib no longer calls obsolete OpenSSL initialization function with
OpenSSL 1.1.0+.
Fix a memory leak in comparison of :class:`sqlite3.Row` objects.
Allow the rare code that wants to send invalid http requests from the
`http.client` library a way to do so. The fixes for bpo-30458 led to
breakage for some projects that were relying on this ability to test their
own behavior in the face of bad requests.
CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and
``local_file://`` URL schemes in :func:`urllib.urlopen`,
:meth:`urllib.URLopener.open` and :meth:`urllib.URLopener.retrieve`.
Changes urlsplit() to raise ValueError when the URL contains characters that
decompose under IDNA encoding (NFKC-normalization) into characters that
affect how the URL is parsed.
\ No newline at end of file
Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an httplib.InvalidURL exception to be raised.
Fixes mishandling of pre-normalization characters in urlsplit().
Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic.
Don't send cookies of domain A without Domain attribute to domain B when
domain A is a suffix match of domain B while using a cookiejar with
:class:`cookielib.DefaultCookiePolicy` policy. Patch by Karthikeyan
Singaravelan.
Don't set cookie for a request when the request path is a prefix match of
the cookie's path attribute but doesn't end with "/". Patch by Karthikeyan
Singaravelan.
Update vendorized expat library version to 2.2.8, which resolves
CVE-2019-15903.
Escape the server title of :class:`DocXMLRPCServer.DocXMLRPCServer`
when rendering the document page as HTML.
(Contributed by Dong-hee Na in :issue:`38243`.)
Fix ``test_default_ecdh_curve`` when TLSv1.3 is enabled by default.
Re-enable missing widget testcases in test_ttk_guionly.
Avoid test_ttk_guionly ComboboxTest failure with macOS Cocoa Tk.
Add test.support.TEST_HTTP_URL and replace references of
http://www.example.com by this new constant. Contributed by Stéphane Wirtel.
test_posix.PosixUidGidTests: add tests for invalid uid/gid type (str).
Patch written by David Malcolm.
Fix reference leak hunting in regrtest: compute also deltas (of reference count
and file descriptor count) during warmup, to ensure that everything is
initialized before starting to hunt reference leaks.
Skip specific nntplib and ssl networking tests when they would otherwise fail due to a modern OS or distro with a default OpenSSL policy of rejecting connections to servers with weak certificates or disabling TLS below TLSv1.2.
Update Lib/test/selfsigned_pythontestdotnet.pem to match self-signed.pythontest.net's new TLS certificate.
\ No newline at end of file
test_gdb no longer fails if it gets an "unexpected" message on stderr: it now
ignores stderr. The purpose of test_gdb is to test that python-gdb.py commands
work as expected, not to test gdb.
Add --cleanup option to python3 -m test to remove ``test_python_*``
directories of previous failed jobs. Add "make cleantest" to run
``python3 -m test --cleanup``.
Fix test_wsgiref.testEnviron() to no longer depend on the environment
variables (don't fail if "X" variable is set).
2to3 now works when run from a zipped standard library.
Correctly handle string length in ``msilib.SummaryInfo.GetProperty()`` to
prevent it from truncating the last character.
Include the ``FORMAT_MESSAGE_IGNORE_INSERTS`` flag in ``FormatMessageW()``
calls.
Support building Python on macOS without /usr/include installed. As of macOS
10.14, system header files are only available within an SDK provided by
either the Command Line Tools or the Xcode app.
When building 2.7 on macOS without system header files installed in
``/usr/include``, a few extension modules dependent on system-supplied
third-party libraries were not being built, most notably zlib.
Updated OpenSSL to 1.0.2t in macOS installer for 2.7.x.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment