_PyWarnings_Init() only allocates memory once at startup but it is
not released at exit. Ignore this issue to be able to catch other
bugs more easily.

(cherry picked from commit 3b03b09f)
Co-authored-by: Benjamin Peterson <benjamin@python.org>

Fix test_wsgiref.testEnviron() to no longer depend on the environment
variables (don't fail if "X" variable is set).

testEnviron() now overrides os.environ to get a deterministic
environment. Test full TestHandler.environ content: not only a few
selected variables.
(cherry picked from commit 5150d327)
Co-authored-by: Victor Stinner <vstinner@redhat.com>

Add $(PyDebugExt) in "Killing any running python$(PyDebugExt).exe
instances...".

(cherry picked from commit c0295dba)

* regrtest: Add --cleanup option to remove "test_python_*" directories
  of previous failed test jobs.
* Add "make cleantest" to run "python -m test --cleanup".

(cherry picked from commit 47fbc4e4)

Rephrase and clarify that "the entire Python program exits when only daemon threads are left". This matches the documentation at https://docs.python.org/3/library/threading.htmlGH-thread-objects.
(cherry picked from commit bb110cc2)
Co-authored-by: mbarkhau <mbarkhau@gmail.com>

test_gdb no longer fails if it gets an "unexpected" message on
stderr: it now ignores stderr. The purpose of test_gdb is to test
that python-gdb.py commands work as expected, not to test gdb.

(cherry picked from commit e56a123f)

'\0' is the NUL byte not NULL..
(cherry picked from commit 7821b4c6)

Cherry-picked from 66d47da8.

This is a manual backport of ca7fe506 since 2.7 has `http.cookiejar` in `cookielib`


https://bugs.python.org/issue35121

If urlparse.urlsplit() detects an invalid netloc according to NFKC
normalization, the error message type is now str rather than unicode,
and use repr() to format the URL, to prevent <exception str() failed>
when display the error message.

Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>

https://bugs.python.org/issue34836

(cherry picked from commit dc247650)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>

This avoids the search dialogs being hidden behind the editor window.

(cherry picked from commit 554450fb)

(cherry picked from commit 59e7bbca)
Co-authored-by: Julien Palard <julien@palard.fr>

(cherry picked from commit d3371691)
Co-authored-by: cclauss <cclauss@me.com>

* bpo-12639: msilib.Directory.start_component() fails if *keyfile* is not None (GH-13688)

msilib.Directory.start_component() was passing an extra argument to CAB.gen_id().
(cherry picked from commit c8d5bf6c)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>

Patch by Kojo Idrissa.
(cherry picked from commit 1b4abcf3)
Co-authored-by: Kojo Idrissa <kojoidrissa@users.noreply.github.com>


https://bugs.python.org/issue33071

https://bugs.python.org/issue33006

Skip the test if xrange(sys.maxsize) raises an OverflowError.

Fix possible overflow in wrap_lenfunc() when
sizeof(long) < sizeof(Py_ssize_t) (e.g., 64-bit Windows).

(cherry picked from commit 05f16416)

modified:   Lib/ctypes/test/test_unicode.py
 	modified:   Misc/ACKS
 	new file:   Misc/NEWS.d/next/Library/2019-05-23-15-57-36.bpo-36713.sjPhnf.rst

Test also URLopener().open(), URLopener().retrieve(), and
DummyURLopener().retrieve().

 CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL scheme in urllib.urlopen().

Disallow control chars in http URLs in urllib2.urlopen.  This
addresses a potential security problem for applications that do not
sanity check their URLs where http request headers could be injected.

Disable https related urllib tests on a build without ssl (GH-13032)
These tests require an SSL enabled build. Skip these tests when
python is built without SSL to fix test failures.

Use httplib.InvalidURL instead of ValueError as the new error case's
exception. (GH-13044)

Backport Co-Authored-By: Miro Hrončok <miro@hroncok.cz>

(cherry picked from commit 7e200e0763f5b71c199aaf98bd5588f291585619)

Notes on backport to Python 2.7:

* test_urllib tests urllib.urlopen() which quotes the URL and so is
  not vulerable to HTTP Header Injection.
* Add tests to test_urllib2 on urllib2.urlopen().
* Reject non-ASCII characters: range 0x80-0xff.

(cherry picked from commit 53d378c8)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>

TLS 1.3 has a more efficient handshake protocol. The client can reject the server's credentials and close the connection before the server has even finished writing out all of its initial data. Depending on whether the server finishes writing the rest of its handshake before the it sees the connection is reset, the server will read an empty line or see a ECONNRESET OSError. Nothing is really wrong here with the server or client, so just suppress the error output in the OSError case to fix the test.

This fix isn't required in Python 3 because clients that reject the server's certificate will shut down the TLS layer before closing the TCP connection.