Commits · 84772e0ab49ee09acb44e30551aa5cfc1eafe5dc · Kirill Smelkov / cpython

05 Mar, 2019 1 commit
- [2.7] bpo-36019: Use pythontest.net in urllib network tests (GH-11941) (GH-12177) · 84772e0a
  Stéphane Wirtel authored Mar 05, 2019
```
Use test_support.TEST_HTTP_URL (pythontest.net) instead of http://www.example.com/.
```
  84772e0a
04 Mar, 2019 3 commits

[2.7] bpo-36149 Fix potential use of uninitialized memory in cPickle (#12105) · d9bf7f41
T. Wouters authored Mar 04, 2019
```
Fix off-by-one bug in cPickle that caused it to use uninitialised memory on truncated pickles read from FILE*s.
```
d9bf7f41

[2.7] bpo-36179: Fix ref leaks in _hashopenssl (GH-12158) (GH-12166) · 84b5ac9b

Christian Heimes authored Mar 04, 2019



Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in
out-of-memory cases. Thanks to Charalampos Stratakis.
Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue36179.
(cherry picked from commit b7bc283a)
Co-authored-by: Christian Heimes <christian@python.org>



https://bugs.python.org/issue36179

84b5ac9b

[2.7] bpo-13096: Fix memory leak in ctypes POINTER handling of large values (GH-12100) · 710dcfd2
stratakis authored Mar 04, 2019

710dcfd2

02 Mar, 2019 6 commits
- Post-2.7.16 version bump. · 67988d12
  Benjamin Peterson authored Mar 02, 2019
  
  67988d12
- Delete old NEWS file. · 9eb17b1a
  Benjamin Peterson authored Mar 02, 2019
  
  9eb17b1a
- Merge branch 'release-2.7.16' into 2.7 · d31b1ec4
  Benjamin Peterson authored Mar 02, 2019
  
  d31b1ec4
- Set version to 2.7.16 final. · 413a4914
  Benjamin Peterson authored Mar 02, 2019
  
  413a4914
- Make 2.7.16 release note. · 10b8873e
  Benjamin Peterson authored Mar 02, 2019
  
  10b8873e
- bpo-32129: Avoid blurry IDLE application icon on macOS with Tk 8.6. Original... · 59e824b4
  Ned Deily authored Mar 01, 2019
```
bpo-32129: Avoid blurry IDLE application icon on macOS with Tk 8.6. Original patch by Kevin Walzer. (GH-12034)
```
  59e824b4
01 Mar, 2019 1 commit
- bpo-32129: Avoid blurry IDLE application icon on macOS with Tk 8.6. Original... · 453100f6
  Ned Deily authored Mar 01, 2019
```
bpo-32129: Avoid blurry IDLE application icon on macOS with Tk 8.6. Original patch by Kevin Walzer. (GH-12034)
```
  453100f6
28 Feb, 2019 1 commit
- bpo-36126: Fix ref count leakage in structseq_repr. (GH-12035) · 69b4a17f
  Gao, Xiang authored Feb 28, 2019
  
  69b4a17f
27 Feb, 2019 2 commits
- Document the surprising sideeffect PyErr_Print(). (GH-12081) · a5883433
  Miss Islington (bot) authored Feb 27, 2019
```
Did you know an API documented as printing the pending traceback would sometimes exit the process?

You do now.
(cherry picked from commit 41737720)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
```
  a5883433
- Update FAQ to point to Infrastructure Team website. (GH-12079) · 60ef9b05
  Ned Deily authored Feb 27, 2019
  
  60ef9b05
26 Feb, 2019 3 commits

[2.7] bpo-36106: resolve sinpi name clash with libm (IEEE-754 violation). (GH-12027) (GH-12050) · b545ba0a

Dima Pasechnik authored Feb 26, 2019

The standard math library (libm) may follow IEEE-754 recommendation to
include an implementation of sinPi(), i.e. sinPi(x):=sin(pi*x).
And this triggers a name clash, found by FreeBSD developer
Steve Kargl, who worked on putting sinpi into libm used on FreeBSD
(it has to be named "sinpi", not "sinPi", cf. e.g.
https://en.cppreference.com/w/c/experimental/fpext4).

b545ba0a

Run autoreconf. · af83770c
Benjamin Peterson authored Feb 25, 2019

af83770c

closes bpo-13497: Fix `broken nice` configure test. (GH-12041) · a0f656d3

Miss Islington (bot) authored Feb 25, 2019


Per POSIX, `nice(3)` requires `unistd.h` and `exit(3)` requires `stdlib.h`.

Fixing the test will prevent false positives with pedantic compilers like clang.
(cherry picked from commit 90c6face)
Co-authored-by: ngie-eign <1574099+ngie-eign@users.noreply.github.com>

a0f656d3

24 Feb, 2019 2 commits
- [2.7] bpo-27313: Avoid test_ttk_guionly ComboboxTest fail with macOS Cocoa Tk (GH-12015) · b5213f4d
  Ned Deily authored Feb 24, 2019
  
  b5213f4d
- bpo-26386: Re-enable missing widget testcases in test_ttk_guionly. (GH-12014) · 72ff2f75
  Ned Deily authored Feb 24, 2019
  
  72ff2f75
23 Feb, 2019 1 commit
- bpo-36089: Fix formatting/spelling on SimpleHTTPServer docs. (GH-11995) · c7be5520
  Alan Grgic authored Feb 22, 2019
  
  c7be5520
19 Feb, 2019 3 commits

bpo-35584: Clarify role of caret in a class class (GH-11946) (GH-11948) · 6ee41793

Miss Islington (bot) authored Feb 19, 2019

https://bugs.python.org/issue35584
(cherry picked from commit 3bacf612)
Co-authored-by: Raymond Hettinger <rhettinger@users.noreply.github.com>

6ee41793

[2.7] bpo-35126: Fix a mistake in FAQ about converting number to string (GH-11911) · c611db49
Stéphane Wirtel authored Feb 19, 2019
```
https://bugs.python.org/issue35126
```
c611db49

[2.7] bpo-1104: msilib.SummaryInfo.GetProperty() truncates the string by one... · d5409eb6

Tzu-ping Chung authored Feb 19, 2019

[2.7] bpo-1104: msilib.SummaryInfo.GetProperty() truncates the string by one character (GH-4517) (GH-11749)



Add one char to MsiSummaryInfoGetProperty() output
Based on the patch in [bpo-1104](https://bugs.python.org/issue1104) by Anthony Tuininga (atuining) and Mark McMahon (markm)
(cherry picked from commit 2de576e1)
Co-authored-by: Tzu-ping Chung <uranusjr@gmail.com>





https://bugs.python.org/issue1104

d5409eb6

17 Feb, 2019 2 commits
- Set version to 2.7.16rc1+. · 49778ada
  Benjamin Peterson authored Feb 17, 2019
  
  49778ada
- Add product codes until the end of time. (GH-11901) · bd6c3960
  Steve Dower authored Feb 16, 2019
  
  bd6c3960
16 Feb, 2019 3 commits
- Set version to 2.7.16rc1. · baacaac0
  Benjamin Peterson authored Feb 16, 2019
  
  baacaac0
- Collect 2.7.16rc1 release notes. · 44039c2c
  Benjamin Peterson authored Feb 16, 2019
  
  44039c2c
- Update IDLE.app plist copyright date. (GH-11890) · b27e3055
  Ned Deily authored Feb 16, 2019
  
  b27e3055
15 Feb, 2019 6 commits

[2.7] bpo-33570: Enable OpenSSL 1.1.1 testing within the multissltests (GH-11879) · c3c49ec5
stratakis authored Feb 15, 2019
```
multissltests: fix _build_src(), add 'cwd' variable.
```
c3c49ec5

[2.7] bpo-32947: Fixes for TLS 1.3 and OpenSSL 1.1.1 (GH-8761) (GH-11876) · 2149a9ad

stratakis authored Feb 15, 2019

Backport of TLS 1.3 related fixes from 3.7.

Misc fixes and workarounds for compatibility with OpenSSL 1.1.1 from git
master and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by
default. Some test cases only apply to TLS 1.2.

OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS
1.3. The feature is enabled by default for maximum compatibility with
broken middle boxes. Users should be able to disable the hack and CPython's test suite needs
it to verify default options
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 2a4ee8aa01d61b6a9c8e9c65c211e61bdb471826)

2149a9ad

Fixup from test_ssl test_default_ecdh_curve (GH-11877) · 28eb87f4
stratakis authored Feb 15, 2019
```
Partial backport from cb5b68abCo-authored-by: Christian Heimes <christian@python.org>
```
28eb87f4

[2.7] bpo-28043: improved default settings for SSLContext (GH-10608) · b8eaec69

stratakis authored Feb 15, 2019

The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE,
OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except
for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3)
are set by default. The initial cipher suite list contains only
HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).

(cherry picked from commit 358cfd42)

b8eaec69

[2.7] bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976) (GH-8760) (GH-10607) · c49f63c1

stratakis authored Feb 15, 2019

Change TLS 1.3 cipher suite settings for compatibility with OpenSSL
1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by
default.

Also update multissltests to test with latest OpenSSL.

Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 3e630c541b35c96bfe5619165255e559f577ee71)
Co-authored-by: Christian Heimes <christian@python.org>

c49f63c1

bpo-35746: Credit Colin Read and Nicolas Edet (GH-11866) · 826a8b70
Victor Stinner authored Feb 15, 2019
```
Add credit for the cert parser vulnerability. Mention also Cisco
TALOS-2018-0758 identifier.
```
826a8b70

10 Feb, 2019 1 commit
- Doc sidebar: 3.6 has moved to security-fix mode. (GH-11810) · 2f1a317d
  Miss Islington (bot) authored Feb 10, 2019
```
(cherry picked from commit 9db56fb8)
Co-authored-by: Julien Palard <julien@palard.fr>
```
  2f1a317d
06 Feb, 2019 1 commit
- [2.7] Fix url to core-mentorship mailing list (GH-11775). (GH-11778) · 8fe830d3
  Mariatta authored Feb 06, 2019
```
(cherry picked from commit e9bc4172)
Co-authored-by: Mariatta <Mariatta@users.noreply.github.com>
```
  8fe830d3
02 Feb, 2019 1 commit
- bpo-25592: Improve documentation of distutils data_files (GH-9767) (GH-11734) · 40a101df
  Miss Islington (bot) authored Feb 02, 2019
```
(cherry picked from commit 598e15d4)
Co-authored-by: jdemeyer <J.Demeyer@UGent.be>
```
  40a101df
15 Jan, 2019 2 commits

bpo-35746: Fix segfault in ssl's cert parser (GH-11569) · 06b15424

Miss Islington (bot) authored Jan 15, 2019


Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue35746
(cherry picked from commit a37f5243)
Co-authored-by: Christian Heimes <christian@python.org>

06b15424

[2.7] bpo-8765: Deprecate writing unicode to binary streams in Py3k mode. (GH-11127) · 1462234b
Serhiy Storchaka authored Jan 15, 2019

1462234b

12 Jan, 2019 1 commit
- bpo-34512: Document platform-specific strftime() behavior for non-ASCII format strings (GH-8948) · 77b80c95
  Miss Islington (bot) authored Jan 12, 2019
```
(cherry picked from commit 1cffd0ee)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
```
  77b80c95