- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
changes behavior of makedirs when exist_ok=True.
-- Issue #20246: Fix buffer overflow in socket.recvfrom_into.
-
-- Issue #12226: HTTPS is now used by default when connecting to PyPI.
-
-- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler.
+- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
+ Patch by Claudiu Popa.
-- Issue #14984: On POSIX systems, when netrc is called without a filename
- argument (and therefore is reading the user's $HOME/.netrc file), it now
- enforces the same security rules as typical ftp clients: the .netrc file must
- be owned by the user that owns the process and must not be readable by any
- other user.
+- Issue #11599: When an external command (e.g. compiler) fails, distutils now
+ prints out the whole command line (instead of just the command name) if the
+ environment variable DISTUTILS_DEBUG is set.
-- Fix tkinter regression introduced by the security fix in issue #16248.
+- Issue #4931: distutils should not produce unhelpful "error: None" messages
+ anymore. distutils.util.grok_environment_error is kept but doc-deprecated.
-- Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of
- service using certificates with many wildcards (CVE-2013-2099).
+- Issue #20283: RE pattern methods now accept the string keyword parameters
+ as documented. The pattern and source keyword parameters are left as
+ deprecated aliases.
+ - Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
+ broken by the fix for security issue #19435. Patch by Zach Byrne.
+
+Tests
+-----
+
+- Issue #17752: Fix distutils tests when run from the installed location.
+
+- Issue #20946: Correct alignment assumptions of some ctypes tests.
+
+- Issue #20939: Fix test_geturl failure in test_urllibnet due to
+ new redirect of http://www.python.org/ to https://www.python.org.
-What's New in Python 3.2.5?
+
+What's New in Python 3.3.5?
===========================
-*Release date: 13-May-2013*
+*Release date: 09-Mar-2014*
-Library
--------
+No changes from release candidate 2.
-- Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of
- service using certificates with many wildcards (CVE-2013-2099).
-- Issue #17192: Restore the patch for Issue #11729 and Issue #10309
- which were omitted in 3.2.4 when updating the bundled version of
- libffi used by ctypes.
+What's New in Python 3.3.5 release candidate 2?
+===============================================
-- Issue #15535: Fix namedtuple pickles which were picking up the OrderedDict
- instead of just the underlying tuple.
+*Release date: 02-Mar-2014*
-- Issue #1159051: Back out a fix for handling corrupted gzip files that
- broke backwards compatibility.
+Core and Builtins
+-----------------
-- Issue #17915: Fix interoperability of xml.sax with file objects returned by
- codecs.open().
+- Issue #20731: Properly position in source code files even if they
+ are opened in text mode. Patch by Serhiy Storchaka.
-Build
------
+- Issue #19619: str.encode, bytes.decode and bytearray.decode now use an
+ internal API to throw LookupError for known non-text encodings, rather
+ than attempting the encoding or decoding operation and then throwing a
+ TypeError for an unexpected output type. (The latter mechanism remains
+ in place for third party non-text encodings)
-- Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3,
- such as was shipped with Centos 5 and Mac OS X 10.4.
+Library
+-------
-Tests
------
+- Issue #20778: Fix modulefinder to work with bytecode-only modules.
-- Issue #17843: Removed bz2 test data file that was triggering false-positive
- virus warnings with certain antivirus software.
+- Issue #20791: copy.copy() now doesn't make a copy when the input is
+ a bytes object. Initial patch by Peter Otten.
+- Issue #20621: Fixes a zipimport bug introduced in 3.3.4 that could cause
+ spurious crashes or SystemErrors when importing modules or packages from a
+ zip file. The change causing the problem was reverted.
-What's New in Python 3.2.4?
-===========================
+- Issue #20404: io.TextIOWrapper (and hence the open() builtin) now uses the
+ internal codec marking system added for issue #19619 to throw LookupError
+ for known non-text encodings at stream construction time. The existing
+ output type checks remain in place to deal with unmarked third party
+ codecs.
-*Release date: 07-Apr-2013*
+Tests
+-----
-Library
--------
+- Issue #20743: Fix a reference leak in test_tcl.
-- Issue #17625: In IDLE, close the replace dialog after it is used.
+Tools/Demos
+-----------
+- Issue #20535: PYTHONWARNING no longer affects the run_tests.py script.
+ Patch by Arfrever Frehtes Taifersar Arahesis.
-What's New in Python 3.2.4 release candidate 1?
+
+What's New in Python 3.3.5 release candidate 1?
===============================================
-*Release date: 24-Mar-2013*
+*Release date: 23-Feb-2014*
Core and Builtins
-----------------
projects / python / commitdiff