merge with 3.3

diff --cc Doc/library/http.client.rst
Simple merge

diff --cc Doc/library/ssl.rst
Simple merge

diff --cc Lib/http/client.py
Simple merge

diff --cc Lib/imaplib.py
Simple merge

diff --cc Lib/nntplib.py
Simple merge

diff --cc Lib/poplib.py
Simple merge

diff --cc Lib/ssl.py
Simple merge

diff --cc Lib/test/test_httplib.py
Simple merge

diff --cc Lib/test/test_imaplib.py
Simple merge

diff --cc Lib/test/test_nntplib.py
Simple merge

diff --cc Lib/test/test_poplib.py
index 935848bc5f29a16446450d136ce4885825bc1dc4,28e6a6bfc72b39aa4aeb254f86e6e42d50c98de6..dd51ac99d73a0e3ad682497b2a7a67197e7b2c07
--- 1/Lib/test/test_poplib.py
--- 2/Lib/test/test_poplib.py
+++ b/Lib/test/test_poplib.py
@@@ -379,39 -318,6 +383,45 @@@ if SUPPORTS_SSL
              self.assertIs(self.client.sock.context, ctx)
              self.assertTrue(self.client.noop().startswith(b'+OK'))
  
-                 self.client.quit()
 +        def test_stls(self):
 +            self.assertRaises(poplib.error_proto, self.client.stls)
 +
 +        test_stls_context = test_stls
 +
 +        def test_stls_capa(self):
 +            capa = self.client.capa()
 +            self.assertFalse('STLS' in capa.keys())
 +
 +
 +    class TestPOP3_TLSClass(TestPOP3Class):
 +        # repeat previous tests by using poplib.POP3.stls()
 +
 +        def setUp(self):
 +            self.server = DummyPOP3Server((HOST, PORT))
 +            self.server.start()
 +            self.client = poplib.POP3(self.server.host, self.server.port, timeout=3)
 +            self.client.stls()
 +
 +        def tearDown(self):
 +            if self.client.file is not None and self.client.sock is not None:
++                try:
++                    self.client.quit()
++                except poplib.error_proto:
++                    # happens in the test_too_long_lines case; the overlong
++                    # response will be treated as response to QUIT and raise
++                    # this exception
++                    pass
 +            self.server.stop()
 +
 +        def test_stls(self):
 +            self.assertRaises(poplib.error_proto, self.client.stls)
 +
 +        test_stls_context = test_stls
 +
 +        def test_stls_capa(self):
 +            capa = self.client.capa()
 +            self.assertFalse(b'STLS' in capa.keys())
 +
  
  class TestTimeouts(TestCase):
  

diff --cc Lib/test/test_ssl.py
Simple merge

diff --cc Misc/NEWS
index 432a7c9fb3cc6ded06cd85d58f03ec0f85dc4b6a,6d01b355991fec86d00c14c75db82583ae73af6b..3ba4e5c9ee82c82f2314eb5c95fc7a6bae9a28f6
--- 1/Misc/NEWS
--- 2/Misc/NEWS
+++ b/Misc/NEWS
@@@ -21,13 -81,24 +21,31 @@@ Core and Builtin
  Library
  -------
  
 +- Issue #19329: Optimized compiling charsets in regular expressions.
 +
+ - Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
+   100 headers are read.  Adapted from patch by Jyrki Pulliainen.
+ 
+ - Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to
+   prevent readline() calls from consuming too much memory.  Patch by Jyrki
+   Pulliainen.
+ 
+ - Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
+   prevent readline() calls from consuming too much memory.  Patch by Jyrki
+   Pulliainen.
+ 
+ - Issue #17997: Change behavior of ``ssl.match_hostname()`` to follow RFC 6125,
+   for security reasons.  It now doesn't match multiple wildcards nor wildcards
+   inside IDN fragments.
+ 
+ - Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit
+   line length.  Patch by Emil Lind.
+ 
 +- Issue #19330: the unnecessary wrapper functions have been removed from the
 +  implementations of the new contextlib.redirect_stdout and
 +  contextlib.suppress context managers, which also ensures they provide
 +  reasonable help() output on instances
 +
  - Issue #19393: Fix symtable.symtable function to not be confused when there are
    functions or classes named "top".