--- /dev/null
+.. bpo: 32997
+.. date: 2018-03-05-10-14-42
+.. nonce: hp2s8n
+.. release date: 2018-04-14
+.. section: Security
+
+A regex in fpformat was vulnerable to catastrophic backtracking. This regex
+was a potential DOS vector (REDOS). Based on typical uses of fpformat the
+risk seems low. The regex has been refactored and is now safe. Patch by
+Jamie Davis.
+
+..
+
+.. bpo: 32981
+.. date: 2018-03-02-10-24-52
+.. nonce: O_qDyj
+.. section: Security
+
+Regexes in difflib and poplib were vulnerable to catastrophic backtracking.
+These regexes formed potential DOS vectors (REDOS). They have been
+refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch by Jamie
+Davis.
+
+..
+
+.. bpo: 31339
+.. date: 2017-09-04-21-24-51
+.. nonce: YSczZN
+.. section: Security
+
+Rewrite time.asctime() and time.ctime(). Backport and adapt the _asctime()
+function from the master branch to not depend on the implementation of
+asctime() and ctime() from the external C library. This change fixes a bug
+when Python is run using the musl C library.
+
+..
+
+.. bpo: 30730
+.. date: 060
+.. nonce: rJsyTH
+.. original section: Library
+.. section: Security
+
+Prevent environment variables injection in subprocess on Windows. Prevent
+passing other environment variables and command arguments.
+
+..
+
+.. bpo: 30694
+.. date: 059
+.. nonce: WkMWM_
+.. original section: Library
+.. section: Security
+
+Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple security
+vulnerabilities including: CVE-2017-9233 (External entity infinite loop
+DoS), CVE-2016-9063 (Integer overflow, re-fix), CVE-2016-0718 (Fix
+regression bugs from 2.2.0's fix to CVE-2016-0718) and CVE-2012-0876
+(Counter hash flooding with SipHash). Note: the CVE-2016-5300 (Use os-
+specific entropy sources like getrandom) doesn't impact Python, since Python
+already gets entropy from the OS to set the expat secret using
+``XML_SetHashSalt()``.
+
+..
+
+.. bpo: 30500
+.. date: 058
+.. nonce: j5KrEp
+.. original section: Library
+.. section: Security
+
+Fix urllib.splithost() to correctly parse fragments. For example,
+``splithost('//127.0.0.1#@evil.com/')`` now correctly returns the
+``127.0.0.1`` host, instead of treating ``@evil.com`` as the host in an
+authentification (``login@host``).
+
+..
+
+.. bpo: 29591
+.. date: 057
+.. nonce: ExKblw
+.. original section: Library
+.. section: Security
+
+Update expat copy from 2.1.1 to 2.2.0 to get fixes of CVE-2016-0718 and
+CVE-2016-4472. See https://sourceforge.net/p/expat/bugs/537/ for more
+information.
+
+..
+
+.. bpo: 33026
+.. date: 2018-03-08-09-48-38
+.. nonce: QZA3Ba
+.. section: Core and Builtins
+
+Fixed jumping out of "with" block by setting f_lineno.
+
+..
+
+.. bpo: 17288
+.. date: 2018-02-27-13-36-21
+.. nonce: Gdj24S
+.. section: Core and Builtins
+
+Prevent jumps from 'return' and 'exception' trace events.
+
+..
+
+.. bpo: 18533
+.. date: 2017-12-13-16-46-23
+.. nonce: Dlk8d7
+.. section: Core and Builtins
+
+``repr()`` on a dict containing its own ``viewvalues()`` or ``viewitems()``
+no longer raises ``RuntimeError``. Instead, use ``...``, as for other
+recursive structures. Patch by Ben North.
+
+..
+
+.. bpo: 10544
+.. date: 2017-11-27-08-37-34
+.. nonce: 07nioT
+.. section: Core and Builtins
+
+Yield expressions are now deprecated in comprehensions and generator
+expressions when checking Python 3 compatibility. They are still permitted
+in the definition of the outermost iterable, as that is evaluated directly
+in the enclosing scope.
+
+..
+
+.. bpo: 32137
+.. date: 2017-11-26-14-36-30
+.. nonce: Stj5nL
+.. section: Core and Builtins
+
+The repr of deeply nested dict now raises a RecursionError instead of
+crashing due to a stack overflow.
+
+..
+
+.. bpo: 20047
+.. date: 2017-10-28-19-11-05
+.. nonce: GuNAto
+.. section: Core and Builtins
+
+Bytearray methods partition() and rpartition() now accept only bytes-like
+objects as separator, as documented. In particular they now raise TypeError
+rather of returning a bogus result when an integer is passed as a separator.
+
+..
+
+.. bpo: 31733
+.. date: 2017-10-09-15-46-37
+.. nonce: pIf17N
+.. section: Core and Builtins
+
+Add a new PYTHONSHOWREFCOUNT environment variable. In debug mode, Python now
+only print the total reference count if PYTHONSHOWREFCOUNT is set.
+
+..
+
+.. bpo: 31692
+.. date: 2017-10-09-11-03-13
+.. nonce: 5-bpdk
+.. section: Core and Builtins
+
+Add a new PYTHONSHOWALLOCCOUNT environment variable. When Python is compiled
+with COUNT_ALLOCS, PYTHONSHOWALLOCCOUNT now has to be set to dump allocation
+counts into stderr on shutdown. Moreover, allocations statistics are now
+dumped into stderr rather than stdout.
+
+..
+
+.. bpo: 31478
+.. date: 2017-10-01-18-59-40
+.. nonce: owtqoO
+.. section: Core and Builtins
+
+Prevent unwanted behavior in `_random.Random.seed()` in case the argument
+has a bad ``__abs__()`` method. Patch by Oren Milman.
+
+..
+
+.. bpo: 31530
+.. date: 2017-09-20-18-28-09
+.. nonce: CdLOM7
+.. section: Core and Builtins
+
+Fixed crashes when iterating over a file on multiple threads.
+
+..
+
+.. bpo: 31490
+.. date: 2017-09-16-13-32-35
+.. nonce: r7m2sj
+.. section: Core and Builtins
+
+Fix an assertion failure in `ctypes` class definition, in case the class has
+an attribute whose name is specified in ``_anonymous_`` but not in
+``_fields_``. Patch by Oren Milman.
+
+..
+
+.. bpo: 31411
+.. date: 2017-09-11-08-50-41
+.. nonce: HZz82I
+.. section: Core and Builtins
+
+Raise a TypeError instead of SystemError in case warnings.onceregistry is
+not a dictionary. Patch by Oren Milman.
+
+..
+
+.. bpo: 31343
+.. date: 2017-09-04-14-57-27
+.. nonce: Kl_fS5
+.. section: Core and Builtins
+
+Include sys/sysmacros.h for major(), minor(), and makedev(). GNU C libray
+plans to remove the functions from sys/types.h.
+
+..
+
+.. bpo: 31311
+.. date: 2017-08-31-17-52-56
+.. nonce: bNE2l-
+.. section: Core and Builtins
+
+Fix a crash in the ``__setstate__()`` method of `ctypes._CData`, in case of
+a bad ``__dict__``. Patch by Oren Milman.
+
+..
+
+.. bpo: 31243
+.. date: 2017-08-29-14-24-34
+.. nonce: tr0E4V
+.. section: Core and Builtins
+
+Fix a crash in some methods of `io.TextIOWrapper`, when the decoder's state
+is invalid. Patch by Oren Milman.
+
+..
+
+.. bpo: 31095
+.. date: 2017-08-01-18-48-30
+.. nonce: bXWZDb
+.. section: Core and Builtins
+
+Fix potential crash during GC caused by ``tp_dealloc`` which doesn't call
+``PyObject_GC_UnTrack()``.
+
+..
+
+.. bpo: 30657
+.. date: 073
+.. nonce: Q_r7JJ
+.. section: Core and Builtins
+
+Fixed possible integer overflow in PyString_DecodeEscape. Patch by Jay
+Bosamiya.
+
+..
+
+.. bpo: 27945
+.. date: 072
+.. nonce: p29r3O
+.. section: Core and Builtins
+
+Fixed various segfaults with dict when input collections are mutated during
+searching, inserting or comparing. Based on patches by Duane Griffin and
+Tim Mitchell.
+
+..
+
+.. bpo: 25794
+.. date: 071
+.. nonce: j0nJ5x
+.. section: Core and Builtins
+
+Fixed type.__setattr__() and type.__delattr__() for non-interned or unicode
+attribute names. Based on patch by Eryk Sun.
+
+..
+
+.. bpo: 29935
+.. date: 070
+.. nonce: 2ZTSxR
+.. section: Core and Builtins
+
+Fixed error messages in the index() method of tuple and list when pass
+indices of wrong type.
+
+..
+
+.. bpo: 28598
+.. date: 069
+.. nonce: QxbzQn
+.. section: Core and Builtins
+
+Support __rmod__ for subclasses of str being called before str.__mod__.
+Patch by Martijn Pieters.
+
+..
+
+.. bpo: 29602
+.. date: 068
+.. nonce: qyyskC
+.. section: Core and Builtins
+
+Fix incorrect handling of signed zeros in complex constructor for complex
+subclasses and for inputs having a __complex__ method. Patch by Serhiy
+Storchaka.
+
+..
+
+.. bpo: 29347
+.. date: 067
+.. nonce: 1RPPGN
+.. section: Core and Builtins
+
+Fixed possibly dereferencing undefined pointers when creating weakref
+objects.
+
+..
+
+.. bpo: 14376
+.. date: 066
+.. nonce: xrKNqX
+.. section: Core and Builtins
+
+Allow sys.exit to accept longs as well as ints. Patch by Gareth Rees.
+
+..
+
+.. bpo: 29028
+.. date: 065
+.. nonce: BxGcd9
+.. section: Core and Builtins
+
+Fixed possible use-after-free bugs in the subscription of the buffer object
+with custom index object.
+
+..
+
+.. bpo: 29145
+.. date: 064
+.. nonce: 2x5NOb
+.. section: Core and Builtins
+
+Fix overflow checks in string, bytearray and unicode. Patch by jan matejek
+and Xiang Zhang.
+
+..
+
+.. bpo: 28932
+.. date: 063
+.. nonce: QnLx8A
+.. section: Core and Builtins
+
+Do not include <sys/random.h> if it does not exist.
+
+..
+
+.. bpo: 33096
+.. date: 2018-03-25-13-18-16
+.. nonce: ofdbe7
+.. section: Library
+
+Allow ttk.Treeview.insert to insert iid that has a false boolean value. Note
+iid=0 and iid=False would be same. Patch by Garvit Khatri.
+
+..
+
+.. bpo: 33127
+.. date: 2018-03-24-15-08-24
+.. nonce: olJmHv
+.. section: Library
+
+The ssl module now compiles with LibreSSL 2.7.1.
+
+..
+
+.. bpo: 30622
+.. date: 2018-02-24-21-40-42
+.. nonce: dQjxSe
+.. section: Library
+
+The ssl module now detects missing NPN support in LibreSSL.
+
+..
+
+.. bpo: 21060
+.. date: 2018-02-17-19-20-19
+.. nonce: S1Z-x6
+.. section: Library
+
+Rewrite confusing message from setup.py upload from "No dist file created in
+earlier command" to the more helpful "Must create and upload files in one
+command".
+
+..
+
+.. bpo: 30157
+.. date: 2018-02-09-14-44-43
+.. nonce: lEiiAK
+.. section: Library
+
+Fixed guessing quote and delimiter in csv.Sniffer.sniff() when only the last
+field is quoted. Patch by Jake Davis.
+
+..
+
+.. bpo: 32647
+.. date: 2018-02-05-13-31-42
+.. nonce: ktmfR_
+.. section: Library
+
+The ctypes module used to depend on indirect linking for dlopen. The shared
+extension is now explicitly linked against libdl on platforms with dl.
+
+..
+
+.. bpo: 32304
+.. date: 2018-01-21-16-33-53
+.. nonce: TItrNv
+.. section: Library
+
+distutils' upload command no longer corrupts tar files ending with a CR
+byte, and no longer tries to convert CR to CRLF in any of the upload text
+fields.
+
+..
+
+.. bpo: 31848
+.. date: 2018-01-18-23-34-17
+.. nonce: M2cldy
+.. section: Library
+
+Fix the error handling in Aifc_read.initfp() when the SSND chunk is not
+found. Patch by Zackery Spytz.
+
+..
+
+.. bpo: 32521
+.. date: 2018-01-15-12-53-13
+.. nonce: IxX4Ba
+.. section: Library
+
+The nis module is now compatible with new libnsl and headers location.
+
+..
+
+.. bpo: 32539
+.. date: 2018-01-12-09-20-22
+.. nonce: D7AbdE
+.. section: Library
+
+Fix ``OSError`` for ``os.listdir`` with deep paths (starting with ``\\?\``)
+on windows. Patch by Anthony Sottile.
+
+..
+
+.. bpo: 32521
+.. date: 2018-01-08-18-02-33
+.. nonce: Kh-KoN
+.. section: Library
+
+glibc has removed Sun RPC. Use replacement libtirpc headers and library in
+nis module.
+
+..
+
+.. bpo: 18035
+.. date: 2017-12-29-15-16-56
+.. nonce: c6rdCt
+.. section: Library
+
+``telnetlib``: ``select.error`` doesn't have an ``errno`` attribute. Patch
+by Segev Finer.
+
+..
+
+.. bpo: 32185
+.. date: 2017-12-20-09-25-10
+.. nonce: IL0cMt
+.. section: Library
+
+The SSL module no longer sends IP addresses in SNI TLS extension on
+platforms with OpenSSL 1.0.2+ or inet_pton.
+
+..
+
+.. bpo: 32186
+.. date: 2017-11-30-20-33-22
+.. nonce: O42bVe
+.. section: Library
+
+Creating io.FileIO() and builtin file() objects now release the GIL when
+checking the file descriptor. io.FileIO.readall(), io.FileIO.read(), and
+file.read() now release the GIL when getting the file size. Fixed hang of
+all threads with inaccessible NFS server. Patch by Nir Soffer.
+
+..
+
+.. bpo: 32110
+.. date: 2017-11-22-09-44-15
+.. nonce: VJa9bo
+.. section: Library
+
+``codecs.StreamReader.read(n)`` now returns not more than *n*
+characters/bytes for non-negative *n*. This makes it compatible with
+``read()`` methods of other file-like objects.
+
+..
+
+.. bpo: 21149
+.. date: 2017-11-10-17-19-24
+.. nonce: 8UVfeT
+.. section: Library
+
+Silence a `'NoneType' object is not callable` in `_removeHandlerRef` error
+that could happen when a logging Handler is destroyed as part of cyclic
+garbage collection during process shutdown.
+
+..
+
+.. bpo: 31764
+.. date: 2017-11-08-11-02-01
+.. nonce: gtlhKj
+.. section: Library
+
+Prevent a crash in ``sqlite3.Cursor.close()`` in case the ``Cursor`` object
+is uninitialized. Patch by Oren Milman.
+
+..
+
+.. bpo: 31955
+.. date: 2017-11-07-19-12-25
+.. nonce: 1DWu-S
+.. section: Library
+
+Fix CCompiler.set_executable() of distutils to handle properly Unicode
+strings.
+
+..
+
+.. bpo: 9678
+.. date: 2017-11-03-22-05-47
+.. nonce: oD51q6
+.. section: Library
+
+Fixed determining the MAC address in the uuid module:
+
+* Using ifconfig on NetBSD and OpenBSD.
+* Using arp on Linux, FreeBSD, NetBSD and OpenBSD.
+
+Based on patch by Takayuki Shimizukawa.
+
+..
+
+.. bpo: 30057
+.. date: 2017-11-03-19-11-43
+.. nonce: NCaijI
+.. section: Library
+
+Fix potential missed signal in signal.signal().
+
+..
+
+.. bpo: 31927
+.. date: 2017-11-02-18-26-40
+.. nonce: 40K6kp
+.. section: Library
+
+Fixed reading arbitrary data when parse a AF_BLUETOOTH address on NetBSD and
+DragonFly BSD.
+
+..
+
+.. bpo: 27666
+.. date: 2017-11-01-18-13-42
+.. nonce: j2zRnF
+.. section: Library
+
+Fixed stack corruption in curses.box() and curses.ungetmouse() when the size
+of types chtype or mmask_t is less than the size of C long. curses.box()
+now accepts characters as arguments. Based on patch by Steve Fink.
+
+..
+
+.. bpo: 25720
+.. date: 2017-10-29-17-52-40
+.. nonce: vSvb5h
+.. section: Library
+
+Fix the method for checking pad state of curses WINDOW. Patch by Masayuki
+Yamamoto.
+
+..
+
+.. bpo: 31893
+.. date: 2017-10-29-13-51-01
+.. nonce: 8LZKEz
+.. section: Library
+
+Fixed the layout of the kqueue_event structure on OpenBSD and NetBSD. Fixed
+the comparison of the kqueue_event objects.
+
+..
+
+.. bpo: 31891
+.. date: 2017-10-29-11-23-24
+.. nonce: 9kAPha
+.. section: Library
+
+Fixed building the curses module on NetBSD.
+
+..
+
+.. bpo: 30058
+.. date: 2017-10-12-19-00-53
+.. nonce: cENtry
+.. section: Library
+
+Fixed buffer overflow in select.kqueue.control().
+
+..
+
+.. bpo: 31770
+.. date: 2017-10-12-18-45-38
+.. nonce: GV3MPx
+.. section: Library
+
+Prevent a crash when calling the ``__init__()`` method of a
+``sqlite3.Cursor`` object more than once. Patch by Oren Milman.
+
+..
+
+.. bpo: 31728
+.. date: 2017-10-11-13-05-19
+.. nonce: XrVMME
+.. section: Library
+
+Prevent crashes in `_elementtree` due to unsafe cleanup of `Element.text`
+and `Element.tail`. Patch by Oren Milman.
+
+..
+
+.. bpo: 31752
+.. date: 2017-10-11-00-45-01
+.. nonce: DhWevN
+.. section: Library
+
+Fix possible crash in timedelta constructor called with custom integers.
+
+..
+
+.. bpo: 31681
+.. date: 2017-10-03-15-41-08
+.. nonce: sOJMKV
+.. section: Library
+
+Fix pkgutil.get_data to avoid leaking open files.
+
+..
+
+.. bpo: 31675
+.. date: 2017-10-03-15-06-24
+.. nonce: Nh7jJ3
+.. section: Library
+
+Fixed memory leaks in Tkinter's methods splitlist() and split() when pass a
+string larger than 2 GiB.
+
+..
+
+.. bpo: 30806
+.. date: 2017-09-29
+.. nonce: lP5GrH
+.. section: Library
+
+Fix the string representation of a netrc object.
+
+..
+
+.. bpo: 30347
+.. date: 2017-09-25-14-04-30
+.. nonce: B4--_D
+.. section: Library
+
+Stop crashes when concurrently iterate over itertools.groupby() iterators.
+
+..
+
+.. bpo: 25732
+.. date: 2017-09-25-13-10-08
+.. nonce: RWWgzg
+.. section: Library
+
+`functools.total_ordering()` now implements the `__ne__` method.
+
+..
+
+.. bpo: 31351
+.. date: 2017-09-17-15-24-25
+.. nonce: yQdKv-
+.. section: Library
+
+python -m ensurepip now exits with non-zero exit code if pip bootstrapping
+has failed.
+
+..
+
+.. bpo: 31544
+.. date: 2017-09-13-19-55-35
+.. nonce: beTh6t
+.. section: Library
+
+The C accelerator module of ElementTree ignored exceptions raised when
+looking up TreeBuilder target methods in XMLParser().
+
+..
+
+.. bpo: 31455
+.. date: 2017-09-13-19-55-35
+.. nonce: beTh6t
+.. section: Library
+
+The C accelerator module of ElementTree ignored exceptions raised when
+looking up TreeBuilder target methods in XMLParser().
+
+..
+
+.. bpo: 25404
+.. date: 2017-09-08-11-04-10
+.. nonce: pXetCl
+.. section: Library
+
+SSLContext.load_dh_params() now supports non-ASCII path.
+
+..
+
+.. bpo: 28958
+.. date: 2017-09-06-19-41-01
+.. nonce: x4-K5F
+.. section: Library
+
+ssl.SSLContext() now uses OpenSSL error information when a context cannot be
+instantiated.
+
+..
+
+.. bpo: 27448
+.. date: 2017-09-05-10-55-50
+.. nonce: QdAqzZ
+.. section: Library
+
+Work around a `gc.disable()` race condition in the `subprocess` module that
+could leave garbage collection disabled when multiple threads are spawning
+subprocesses at once. Users are *strongly encouraged* to use the
+`subprocess32` module from PyPI on Python 2.7 instead, it is much more
+reliable.
+
+..
+
+.. bpo: 31170
+.. date: 2017-09-04-23-41-35
+.. nonce: QGmJ1t
+.. section: Library
+
+expat: Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial
+characters for UTF-8 input (libexpat bug 115):
+https://github.com/libexpat/libexpat/issues/115
+
+..
+
+.. bpo: 29136
+.. date: 2017-09-04-16-39-49
+.. nonce: vSn1oR
+.. section: Library
+
+Add TLS 1.3 cipher suites and OP_NO_TLSv1_3.
+
+..
+
+.. bpo: 31334
+.. date: 2017-09-04-00-22-31
+.. nonce: 9WYRfi
+.. section: Library
+
+Fix ``poll.poll([timeout])`` in the ``select`` module for arbitrary negative
+timeouts on all OSes where it can only be a non-negative integer or -1.
+Patch by Riccardo Coccioli.
+
+..
+
+.. bpo: 10746
+.. date: 2017-08-28-13-01-05
+.. nonce: nmAvfu
+.. section: Library
+
+Fix ctypes producing wrong PEP 3118 type codes for integer types.
+
+..
+
+.. bpo: 30102
+.. date: 2017-08-16-21-14-31
+.. nonce: 1sPqmc
+.. section: Library
+
+The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on
+OpenSSL < 1.1.0. The function detects CPU features and enables optimizations
+on some CPU architectures such as POWER8. Patch is based on research from
+Gustavo Serra Scalet.
+
+..
+
+.. bpo: 30502
+.. date: 2017-07-27-11-33-58
+.. nonce: GJlfU8
+.. section: Library
+
+Fix handling of long oids in ssl. Based on patch by Christian Heimes.
+
+..
+
+.. bpo: 25684
+.. date: 2017-07-17-11-35-00
+.. nonce: usELVx
+.. section: Library
+
+Change ``ttk.OptionMenu`` radiobuttons to be unique across instances of
+``OptionMenu``.
+
+..
+
+.. bpo: 29169
+.. date: 062
+.. nonce: 8ypApm
+.. section: Library
+
+Update zlib to 1.2.11.
+
+..
+
+.. bpo: 30746
+.. date: 061
+.. nonce: 7drQI0
+.. section: Library
+
+Prohibited the '=' character in environment variable names in
+``os.putenv()`` and ``os.spawn*()``.
+
+..
+
+.. bpo: 28994
+.. date: 056
+.. nonce: 9vzun1
+.. section: Library
+
+The traceback no longer displayed for SystemExit raised in a callback
+registered by atexit.
+
+..
+
+.. bpo: 30418
+.. date: 055
+.. nonce: EwISQm
+.. section: Library
+
+On Windows, subprocess.Popen.communicate() now also ignore EINVAL on
+stdin.write() if the child process is still running but closed the pipe.
+
+..
+
+.. bpo: 30378
+.. date: 054
+.. nonce: R_19_5
+.. section: Library
+
+Fix the problem that logging.handlers.SysLogHandler cannot handle IPv6
+addresses.
+
+..
+
+.. bpo: 29960
+.. date: 053
+.. nonce: g0wr3r
+.. section: Library
+
+Preserve generator state when _random.Random.setstate() raises an exception.
+Patch by Bryan Olson.
+
+..
+
+.. bpo: 30310
+.. date: 052
+.. nonce: SAkE6e
+.. section: Library
+
+tkFont now supports unicode options (e.g. font family).
+
+..
+
+.. bpo: 30414
+.. date: 051
+.. nonce: jGl1Lb
+.. section: Library
+
+multiprocessing.Queue._feed background running thread do not break from main
+loop on exception.
+
+..
+
+.. bpo: 30003
+.. date: 050
+.. nonce: BOl9HE
+.. section: Library
+
+Fix handling escape characters in HZ codec. Based on patch by Ma Lin.
+
+..
+
+.. bpo: 30375
+.. date: 049
+.. nonce: 9c8qM7
+.. section: Library
+
+Warnings emitted when compile a regular expression now always point to the
+line in the user code. Previously they could point into inners of the re
+module if emitted from inside of groups or conditionals.
+
+..
+
+.. bpo: 30363
+.. date: 048
+.. nonce: l6J41Y
+.. section: Library
+
+Running Python with the -3 option now warns about regular expression syntax
+that is invalid or has different semantic in Python 3 or will change the
+behavior in future Python versions.
+
+..
+
+.. bpo: 30365
+.. date: 047
+.. nonce: eDwdmC
+.. section: Library
+
+Running Python with the -3 option now emits deprecation warnings for
+getchildren() and getiterator() methods of the Element class in the
+xml.etree.cElementTree module and when pass the html argument to
+xml.etree.ElementTree.XMLParser().
+
+..
+
+.. bpo: 30365
+.. date: 046
+.. nonce: XVP7_M
+.. section: Library
+
+Fixed a deprecation warning about the doctype() method of the
+xml.etree.ElementTree.XMLParser class. Now it is emitted only when define
+the doctype() method in the subclass of XMLParser.
+
+..
+
+.. bpo: 30329
+.. date: 045
+.. nonce: Yb1MTr
+.. section: Library
+
+imaplib now catchs the Windows socket WSAEINVAL error (code 10022) on
+shutdown(SHUT_RDWR): An invalid operation was attempted. This error occurs
+sometimes on SSL connections.
+
+..
+
+.. bpo: 30342
+.. date: 044
+.. nonce: 87Qgur
+.. section: Library
+
+Fix sysconfig.is_python_build() if Python is built with Visual Studio 2008
+(VS 9.0).
+
+..
+
+.. bpo: 29990
+.. date: 043
+.. nonce: HWV6KE
+.. section: Library
+
+Fix range checking in GB18030 decoder. Original patch by Ma Lin.
+
+..
+
+.. bpo: 30243
+.. date: 042
+.. nonce: RHQt0v
+.. section: Library
+
+Removed the __init__ methods of _json's scanner and encoder. Misusing them
+could cause memory leaks or crashes. Now scanner and encoder objects are
+completely initialized in the __new__ methods.
+
+..
+
+.. bpo: 26293
+.. date: 041
+.. nonce: wig0YG
+.. section: Library
+
+Change resulted because of zipfile breakage. (See also: bpo-29094)
+
+..
+
+.. bpo: 30070
+.. date: 040
+.. nonce: XM_B41
+.. section: Library
+
+Fixed leaks and crashes in errors handling in the parser module.
+
+..
+
+.. bpo: 30061
+.. date: 039
+.. nonce: ilxNPt
+.. section: Library
+
+Fixed crashes in IOBase methods next() and readlines() when readline() or
+next() respectively return non-sizeable object. Fixed possible other errors
+caused by not checking results of PyObject_Size(), PySequence_Size(), or
+PyMapping_Size().
+
+..
+
+.. bpo: 30011
+.. date: 038
+.. nonce: 2MLfQj
+.. section: Library
+
+Fixed race condition in HTMLParser.unescape().
+
+..
+
+.. bpo: 30068
+.. date: 037
+.. nonce: n4q47r
+.. section: Library
+
+_io._IOBase.readlines will check if it's closed first when hint is present.
+
+..
+
+.. bpo: 27863
+.. date: 036
+.. nonce: pPYHHI
+.. section: Library
+
+Fixed multiple crashes in ElementTree caused by race conditions and wrong
+types.
+
+..
+
+.. bpo: 29942
+.. date: 035
+.. nonce: CsGNuT
+.. section: Library
+
+Fix a crash in itertools.chain.from_iterable when encountering long runs of
+empty iterables.
+
+..
+
+.. bpo: 29861
+.. date: 034
+.. nonce: t2ZoRK
+.. section: Library
+
+Release references to tasks, their arguments and their results as soon as
+they are finished in multiprocessing.Pool.
+
+..
+
+.. bpo: 27880
+.. date: 033
+.. nonce: elFFAF
+.. section: Library
+
+Fixed integer overflow in cPickle when pickle large strings or too many
+objects.
+
+..
+
+.. bpo: 29110
+.. date: 032
+.. nonce: IBWuZ2
+.. section: Library
+
+Fix file object leak in aifc.open() when file is given as a filesystem path
+and is not in valid AIFF format. Original patch by Anthony Zhang.
+
+..
+
+.. bpo: 29354
+.. date: 031
+.. nonce: TH2vMX
+.. section: Library
+
+Fixed inspect.getargs() for parameters which are cell variables.
+
+..
+
+.. bpo: 29335
+.. date: 030
+.. nonce: _KC7IK
+.. section: Library
+
+Fix subprocess.Popen.wait() when the child process has exited to a stopped
+instead of terminated state (ex: when under ptrace).
+
+..
+
+.. bpo: 29219
+.. date: 029
+.. nonce: kxui7t
+.. section: Library
+
+Fixed infinite recursion in the repr of uninitialized ctypes.CDLL instances.
+
+..
+
+.. bpo: 29082
+.. date: 028
+.. nonce: D5Xs7F
+.. section: Library
+
+Fixed loading libraries in ctypes by unicode names on Windows. Original
+patch by Chi Hsuan Yen.
+
+..
+
+.. bpo: 29188
+.. date: 027
+.. nonce: RI3v1Q
+.. section: Library
+
+Support glibc 2.24 on Linux: don't use getentropy() function but read from
+/dev/urandom to get random bytes, for example in os.urandom(). On Linux,
+getentropy() is implemented which getrandom() is blocking mode, whereas
+os.urandom() should not block.
+
+..
+
+.. bpo: 29142
+.. date: 026
+.. nonce: _FTyvm
+.. section: Library
+
+In urllib, suffixes in no_proxy environment variable with leading dots could
+match related hostnames again (e.g. .b.c matches a.b.c). Patch by Milan
+Oberkirch.
+
+..
+
+.. bpo: 13051
+.. date: 025
+.. nonce: YzC1Te
+.. section: Library
+
+Fixed recursion errors in large or resized curses.textpad.Textbox. Based on
+patch by Tycho Andersen.
+
+..
+
+.. bpo: 9770
+.. date: 024
+.. nonce: WJJnwP
+.. section: Library
+
+curses.ascii predicates now work correctly with negative integers.
+
+..
+
+.. bpo: 28427
+.. date: 023
+.. nonce: vUd-va
+.. section: Library
+
+old keys should not remove new values from WeakValueDictionary when
+collecting from another thread.
+
+..
+
+.. bpo: 28998
+.. date: 022
+.. nonce: NfBgmb
+.. section: Library
+
+More APIs now support longs as well as ints.
+
+..
+
+.. bpo: 28923
+.. date: 021
+.. nonce: _hrXiL
+.. section: Library
+
+Remove editor artifacts from Tix.py, including encoding not recognized by
+codecs.lookup.
+
+..
+
+.. bpo: 29019
+.. date: 020
+.. nonce: MO2AeR
+.. section: Library
+
+Fix dict.fromkeys(x) overallocates when x is sparce dict. Original patch by
+Rasmus Villemoes.
+
+..
+
+.. bpo: 19542
+.. date: 019
+.. nonce: 5tCkaK
+.. section: Library
+
+Fix bugs in WeakValueDictionary.setdefault() and WeakValueDictionary.pop()
+when a GC collection happens in another thread.
+
+..
+
+.. bpo: 28925
+.. date: 018
+.. nonce: 9zLygi
+.. section: Library
+
+cPickle now correctly propagates errors when unpickle instances of old-style
+classes.
+
+..
+
+.. bpo: 27212
+.. date: 2018-03-22-19-23-04
+.. nonce: wrE5KR
+.. section: Documentation
+
+Modify documentation for the :func:`islice` recipe to consume initial values
+up to the start index.
+
+..
+
+.. bpo: 32800
+.. date: 2018-02-10-15-16-04
+.. nonce: FyrqCk
+.. section: Documentation
+
+Update link to w3c doc for xml default namespaces.
+
+..
+
+.. bpo: 17799
+.. date: 2018-01-22-21-13-46
+.. nonce: rdZ-Vk
+.. section: Documentation
+
+Explain real behaviour of sys.settrace and sys.setprofile and their C-API
+counterparts regarding which type of events are received in each function.
+Patch by Pablo Galindo Salgado.
+
+..
+
+.. bpo: 8243
+.. date: 2018-01-13-20-30-53
+.. nonce: s98r28
+.. section: Documentation
+
+Add a note about curses.addch and curses.addstr exception behavior when
+writing outside a window, or pad.
+
+..
+
+.. bpo: 21649
+.. date: 2017-09-06-10-11-57
+.. nonce: EUvqA9
+.. section: Documentation
+
+Add RFC 7525 and Mozilla server side TLS links to SSL documentation.
+
+..
+
+.. bpo: 30176
+.. date: 017
+.. nonce: VivmCg
+.. section: Documentation
+
+Add missing attribute related constants in curses documentation.
+
+..
+
+.. bpo: 28929
+.. date: 016
+.. nonce: Md7kb0
+.. section: Documentation
+
+Link the documentation to its source file on GitHub.
+
+..
+
+.. bpo: 26355
+.. date: 015
+.. nonce: SDq_8Y
+.. section: Documentation
+
+Add canonical header link on each page to corresponding major version of the
+documentation. Patch by Matthias Bussonnier.
+
+..
+
+.. bpo: 12067
+.. date: 014
+.. nonce: 8RbyOz
+.. section: Documentation
+
+Rewrite Comparisons section in the Expressions chapter of the language
+reference. Some of the details of comparing mixed types were incorrect or
+ambiguous. Added default behaviour and consistency suggestions for user-
+defined classes. Based on patch from Andy Maier.
+
+..
+
+.. bpo: 31719
+.. date: 2017-10-06-22-37-38
+.. nonce: gHyrV3
+.. section: Tests
+
+Fix test_regrtest.test_crashed() on s390x. Add a new _testcapi._read_null()
+function to crash Python in a reliable way on s390x. On s390x,
+ctypes.string_at(0) returns an empty string rather than crashing.
+
+..
+
+.. bpo: 31518
+.. date: 2017-09-19-20-48-50
+.. nonce: KwTMMz
+.. section: Tests
+
+Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change
+TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to make
+them pass on Debian.
+
+..
+
+.. bpo: 25674
+.. date: 2017-09-04-13-03-55
+.. nonce: whVTXh
+.. section: Tests
+
+Remove sha256.tbs-internet.com ssl test
+
+..
+
+.. bpo: 11790
+.. date: 007
+.. nonce: 0actZf
+.. section: Tests
+
+Fix sporadic failures in test_multiprocessing.WithProcessesTestCondition.
+
+..
+
+.. bpo: 30236
+.. date: 006
+.. nonce: vOYTDq
+.. section: Tests
+
+Backported test.regrtest options -m/--match and -G/--failfast from Python 3.
+
+..
+
+.. bpo: 30223
+.. date: 005
+.. nonce: TYC9rA
+.. section: Tests
+
+To unify running tests in Python 2.7 and Python 3, the test package can be
+run as a script. This is equivalent to running the test.regrtest module as
+a script.
+
+..
+
+.. bpo: 30207
+.. date: 004
+.. nonce: EiRhGi
+.. section: Tests
+
+To simplify backports from Python 3, the test.test_support module was
+converted into a package and renamed to test.support. The
+test.script_helper module was moved into the test.support package. Names
+test.test_support and test.script_helper are left as aliases to test.support
+and test.support.script_helper.
+
+..
+
+.. bpo: 30197
+.. date: 003
+.. nonce: hajYvd
+.. section: Tests
+
+Enhanced function swap_attr() in the test.test_support module. It now works
+when delete replaced attribute inside the with statement. The old value of
+the attribute (or None if it doesn't exist) now will be assigned to the
+target of the "as" clause, if there is one. Also backported function
+swap_item().
+
+..
+
+.. bpo: 28087
+.. date: 002
+.. nonce: m8dc4R
+.. section: Tests
+
+Skip test_asyncore and test_eintr poll failures on macOS. Skip some tests of
+select.poll when running on macOS due to unresolved issues with the
+underlying system poll function on some macOS versions.
+
+..
+
+.. bpo: 15083
+.. date: 001
+.. nonce: Tz3ZZm
+.. section: Tests
+
+Convert ElementTree doctests to unittests.
+
+..
+
+.. bpo: 33163
+.. date: 2018-03-28-04-15-03
+.. nonce: hfpWuU
+.. section: Build
+
+Upgrade pip to 9.0.3 and setuptools to v39.0.1.
+
+..
+
+.. bpo: 32616
+.. date: 2018-02-07-11-24-38
+.. nonce: o7mFJ3
+.. section: Build
+
+Disable computed gotos by default for clang < 5.0. It caused significant
+performance regression.
+
+..
+
+.. bpo: 32635
+.. date: 2018-01-23-15-33-40
+.. nonce: qHwIZy
+.. section: Build
+
+Fix segfault of the crypt module when libxcrypt is provided instead of
+libcrypt at the system.
+
+..
+
+.. bpo: 31934
+.. date: 2017-11-03-15-17-50
+.. nonce: 8bUlpv
+.. section: Build
+
+Abort the build when building out of a not clean source tree.
+
+..
+
+.. bpo: 31474
+.. date: 2017-09-14-19-38-19
+.. nonce: 0s_mpD
+.. section: Build
+
+Fix -Wint-in-bool-context warnings in PyMem_MALLOC and PyMem_REALLOC macros
+
+..
+
+.. bpo: 29243
+.. date: 013
+.. nonce: WDK4hT
+.. section: Build
+
+Prevent unnecessary rebuilding of Python during ``make test``, ``make
+install`` and some other make targets when configured with ``--enable-
+optimizations``.
+
+..
+
+.. bpo: 23404
+.. date: 012
+.. nonce: PdYVWg
+.. section: Build
+
+Don't regenerate generated files based on file modification time anymore:
+the action is now explicit. Replace ``make touch`` with ``make regen-all``.
+
+..
+
+.. bpo: 27593
+.. date: 011
+.. nonce: v87xEr
+.. section: Build
+
+sys.version and the platform module python_build(), python_branch(), and
+python_revision() functions now use git information rather than hg when
+building from a repo.
+
+..
+
+.. bpo: 29643
+.. date: 010
+.. nonce: 4DrjEB
+.. section: Build
+
+Fix ``--enable-optimization`` configure option didn't work.
+
+..
+
+.. bpo: 29572
+.. date: 009
+.. nonce: iZ1XKK
+.. section: Build
+
+Update Windows build and OS X installers to use OpenSSL 1.0.2k.
+
+..
+
+.. bpo: 28768
+.. date: 008
+.. nonce: b9_a6E
+.. section: Build
+
+Fix implicit declaration of function _setmode. Patch by Masayuki Yamamoto
+
+..
+
+.. bpo: 33184
+.. date: 2018-04-14-14-50-01
+.. nonce: to0tIj
+.. section: Windows
+
+Update Windows build to use OpenSSL 1.0.2o.
+
+..
+
+.. bpo: 32903
+.. date: 2018-02-28-11-03-24
+.. nonce: 1SXY4t
+.. section: Windows
+
+Fix a memory leak in os.chdir() on Windows if the current directory is set
+to a UNC path.
+
+..
+
+.. bpo: 30855
+.. date: 2017-11-24-18-18-31
+.. nonce: Sowf7j
+.. section: Windows
+
+Bump Tcl/Tk to 8.5.19.
+
+..
+
+.. bpo: 30450
+.. date: 2017-09-04-14-00-37
+.. nonce: YwitaJ
+.. section: Windows
+
+Pull build dependencies from GitHub rather than svn.python.org.
+
+..
+
+.. bpo: 32726
+.. date: 2018-04-14-08-56-20
+.. nonce: Mticyn
+.. section: macOS
+
+Provide an additional, more modern macOS installer variant that supports
+macOS 10.9+ systems in 64-bit mode only. Upgrade the supplied third-party
+libraries to OpenSSL 1.0.2n and SQLite 3.22.0. The 10.9+ installer now
+supplies its own private copy of Tcl/Tk 8.6.8.
+
+..
+
+.. bpo: 24414
+.. date: 2018-04-14-08-55-36
+.. nonce: Z5A1cS
+.. section: macOS
+
+Default macOS deployment target is now set by ``configure`` to the build
+system's OS version (as is done by Python 3), not ``10.4``; override with,
+for example, ``./configure MACOSX_DEPLOYMENT_TARGET=10.4``.
+
+..
+
+.. bpo: 17128
+.. date: 2018-04-14-08-54-31
+.. nonce: mRkb0w
+.. section: macOS
+
+All 2.7 macOS installer variants now supply their own version of ``OpenSSL
+1.0.2``; the Apple-supplied SSL libraries and root certificates are not
+longer used. The ``Installer Certificate`` command in
+``/Applications/Python 2.7`` may be used to download and install a default
+set of root certificates from the third-party ``certifi`` package.
+
+..
+
+.. bpo: 11485
+.. date: 2018-04-14-08-49-40
+.. nonce: oALntE
+.. section: macOS
+
+python.org macOS Pythons no longer supply a default SDK value (e.g.
+``-isysroot /``) or specific compiler version default (e.g. ``gcc-4.2``)
+when building extension modules. Use ``CC``, ``SDKROOT``, and
+``DEVELOPER_DIR`` environment variables to override compilers or to use an
+SDK. See Apple's ``xcrun`` man page for more info.
+
+..
+
+.. bpo: 33184
+.. date: 2018-04-07-00-58-50
+.. nonce: rMTiqu
+.. section: macOS
+
+Update macOS installer build to use OpenSSL 1.0.2o.
+
+..
+
+.. bpo: 31920
+.. date: 2018-03-26-18-54-24
+.. nonce: u_WKsT
+.. section: Tools/Demos
+
+Fixed handling directories as arguments in the ``pygettext`` script. Based
+on patch by Oleg Krasnikov.
+
+..
+
+.. bpo: 30109
+.. date: 2018-02-12-14-27-01
+.. nonce: lIYlaf
+.. section: Tools/Demos
+
+Fixed Tools/scripts/reindent.py for non-ASCII files. It now processes files
+as binary streams. This also fixes "make reindent".
+
+..
+
+.. bpo: 24960
+.. date: 2017-12-22-09-25-51
+.. nonce: TGdAgO
+.. section: Tools/Demos
+
+2to3 and lib2to3 can now read pickled grammar files using pkgutil.get_data()
+rather than probing the filesystem. This lets 2to3 and lib2to3 work when run
+from a zipfile.
+
+..
+
+.. bpo: 20891
+.. date: 2017-11-30-18-13-45
+.. nonce: wBnMdF
+.. section: C API
+
+Fix PyGILState_Ensure(). When PyGILState_Ensure() is called in a non-Python
+thread before PyEval_InitThreads(), only call PyEval_InitThreads() after
+calling PyThreadState_New() to fix a crash.
+
+..
+
+.. bpo: 31626
+.. date: 2017-11-07-11-59-44
+.. nonce: LP-CoD
+.. section: C API
+
+When Python is built in debug mode, the memory debug hooks now fail with a
+fatal error if realloc() fails to shrink a memory block, because the debug
+hook just erased freed bytes without keeping a copy of them.
projects / python / commitdiff