]> granicus.if.org Git - python/log
python
7 years agoFix test failure so it's no longer dependent on example.com.
Larry Hastings [Mon, 2 Jan 2017 05:49:09 +0000 (21:49 -0800)]
Fix test failure so it's no longer dependent on example.com.

7 years agomerge 3.3
Benjamin Peterson [Mon, 2 Jan 2017 04:07:37 +0000 (22:07 -0600)]
merge 3.3

7 years agoring in 2017 for Python
Benjamin Peterson [Mon, 2 Jan 2017 04:04:13 +0000 (22:04 -0600)]
ring in 2017 for Python

8 years agoUpgrade pip to 9.0.1 and setuptools to 28.8.0
Donald Stufft [Wed, 16 Nov 2016 02:17:43 +0000 (21:17 -0500)]
Upgrade pip to 9.0.1 and setuptools to 28.8.0

8 years agoIssue #28563: Make plural form selection more lenient and accepting
Serhiy Storchaka [Mon, 14 Nov 2016 17:25:56 +0000 (19:25 +0200)]
Issue #28563: Make plural form selection more lenient and accepting
non-integer numbers.  Django tests depend on this.

8 years agoIssue #28563: Make plural form selection more lenient and accepting
Serhiy Storchaka [Mon, 14 Nov 2016 17:22:12 +0000 (19:22 +0200)]
Issue #28563: Make plural form selection more lenient and accepting
non-integer numbers.  Django tests depend on this.

8 years agoIssue #28648: Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
Serhiy Storchaka [Sat, 12 Nov 2016 12:29:48 +0000 (14:29 +0200)]
Issue #28648: Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
when decode astral characters.

8 years agoIssue #28648: Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
Serhiy Storchaka [Sat, 12 Nov 2016 12:28:06 +0000 (14:28 +0200)]
Issue #28648: Fixed crash in Py_DecodeLocale() in debug build on Mac OS X
when decode astral characters.

8 years agoIssue #28563: Fixed possible DoS and arbitrary code execution when handle
Serhiy Storchaka [Tue, 8 Nov 2016 19:20:09 +0000 (21:20 +0200)]
Issue #28563: Fixed possible DoS and arbitrary code execution when handle
plural form selections in the gettext module.  The expression parser now
supports exact syntax supported by GNU gettext.

8 years agoIssue #28563: Fixed possible DoS and arbitrary code execution when handle
Serhiy Storchaka [Tue, 8 Nov 2016 19:17:46 +0000 (21:17 +0200)]
Issue #28563: Fixed possible DoS and arbitrary code execution when handle
plural form selections in the gettext module.  The expression parser now
supports exact syntax supported by GNU gettext.

8 years agoUpgrade pip to 9.0 and setuptools to 28.7.1
Donald Stufft [Wed, 2 Nov 2016 19:42:49 +0000 (15:42 -0400)]
Upgrade pip to 9.0 and setuptools to 28.7.1

8 years agoIssue #28426: Fixed potential crash in PyUnicode_AsDecodedObject() in debug build.
Serhiy Storchaka [Tue, 25 Oct 2016 07:07:51 +0000 (10:07 +0300)]
Issue #28426: Fixed potential crash in PyUnicode_AsDecodedObject() in debug build.

8 years agoIssue #28248: Update Windows build to use OpenSSL 1.0.2j
Zachary Ware [Tue, 11 Oct 2016 02:57:20 +0000 (21:57 -0500)]
Issue #28248: Update Windows build to use OpenSSL 1.0.2j

8 years agoIssue #27759: Fix selectors incorrectly retain invalid file descriptors.
Yury Selivanov [Thu, 6 Oct 2016 18:03:03 +0000 (14:03 -0400)]
Issue #27759: Fix selectors incorrectly retain invalid file descriptors.

(Backported to 3.4 as this bug might be exploited to for DoS)

8 years agoproperly handle the single null-byte file (closes #24022)
Benjamin Peterson [Mon, 19 Sep 2016 06:41:11 +0000 (23:41 -0700)]
properly handle the single null-byte file (closes #24022)

8 years agoIssue #26171: Null merge
Berker Peksag [Wed, 14 Sep 2016 05:38:36 +0000 (08:38 +0300)]
Issue #26171: Null merge

8 years agoIssue #26171: Prevent buffer overflow in get_data
Berker Peksag [Wed, 14 Sep 2016 05:37:28 +0000 (08:37 +0300)]
Issue #26171: Prevent buffer overflow in get_data

Backport of 01ddd608b85c.

8 years agoUpgrade setuptools to 27.1.2
Donald Stufft [Fri, 9 Sep 2016 16:08:53 +0000 (12:08 -0400)]
Upgrade setuptools to 27.1.2

8 years agoUpgrade setuptools to 27.1.1
Donald Stufft [Fri, 9 Sep 2016 15:35:02 +0000 (11:35 -0400)]
Upgrade setuptools to 27.1.1

8 years agoIssue #27960: Revert state to 675e20c38fdac6, backing out all changes by developed...
Jason R. Coombs [Tue, 6 Sep 2016 02:24:01 +0000 (22:24 -0400)]
Issue #27960: Revert state to 675e20c38fdac6, backing out all changes by developed for Issue #12885.

8 years agoIssue #12885: Revert commits in 3.4 branch which is security-only fixes.
Jason R. Coombs [Fri, 2 Sep 2016 03:27:45 +0000 (23:27 -0400)]
Issue #12885: Revert commits in 3.4 branch which is security-only fixes.

8 years agoIssue #12885: Correct issue reference in NEWS
Jason R. Coombs [Fri, 2 Sep 2016 02:08:25 +0000 (22:08 -0400)]
Issue #12885: Correct issue reference in NEWS

8 years agoBacked out changeset cc86e9e102e8
Jason R. Coombs [Fri, 2 Sep 2016 01:55:22 +0000 (21:55 -0400)]
Backed out changeset cc86e9e102e8

8 years agoIssue #12285: Update NEWS
Jason R. Coombs [Fri, 2 Sep 2016 01:12:17 +0000 (21:12 -0400)]
Issue #12285: Update NEWS

8 years agorearrange methodcaller_new so that the main error case does not cause uninitialized...
Benjamin Peterson [Wed, 17 Aug 2016 06:35:35 +0000 (23:35 -0700)]
rearrange methodcaller_new so that the main error case does not cause uninitialized memory usage (closes #27783)

8 years agodo not decref value borrowed from list (closes #27774)
Benjamin Peterson [Tue, 16 Aug 2016 05:01:41 +0000 (22:01 -0700)]
do not decref value borrowed from list (closes #27774)

8 years agofix possible integer overflow in binascii.b2a_qp (closes #27760)
Benjamin Peterson [Sun, 14 Aug 2016 01:33:33 +0000 (18:33 -0700)]
fix possible integer overflow in binascii.b2a_qp (closes #27760)

Reported by Thomas E. Hybel

8 years agocheck for overflow in join_append_data (closes #27758)
Benjamin Peterson [Sun, 14 Aug 2016 00:17:06 +0000 (17:17 -0700)]
check for overflow in join_append_data (closes #27758)

Reported by Thomas E. Hybel

8 years agoIssue #20160: Handled passing of large structs to callbacks correctly.
Vinay Sajip [Fri, 5 Aug 2016 20:24:27 +0000 (21:24 +0100)]
Issue #20160: Handled passing of large structs to callbacks correctly.

8 years agoSwitch upload.pypi.io to upload.pypi.org
Donald Stufft [Wed, 3 Aug 2016 22:43:38 +0000 (18:43 -0400)]
Switch upload.pypi.io to upload.pypi.org

8 years agoPrevent HTTPoxy attack (CVE-2016-1000110)
Senthil Kumaran [Sun, 31 Jul 2016 06:24:16 +0000 (23:24 -0700)]
Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue #27568 Reported and patch contributed by Rémi Rampin.

8 years agoIssue #27369: Merge test_pyexpat from 3.2 into 3.3
Martin Panter [Thu, 14 Jul 2016 01:42:53 +0000 (01:42 +0000)]
Issue #27369: Merge test_pyexpat from 3.2 into 3.3

8 years agoIssue #27369: Don’t test error message detail that changed in Expat 2.2.0 3.2
Martin Panter [Thu, 14 Jul 2016 01:31:46 +0000 (01:31 +0000)]
Issue #27369: Don’t test error message detail that changed in Expat 2.2.0

8 years agoIssue #22758: Move NEWS entry to Library section
Martin Panter [Thu, 14 Jul 2016 01:17:03 +0000 (01:17 +0000)]
Issue #22758: Move NEWS entry to Library section

8 years ago#22758 null merge
R David Murray [Sun, 10 Jul 2016 18:10:08 +0000 (14:10 -0400)]
#22758 null merge

8 years ago#22758: fix regression in handling of secure cookies.
R David Murray [Sun, 10 Jul 2016 17:32:43 +0000 (13:32 -0400)]
#22758: fix regression in handling of secure cookies.

This backports the fix from #16611, per discussion with the release
manager.

8 years agoSwitch to the new upload url for PyPI
Donald Stufft [Wed, 6 Jul 2016 19:27:35 +0000 (15:27 -0400)]
Switch to the new upload url for PyPI

8 years agoIssue #25940: On Windows, connecting to port 444 returns ETIMEDOUT
Martin Panter [Fri, 15 Jan 2016 01:16:41 +0000 (01:16 +0000)]
Issue #25940: On Windows, connecting to port 444 returns ETIMEDOUT

8 years agoIssue #25940: Use self-signed.pythontest.net in SSL tests
Martin Panter [Thu, 14 Jan 2016 09:36:00 +0000 (09:36 +0000)]
Issue #25940: Use self-signed.pythontest.net in SSL tests

This is instead of svn.python.org, whose certificate recently expired, and
whose new certificate uses a different root certificate.

The certificate used at the pythontest server was modifed to set the "basic
constraints" CA flag. This flag seems to be required for test_get_ca_certs_
capath() to work (in Python 3.4+).

Added the new self-signed certificate to capath with the following commands:

cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/}
c_rehash -v Lib/test/capath/
c_rehash -v -old Lib/test/capath/
# Note the generated file names
cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0}
mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0}

The new server responds with "No route to host" when connecting to port 444.

9 years agoIssue #25709: Fixed problem with in-place string concatenation and utf-8 cache.
Serhiy Storchaka [Wed, 2 Dec 2015 23:02:03 +0000 (01:02 +0200)]
Issue #25709: Fixed problem with in-place string concatenation and utf-8 cache.

8 years agoIssue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3
Martin Panter [Fri, 15 Jan 2016 02:08:13 +0000 (02:08 +0000)]
Issue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3

8 years agoIssue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3
Martin Panter [Thu, 14 Jan 2016 12:21:02 +0000 (12:21 +0000)]
Issue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3

9 years agoremove some copyright notices supserseded by the toplevel ones
Benjamin Peterson [Fri, 1 Jan 2016 17:53:47 +0000 (11:53 -0600)]
remove some copyright notices supserseded by the toplevel ones

9 years agoadd 2015 and 2016
Benjamin Peterson [Fri, 1 Jan 2016 17:53:14 +0000 (11:53 -0600)]
add 2015 and 2016

9 years agoreflow
Benjamin Peterson [Fri, 1 Jan 2016 17:12:44 +0000 (11:12 -0600)]
reflow

9 years ago2016 will be another year of writing copyrighted code
Benjamin Peterson [Fri, 1 Jan 2016 16:23:45 +0000 (10:23 -0600)]
2016 will be another year of writing copyrighted code

9 years agofix reordering
Benjamin Peterson [Sat, 5 Dec 2015 08:27:11 +0000 (00:27 -0800)]
fix reordering

9 years agomerge 3.2
Benjamin Peterson [Sat, 5 Dec 2015 08:21:12 +0000 (00:21 -0800)]
merge 3.2

9 years agoadd CVE and issue number
Benjamin Peterson [Sat, 5 Dec 2015 08:17:57 +0000 (00:17 -0800)]
add CVE and issue number

9 years agoIssue #12285: Replace implementation of findall with implementation from Setuptools...
Jason R. Coombs [Sat, 19 Sep 2015 16:12:15 +0000 (18:12 +0200)]
Issue #12285: Replace implementation of findall with implementation from Setuptools 7ce820d524db.

9 years agoIssue #25021: Correctly make sure that product.__setstate__ does not access
Kristján Valur Jónsson [Sat, 12 Sep 2015 15:20:54 +0000 (15:20 +0000)]
Issue #25021: Correctly make sure that product.__setstate__ does not access
invalid memory.

9 years agoSort result to avoid spurious errors due to order.
Jason R. Coombs [Sun, 30 Aug 2015 18:05:58 +0000 (14:05 -0400)]
Sort result to avoid spurious errors due to order.

9 years agoAdd docstring and additional test revealing nuances of the implementation as found...
Jason R. Coombs [Sat, 19 Sep 2015 15:32:51 +0000 (17:32 +0200)]
Add docstring and additional test revealing nuances of the implementation as found in setuptools.

9 years agoAdd another test capturing the basic discovery expectation.
Jason R. Coombs [Sun, 30 Aug 2015 17:26:48 +0000 (13:26 -0400)]
Add another test capturing the basic discovery expectation.

9 years agoIssue #12285: Add test capturing failure.
Jason R. Coombs [Sun, 30 Aug 2015 17:22:56 +0000 (13:22 -0400)]
Issue #12285: Add test capturing failure.

9 years agoUse modern mechanism for test discovery
Jason R. Coombs [Sun, 30 Aug 2015 17:13:11 +0000 (13:13 -0400)]
Use modern mechanism for test discovery

8 years agomerge 3.3 (#27783)
Benjamin Peterson [Wed, 17 Aug 2016 06:36:20 +0000 (23:36 -0700)]
merge 3.3 (#27783)

8 years agomerge 3.3 (#27774)
Benjamin Peterson [Tue, 16 Aug 2016 05:03:44 +0000 (22:03 -0700)]
merge 3.3 (#27774)

8 years agofail when negative values are passed to instr()
Benjamin Peterson [Tue, 16 Aug 2016 04:40:14 +0000 (21:40 -0700)]
fail when negative values are passed to instr()

8 years agoUpdate setuptools/pip to 25.2.0/8.1.2
Donald Stufft [Sun, 14 Aug 2016 20:09:56 +0000 (16:09 -0400)]
Update setuptools/pip to 25.2.0/8.1.2

8 years agomerge 3.3 (closes #27760)
Benjamin Peterson [Sun, 14 Aug 2016 01:36:55 +0000 (18:36 -0700)]
merge 3.3 (closes #27760)

8 years agodo not allow reading negative values with getstr()
Benjamin Peterson [Sun, 14 Aug 2016 01:15:28 +0000 (18:15 -0700)]
do not allow reading negative values with getstr()

8 years agomerge 3.3 (#27758)
Benjamin Peterson [Sun, 14 Aug 2016 00:21:22 +0000 (17:21 -0700)]
merge 3.3 (#27758)

8 years agoIssue #20160: Merged fix from 3.3.
Vinay Sajip [Fri, 5 Aug 2016 20:43:25 +0000 (21:43 +0100)]
Issue #20160: Merged fix from 3.3.

8 years agoMerge 3.3
Donald Stufft [Wed, 3 Aug 2016 22:48:17 +0000 (18:48 -0400)]
Merge 3.3

8 years ago[merge from 3.3] Prevent HTTPoxy attack (CVE-2016-1000110)
Senthil Kumaran [Sun, 31 Jul 2016 06:34:34 +0000 (23:34 -0700)]
[merge from 3.3] Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue #27568 Reported and patch contributed by Rémi Rampin.

8 years agoIssue #27369: Merge test_pyexpat from 3.3 into 3.4
Martin Panter [Thu, 14 Jul 2016 02:09:17 +0000 (02:09 +0000)]
Issue #27369: Merge test_pyexpat from 3.3 into 3.4

8 years ago#22758 null merge
R David Murray [Sun, 10 Jul 2016 18:10:56 +0000 (14:10 -0400)]
#22758 null merge

8 years agomerge 3.3
Benjamin Peterson [Wed, 6 Jul 2016 21:04:11 +0000 (14:04 -0700)]
merge 3.3

8 years agoSwitch to the new upload url for PyPI
Donald Stufft [Wed, 6 Jul 2016 20:18:39 +0000 (16:18 -0400)]
Switch to the new upload url for PyPI

8 years agoMerge.
Larry Hastings [Mon, 27 Jun 2016 02:43:00 +0000 (19:43 -0700)]
Merge.

8 years agoPost-release fixups for Python 3.4.5.
Larry Hastings [Mon, 27 Jun 2016 02:41:21 +0000 (19:41 -0700)]
Post-release fixups for Python 3.4.5.

8 years agoAdded tag v3.4.5 for changeset 619b61e505d0
Larry Hastings [Sat, 25 Jun 2016 21:44:49 +0000 (14:44 -0700)]
Added tag v3.4.5 for changeset 619b61e505d0

8 years agoVersion bump for 3.4.5 final. v3.4.5
Larry Hastings [Sat, 25 Jun 2016 21:44:30 +0000 (14:44 -0700)]
Version bump for 3.4.5 final.

8 years agoRegenerate pydoc topics for 3.4.5 final.
Larry Hastings [Sat, 25 Jun 2016 21:42:04 +0000 (14:42 -0700)]
Regenerate pydoc topics for 3.4.5 final.

8 years agoDocs: add html-stable autobuild variant
Georg Brandl [Wed, 15 Jun 2016 06:57:32 +0000 (08:57 +0200)]
Docs: add html-stable autobuild variant

8 years agosync ordering of stddef.h includes with expat 2.1.1
Benjamin Peterson [Tue, 14 Jun 2016 06:41:19 +0000 (23:41 -0700)]
sync ordering of stddef.h includes with expat 2.1.1

8 years agoIssue #26867: Ubuntu's openssl OP_NO_SSLv3 is forced on by default; fix test.
Matthias Klose [Mon, 13 Jun 2016 06:40:00 +0000 (23:40 -0700)]
Issue #26867: Ubuntu's openssl OP_NO_SSLv3 is forced on by default; fix test.

8 years agoAdded tag v3.4.5rc1 for changeset 3631bb4a2490
Larry Hastings [Sun, 12 Jun 2016 05:25:43 +0000 (22:25 -0700)]
Added tag v3.4.5rc1 for changeset 3631bb4a2490

8 years agoRelease bump for 3.4.5rc1. v3.4.5rc1
Larry Hastings [Sun, 12 Jun 2016 05:24:03 +0000 (22:24 -0700)]
Release bump for 3.4.5rc1.

8 years agoRegenerate pydoc topics for 3.4.5rc1.
Larry Hastings [Sun, 12 Jun 2016 05:22:07 +0000 (22:22 -0700)]
Regenerate pydoc topics for 3.4.5rc1.

8 years agoupgrade expt to 2.1.1 (closes #26556)
Benjamin Peterson [Sat, 11 Jun 2016 20:28:56 +0000 (13:28 -0700)]
upgrade expt to 2.1.1 (closes #26556)

8 years agoraise an error when STARTTLS fails
Benjamin Peterson [Sat, 11 Jun 2016 20:16:42 +0000 (13:16 -0700)]
raise an error when STARTTLS fails

8 years agoBack out 7e9605697dfc, 2e3c31ab586a, 759b2cecc289.
Guido van Rossum [Thu, 19 May 2016 20:00:21 +0000 (13:00 -0700)]
Back out 7e9605697dfc2e3c31ab586a759b2cecc289.

These added a path attribute to pathlib.Path objects, and docs.
Instead, we're going to use PEP 519.

(Starting in the 3.4 branch and merging forward from there since that's what I did originally.)

8 years agoUpgrade ensurepip bundled setuptools to 20.10.1
Donald Stufft [Mon, 2 May 2016 11:03:46 +0000 (07:03 -0400)]
Upgrade ensurepip bundled setuptools to 20.10.1

8 years agoIssue26748: Enum classes should evaluate as True
Ethan Furman [Thu, 14 Apr 2016 06:52:09 +0000 (23:52 -0700)]
Issue26748: Enum classes should evaluate as True

8 years agoremove useless $ keyword (closes #17167)
Benjamin Peterson [Tue, 22 Mar 2016 05:31:02 +0000 (22:31 -0700)]
remove useless $ keyword (closes #17167)

8 years agoUpgrade ensurepip._bundled pip to 8.1.1 and setuptools to 20.3
Donald Stufft [Thu, 17 Mar 2016 15:00:08 +0000 (11:00 -0400)]
Upgrade ensurepip._bundled pip to 8.1.1 and setuptools to 20.3

8 years agoBacked out changeset 19a3e0e664af
Serhiy Storchaka [Tue, 8 Mar 2016 19:13:35 +0000 (21:13 +0200)]
Backed out changeset 19a3e0e664af

8 years agoIssues #23808, #25911: Trying to fix walk tests on Windows.
Serhiy Storchaka [Tue, 8 Mar 2016 14:11:26 +0000 (16:11 +0200)]
Issues #23808, #25911: Trying to fix walk tests on Windows.

On Windows a symlink can has the FILE_ATTRIBUTE_DIRECTORY flag.

8 years agoproperly use the ObjArgs variant of CallMethod in dictview binary operations (closes...
Benjamin Peterson [Fri, 4 Mar 2016 06:05:36 +0000 (22:05 -0800)]
properly use the ObjArgs variant of CallMethod in dictview binary operations (closes #26478)

8 years agoIssue #26246: Set initial value of the hidden attr when creating copy button.
Berker Peksag [Wed, 2 Mar 2016 17:40:08 +0000 (19:40 +0200)]
Issue #26246: Set initial value of the hidden attr when creating copy button.

Patch by Liang-Bo Wang.

8 years agoasyncio: Update 3.4 asyncio/test_tasks to upstream version
Yury Selivanov [Wed, 2 Mar 2016 15:33:22 +0000 (10:33 -0500)]
asyncio: Update 3.4 asyncio/test_tasks to upstream version

8 years ago#26246: update copybutton.js after JQuery update. Patch by Liang-Bo Wang.
Ezio Melotti [Sat, 27 Feb 2016 06:39:36 +0000 (08:39 +0200)]
#26246: update copybutton.js after JQuery update.  Patch by Liang-Bo Wang.

8 years agoopen the cert store readonly
Benjamin Peterson [Thu, 18 Feb 2016 06:13:19 +0000 (22:13 -0800)]
open the cert store readonly

Patch from Chi Hsuan Yen.

8 years agoreject negative data_size
Benjamin Peterson [Fri, 22 Jan 2016 06:02:46 +0000 (22:02 -0800)]
reject negative data_size

8 years agoUpgrade pip to 8.0.2
Donald Stufft [Fri, 22 Jan 2016 02:55:32 +0000 (21:55 -0500)]
Upgrade pip to 8.0.2

8 years agoprevent buffer overflow in get_data (closes #26171)
Benjamin Peterson [Thu, 21 Jan 2016 06:23:44 +0000 (22:23 -0800)]
prevent buffer overflow in get_data (closes #26171)

8 years agofix refleak in error condition
Benjamin Peterson [Thu, 21 Jan 2016 06:06:43 +0000 (22:06 -0800)]
fix refleak in error condition

8 years agoremove script from epub (closes #26172)
Benjamin Peterson [Thu, 21 Jan 2016 06:02:30 +0000 (22:02 -0800)]
remove script from epub (closes #26172)