]> granicus.if.org Git - python/log
python
8 years agoIssue #20160: Handled passing of large structs to callbacks correctly.
Vinay Sajip [Fri, 5 Aug 2016 20:24:27 +0000 (21:24 +0100)]
Issue #20160: Handled passing of large structs to callbacks correctly.

8 years agoSwitch upload.pypi.io to upload.pypi.org
Donald Stufft [Wed, 3 Aug 2016 22:43:38 +0000 (18:43 -0400)]
Switch upload.pypi.io to upload.pypi.org

8 years agoPrevent HTTPoxy attack (CVE-2016-1000110)
Senthil Kumaran [Sun, 31 Jul 2016 06:24:16 +0000 (23:24 -0700)]
Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue #27568 Reported and patch contributed by Rémi Rampin.

8 years agoIssue #27369: Merge test_pyexpat from 3.2 into 3.3
Martin Panter [Thu, 14 Jul 2016 01:42:53 +0000 (01:42 +0000)]
Issue #27369: Merge test_pyexpat from 3.2 into 3.3

8 years agoIssue #27369: Don’t test error message detail that changed in Expat 2.2.0 3.2
Martin Panter [Thu, 14 Jul 2016 01:31:46 +0000 (01:31 +0000)]
Issue #27369: Don’t test error message detail that changed in Expat 2.2.0

8 years agoIssue #22758: Move NEWS entry to Library section
Martin Panter [Thu, 14 Jul 2016 01:17:03 +0000 (01:17 +0000)]
Issue #22758: Move NEWS entry to Library section

8 years ago#22758 null merge
R David Murray [Sun, 10 Jul 2016 18:10:08 +0000 (14:10 -0400)]
#22758 null merge

8 years ago#22758: fix regression in handling of secure cookies.
R David Murray [Sun, 10 Jul 2016 17:32:43 +0000 (13:32 -0400)]
#22758: fix regression in handling of secure cookies.

This backports the fix from #16611, per discussion with the release
manager.

8 years agoSwitch to the new upload url for PyPI
Donald Stufft [Wed, 6 Jul 2016 19:27:35 +0000 (15:27 -0400)]
Switch to the new upload url for PyPI

8 years agoIssue #25940: On Windows, connecting to port 444 returns ETIMEDOUT
Martin Panter [Fri, 15 Jan 2016 01:16:41 +0000 (01:16 +0000)]
Issue #25940: On Windows, connecting to port 444 returns ETIMEDOUT

8 years agoIssue #25940: Use self-signed.pythontest.net in SSL tests
Martin Panter [Thu, 14 Jan 2016 09:36:00 +0000 (09:36 +0000)]
Issue #25940: Use self-signed.pythontest.net in SSL tests

This is instead of svn.python.org, whose certificate recently expired, and
whose new certificate uses a different root certificate.

The certificate used at the pythontest server was modifed to set the "basic
constraints" CA flag. This flag seems to be required for test_get_ca_certs_
capath() to work (in Python 3.4+).

Added the new self-signed certificate to capath with the following commands:

cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/}
c_rehash -v Lib/test/capath/
c_rehash -v -old Lib/test/capath/
# Note the generated file names
cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0}
mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0}

The new server responds with "No route to host" when connecting to port 444.

9 years agoIssue #25709: Fixed problem with in-place string concatenation and utf-8 cache.
Serhiy Storchaka [Wed, 2 Dec 2015 23:02:03 +0000 (01:02 +0200)]
Issue #25709: Fixed problem with in-place string concatenation and utf-8 cache.

8 years agoIssue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3
Martin Panter [Fri, 15 Jan 2016 02:08:13 +0000 (02:08 +0000)]
Issue #25940: Merge ETIMEDOUT fix from 3.2 into 3.3

8 years agoIssue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3
Martin Panter [Thu, 14 Jan 2016 12:21:02 +0000 (12:21 +0000)]
Issue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3

9 years agoremove some copyright notices supserseded by the toplevel ones
Benjamin Peterson [Fri, 1 Jan 2016 17:53:47 +0000 (11:53 -0600)]
remove some copyright notices supserseded by the toplevel ones

9 years agoadd 2015 and 2016
Benjamin Peterson [Fri, 1 Jan 2016 17:53:14 +0000 (11:53 -0600)]
add 2015 and 2016

9 years agoreflow
Benjamin Peterson [Fri, 1 Jan 2016 17:12:44 +0000 (11:12 -0600)]
reflow

9 years ago2016 will be another year of writing copyrighted code
Benjamin Peterson [Fri, 1 Jan 2016 16:23:45 +0000 (10:23 -0600)]
2016 will be another year of writing copyrighted code

9 years agofix reordering
Benjamin Peterson [Sat, 5 Dec 2015 08:27:11 +0000 (00:27 -0800)]
fix reordering

9 years agomerge 3.2
Benjamin Peterson [Sat, 5 Dec 2015 08:21:12 +0000 (00:21 -0800)]
merge 3.2

9 years agoadd CVE and issue number
Benjamin Peterson [Sat, 5 Dec 2015 08:17:57 +0000 (00:17 -0800)]
add CVE and issue number

9 years agoIssue #25021: Correctly make sure that product.__setstate__ does not access
Kristján Valur Jónsson [Sat, 12 Sep 2015 15:20:54 +0000 (15:20 +0000)]
Issue #25021: Correctly make sure that product.__setstate__ does not access
invalid memory.

9 years agoprotect against mutation of the dict during insertion (closes #24407)
Benjamin Peterson [Sun, 5 Jul 2015 00:55:16 +0000 (19:55 -0500)]
protect against mutation of the dict during insertion (closes #24407)

9 years agoadd issue number
Benjamin Peterson [Sat, 27 Jun 2015 19:25:50 +0000 (14:25 -0500)]
add issue number

9 years agouse safe allocation and reallocation macros
Benjamin Peterson [Sat, 27 Jun 2015 18:41:33 +0000 (13:41 -0500)]
use safe allocation and reallocation macros

9 years agoIssue 24366: Indent code (thanks to li4ick for reporting).
Yury Selivanov [Tue, 2 Jun 2015 22:53:46 +0000 (18:53 -0400)]
Issue 24366: Indent code (thanks to li4ick for reporting).

9 years agomerge 3.2
Benjamin Peterson [Tue, 26 May 2015 02:24:26 +0000 (21:24 -0500)]
merge 3.2

9 years agokeep distutils version in sync with python version automatically
Benjamin Peterson [Tue, 26 May 2015 02:24:00 +0000 (21:24 -0500)]
keep distutils version in sync with python version automatically

9 years agomerge 3.2 (#22931)
Benjamin Peterson [Sat, 23 May 2015 15:38:48 +0000 (10:38 -0500)]
merge 3.2 (#22931)

9 years agoallow square brackets in cookie values (closes #22931)
Benjamin Peterson [Sat, 23 May 2015 15:36:48 +0000 (10:36 -0500)]
allow square brackets in cookie values (closes #22931)

9 years agobe more robust against the filters list changing under us (closes #24096)
Benjamin Peterson [Sun, 3 May 2015 15:23:37 +0000 (11:23 -0400)]
be more robust against the filters list changing under us (closes #24096)

9 years agojust sort the items tuple directly (closes #24094)
Benjamin Peterson [Sun, 3 May 2015 02:28:04 +0000 (22:28 -0400)]
just sort the items tuple directly (closes #24094)

9 years agomerge 3.2 (#24044)
Benjamin Peterson [Thu, 23 Apr 2015 21:05:07 +0000 (17:05 -0400)]
merge 3.2 (#24044)

9 years agoproperly handle malloc failure (closes #24044)
Benjamin Peterson [Thu, 23 Apr 2015 21:04:36 +0000 (17:04 -0400)]
properly handle malloc failure (closes #24044)

Patch by Christian Heimes.

9 years agoIssue #23998: PyImport_ReInitLock() now checks for lock allocation error
Christian Heimes [Sun, 19 Apr 2015 19:08:42 +0000 (21:08 +0200)]
Issue #23998: PyImport_ReInitLock() now checks for lock allocation error

9 years agouse PyMem_NEW to detect overflow (closes #23362)
Benjamin Peterson [Mon, 2 Mar 2015 18:23:25 +0000 (13:23 -0500)]
use PyMem_NEW to detect overflow (closes #23362)

9 years agofix possible overflow bugs in unicodedata (closes #23367)
Benjamin Peterson [Mon, 2 Mar 2015 16:17:05 +0000 (11:17 -0500)]
fix possible overflow bugs in unicodedata (closes #23367)

9 years agomerge 3.2
Benjamin Peterson [Wed, 18 Feb 2015 13:54:22 +0000 (08:54 -0500)]
merge 3.2

9 years agoremove RPM, since it's unused and unmaintained
Benjamin Peterson [Wed, 18 Feb 2015 13:52:46 +0000 (08:52 -0500)]
remove RPM, since it's unused and unmaintained

9 years agoadd overflow checking (closes #23361)
Benjamin Peterson [Tue, 10 Feb 2015 01:58:12 +0000 (20:58 -0500)]
add overflow checking (closes #23361)

9 years agoIssues #23363, #23364, #23365, #23366: Fixed itertools overflow tests.
Serhiy Storchaka [Mon, 2 Feb 2015 23:34:09 +0000 (01:34 +0200)]
Issues #23363, #23364, #23365, #23366: Fixed itertools overflow tests.
Used PyMem_New to check overflow.

9 years agoreduce memory usage of test (closes #23369)
Benjamin Peterson [Mon, 2 Feb 2015 22:47:07 +0000 (17:47 -0500)]
reduce memory usage of test (closes #23369)

9 years agocheck for overflows in permutations() and product() (closes #23363, closes #23364)
Benjamin Peterson [Mon, 2 Feb 2015 02:34:07 +0000 (21:34 -0500)]
check for overflows in permutations() and product() (closes #23363, closes #23364)

9 years agocheck for overflow in combinations_with_replacement (closes #23365)
Benjamin Peterson [Mon, 2 Feb 2015 02:10:47 +0000 (21:10 -0500)]
check for overflow in combinations_with_replacement (closes #23365)

9 years agodetect overflow in combinations (closes #23366)
Benjamin Peterson [Mon, 2 Feb 2015 01:59:00 +0000 (20:59 -0500)]
detect overflow in combinations (closes #23366)

9 years agoremove extra ws
Benjamin Peterson [Sun, 1 Feb 2015 23:02:09 +0000 (18:02 -0500)]
remove extra ws

9 years agofix possible overflow in encode_basestring_ascii (closes #23369)
Benjamin Peterson [Sun, 1 Feb 2015 22:53:53 +0000 (17:53 -0500)]
fix possible overflow in encode_basestring_ascii (closes #23369)

9 years agoIssue #23055: Fixed read-past-the-end error in PyUnicode_FromFormatV.
Serhiy Storchaka [Fri, 30 Jan 2015 23:15:48 +0000 (01:15 +0200)]
Issue #23055: Fixed read-past-the-end error in PyUnicode_FromFormatV.

9 years agoIssue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. Analysis
Serhiy Storchaka [Tue, 27 Jan 2015 20:18:46 +0000 (22:18 +0200)]
Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV.  Analysis
and fix by Guido Vranken.

9 years agoIssue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. Analysis
Serhiy Storchaka [Tue, 27 Jan 2015 20:18:34 +0000 (22:18 +0200)]
Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV.  Analysis
and fix by Guido Vranken.

9 years agoIssue20467: clarify __init__'s role
Ethan Furman [Thu, 15 Jan 2015 05:56:10 +0000 (21:56 -0800)]
Issue20467: clarify __init__'s role

9 years agomerge 3.2 (closes #23165)
Benjamin Peterson [Sun, 4 Jan 2015 22:03:59 +0000 (16:03 -0600)]
merge 3.2 (closes #23165)

9 years agoadd some overflow checks before multiplying (closes #23165)
Benjamin Peterson [Sun, 4 Jan 2015 22:03:17 +0000 (16:03 -0600)]
add some overflow checks before multiplying (closes #23165)

10 years agomerge 3.2
Benjamin Peterson [Thu, 1 Jan 2015 00:10:13 +0000 (18:10 -0600)]
merge 3.2

10 years agoupdate for copyright for 2015
Benjamin Peterson [Thu, 1 Jan 2015 00:09:36 +0000 (18:09 -0600)]
update for copyright for 2015

10 years agomerge 3.2 (#23130)
Benjamin Peterson [Tue, 30 Dec 2014 16:08:52 +0000 (10:08 -0600)]
merge 3.2 (#23130)

10 years agodelete old ftpmirror script, which now has security bugs (closes #23130)
Benjamin Peterson [Tue, 30 Dec 2014 16:08:16 +0000 (10:08 -0600)]
delete old ftpmirror script, which now has security bugs (closes #23130)

10 years agomerge 3.2 (#16043)
Benjamin Peterson [Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)]
merge 3.2 (#16043)

10 years agoadd a default limit for the amount of data xmlrpclib.gzip_decode will return (closes...
Benjamin Peterson [Sat, 6 Dec 2014 01:15:15 +0000 (20:15 -0500)]
add a default limit for the amount of data xmlrpclib.gzip_decode will return (closes #16043)

10 years agoIssue #25940: Backport self-signed.pythontest.net testing for test_httplib
Georg Brandl [Wed, 5 Nov 2014 19:37:40 +0000 (20:37 +0100)]
Issue #25940: Backport self-signed.pythontest.net testing for test_httplib

The svn.python.org server recently changed root certificate, causing the test
to fail. This backports revision 4985375db40f.

10 years agomerge 3.2
Benjamin Peterson [Wed, 5 Nov 2014 16:29:39 +0000 (11:29 -0500)]
merge 3.2

10 years agouse pythontest.net for url fragment test
Benjamin Peterson [Wed, 5 Nov 2014 16:27:14 +0000 (11:27 -0500)]
use pythontest.net for url fragment test

10 years agomerge 3.2
Benjamin Peterson [Mon, 3 Nov 2014 20:11:53 +0000 (15:11 -0500)]
merge 3.2

10 years agomove idna test domain to pythontest.net
Benjamin Peterson [Mon, 3 Nov 2014 20:10:47 +0000 (15:10 -0500)]
move idna test domain to pythontest.net

10 years agomake plural s lowercase
Benjamin Peterson [Sun, 19 Oct 2014 14:47:49 +0000 (10:47 -0400)]
make plural s lowercase

10 years agoFixed signed/unsigned comparison warning
Antoine Pitrou [Wed, 15 Oct 2014 21:14:53 +0000 (23:14 +0200)]
Fixed signed/unsigned comparison warning

10 years agotest is cpython only
Benjamin Peterson [Wed, 15 Oct 2014 17:39:46 +0000 (13:39 -0400)]
test is cpython only

10 years agoit suffices to check for PY_SSIZE_T_MAX overflow (#22643)
Benjamin Peterson [Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)]
it suffices to check for PY_SSIZE_T_MAX overflow (#22643)

10 years agomake sure length is unsigned
Benjamin Peterson [Wed, 15 Oct 2014 15:51:05 +0000 (11:51 -0400)]
make sure length is unsigned

10 years agofix integer overflow in unicode case operations (closes #22643)
Benjamin Peterson [Wed, 15 Oct 2014 15:47:36 +0000 (11:47 -0400)]
fix integer overflow in unicode case operations (closes #22643)

10 years agonote xmlrpclib doesn't verify certs (yet)
Benjamin Peterson [Mon, 13 Oct 2014 15:54:50 +0000 (11:54 -0400)]
note xmlrpclib doesn't verify certs (yet)

10 years agoMerge 3.2 into 3.3.
Georg Brandl [Sun, 12 Oct 2014 07:29:19 +0000 (09:29 +0200)]
Merge 3.2 into 3.3.

10 years agoAdded tag v3.3.6 for changeset 971fec30da1f
Georg Brandl [Sun, 12 Oct 2014 07:03:47 +0000 (09:03 +0200)]
Added tag v3.3.6 for changeset 971fec30da1f

10 years agoBump to 3.3.6 v3.3.6
Georg Brandl [Sun, 12 Oct 2014 07:03:40 +0000 (09:03 +0200)]
Bump to 3.3.6

10 years agoAdded tag v3.2.6 for changeset 0bd5f4f14de9
Georg Brandl [Sun, 12 Oct 2014 06:51:30 +0000 (08:51 +0200)]
Added tag v3.2.6 for changeset 0bd5f4f14de9

10 years agoBump to 3.2.6 v3.2.6
Georg Brandl [Sun, 12 Oct 2014 06:50:38 +0000 (08:50 +0200)]
Bump to 3.2.6

10 years ago#16040: fix unlimited read from connection in nntplib.
Georg Brandl [Sun, 12 Oct 2014 06:50:11 +0000 (08:50 +0200)]
#16040: fix unlimited read from connection in nntplib.

10 years agoAdded tag v3.3.6rc1 for changeset 51317c9786f5
Georg Brandl [Sat, 4 Oct 2014 12:33:05 +0000 (14:33 +0200)]
Added tag v3.3.6rc1 for changeset 51317c9786f5

10 years agoAdded tag v3.2.6rc1 for changeset 51382a5598ec
Georg Brandl [Sat, 4 Oct 2014 12:17:10 +0000 (14:17 +0200)]
Added tag v3.2.6rc1 for changeset 51382a5598ec

10 years agoCopyright year update, add version to licenses. v3.2.6rc1
Georg Brandl [Sat, 4 Oct 2014 12:16:59 +0000 (14:16 +0200)]
Copyright year update, add version to licenses.

10 years agoBump to 3.2.6rc1
Georg Brandl [Sat, 4 Oct 2014 12:15:42 +0000 (14:15 +0200)]
Bump to 3.2.6rc1

10 years agoIssue #22518: Fixed integer overflow issues in "backslashreplace", v3.3.6rc1
Serhiy Storchaka [Sat, 4 Oct 2014 11:15:49 +0000 (14:15 +0300)]
Issue #22518: Fixed integer overflow issues in "backslashreplace",
"xmlcharrefreplace", and "surrogatepass" error handlers.

10 years agoBump to 3.3.6rc1
Georg Brandl [Sat, 4 Oct 2014 12:22:11 +0000 (14:22 +0200)]
Bump to 3.3.6rc1

10 years agoref #19855: skip uuid test_find_mac on non-Posix as in later branches
Georg Brandl [Wed, 1 Oct 2014 20:31:04 +0000 (22:31 +0200)]
ref #19855: skip uuid test_find_mac on non-Posix as in later branches

10 years agoFix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX).
Georg Brandl [Wed, 1 Oct 2014 17:15:11 +0000 (19:15 +0200)]
Fix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX).

10 years agoIssue #19855: uuid.getnode() on Unix now looks on the PATH for the
Georg Brandl [Tue, 30 Sep 2014 17:34:19 +0000 (19:34 +0200)]
Issue #19855: uuid.getnode() on Unix now looks on the PATH for the
executables used to find the mac address, with /sbin and /usr/sbin as
fallbacks.

Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with
virtual interface.  Original patch by Kent Frazier.

Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL,
if all necessary functions are already found in libuuid.
Patch by Evgeny Sologubov.

Issue #16102: Make uuid._netbios_getnode() work again on Python 3.

10 years agoBackport b533cc11d114 to fix intermittent test_urllibnet failures.
Georg Brandl [Tue, 30 Sep 2014 15:30:18 +0000 (17:30 +0200)]
Backport b533cc11d114 to fix intermittent test_urllibnet failures.

10 years agoAdd a dummy "touch" target to the Makefile so that the custom buildbots can test...
Georg Brandl [Tue, 30 Sep 2014 14:41:11 +0000 (16:41 +0200)]
Add a dummy "touch" target to the Makefile so that the custom buildbots can test this branch.

10 years agoFix-up for 0f362676460d: add missing size argument to SSLFakeFile.readline(), as...
Georg Brandl [Tue, 30 Sep 2014 14:31:21 +0000 (16:31 +0200)]
Fix-up for 0f362676460d: add missing size argument to SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b

10 years agoprevent overflow in unicode_repr (closes #22520)
Benjamin Peterson [Tue, 30 Sep 2014 03:02:15 +0000 (23:02 -0400)]
prevent overflow in unicode_repr (closes #22520)

10 years agoclear BufferedRWPair weakrefs on deallocation (closes #22517)
Benjamin Peterson [Tue, 30 Sep 2014 02:46:57 +0000 (22:46 -0400)]
clear BufferedRWPair weakrefs on deallocation (closes #22517)

10 years agothese variables ought to be Py_ssize_t
Benjamin Peterson [Mon, 29 Sep 2014 23:12:26 +0000 (19:12 -0400)]
these variables ought to be Py_ssize_t

10 years agofix overflow checking in PyBytes_Repr (closes #22519)
Benjamin Peterson [Mon, 29 Sep 2014 23:01:18 +0000 (19:01 -0400)]
fix overflow checking in PyBytes_Repr (closes #22519)

10 years agoNEWS issue for #22518
Benjamin Peterson [Mon, 29 Sep 2014 22:42:35 +0000 (18:42 -0400)]
NEWS issue for #22518

10 years agocleanup overflowing handling in unicode_decode_call_errorhandler and unicode_encode_u...
Benjamin Peterson [Mon, 29 Sep 2014 22:18:57 +0000 (18:18 -0400)]
cleanup overflowing handling in unicode_decode_call_errorhandler and unicode_encode_ucs1 (closes #22518)

10 years agoIssue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536...
Senthil Kumaran [Wed, 17 Sep 2014 08:29:29 +0000 (16:29 +0800)]
Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536 bytes.

10 years agoIssue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces.
Senthil Kumaran [Wed, 17 Sep 2014 05:17:58 +0000 (13:17 +0800)]
Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces.

10 years agoLax cookie parsing in http.cookies could be a security issue when combined
Antoine Pitrou [Tue, 16 Sep 2014 22:23:55 +0000 (00:23 +0200)]
Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.

10 years agoIssue #13540: Merge changes from 3.2
Jason R. Coombs [Sun, 3 Aug 2014 19:26:32 +0000 (15:26 -0400)]
Issue #13540: Merge changes from 3.2

10 years agoIssue #13540: Update references to Action class to match syntax used for other classe...
Jason R. Coombs [Sun, 3 Aug 2014 18:54:11 +0000 (14:54 -0400)]
Issue #13540: Update references to Action class to match syntax used for other classes in this file.