| f4a27c2 | Benjamin Peterson | 15 October 2014, 22:07:54 UTC | goodbye, 2.6 | 15 October 2014, 22:07:54 UTC |
| 418d922 | Benjamin Peterson | 02 April 2014, 03:55:11 UTC | Added tag v2.6.7 for changeset a39a30ac7f2e | 02 April 2014, 03:55:11 UTC |
| fe2af45 | Barry Warsaw | 30 October 2013, 15:24:51 UTC | Closing the 2.6 branch | 30 October 2013, 15:24:51 UTC |
| a9827e9 | Barry Warsaw | 29 October 2013, 14:16:34 UTC | Added tag v2.6.9 for changeset fcb3ec2842f9 | 29 October 2013, 14:16:34 UTC |
| 741501d | Barry Warsaw | 29 October 2013, 14:14:05 UTC | version bump | 29 October 2013, 14:14:05 UTC |
| 963ed41 | Barry Warsaw | 29 October 2013, 14:10:41 UTC | updating topics | 29 October 2013, 14:10:41 UTC |
| 8eb18ec | Barry Warsaw | 01 October 2013, 15:38:38 UTC | Typo caught by : Arfrever Frehtes Taifersar Arahesis. | 01 October 2013, 15:38:38 UTC |
| 450da6f | Barry Warsaw | 01 October 2013, 01:49:31 UTC | post release bump | 01 October 2013, 01:49:31 UTC |
| 5e5b053 | Barry Warsaw | 01 October 2013, 00:37:58 UTC | Added tag v2.6.9rc1 for changeset a0025037f11a | 01 October 2013, 00:37:58 UTC |
| 3d56620 | Barry Warsaw | 01 October 2013, 00:37:45 UTC | Bump copyright years. | 01 October 2013, 00:37:45 UTC |
| 5c98584 | Barry Warsaw | 01 October 2013, 00:34:29 UTC | Bump to 2.6.9rc1 | 01 October 2013, 00:34:29 UTC |
| dd9c863 | Barry Warsaw | 01 October 2013, 00:31:56 UTC | Regenerate pydoc_topics.py | 01 October 2013, 00:31:56 UTC |
| edca955 | Barry Warsaw | 30 September 2013, 22:35:15 UTC | - Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen. | 30 September 2013, 22:35:15 UTC |
| 225faff | Barry Warsaw | 30 September 2013, 20:45:40 UTC | Fix typo in NEWS file. | 30 September 2013, 20:45:40 UTC |
| 537738c | Barry Warsaw | 30 September 2013, 19:56:29 UTC | - Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to prevent readline() calls from consuming too much member. Patch by Jyrki Pulliainen. | 30 September 2013, 19:56:29 UTC |
| fbd2211 | Barry Warsaw | 29 September 2013, 17:59:06 UTC | - Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than 100 headers are read. Adapted from patch by Jyrki Pulliainen. | 29 September 2013, 17:59:06 UTC |
| 8cc020d | Barry Warsaw | 25 September 2013, 13:36:58 UTC | - Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola. with test fixes by Serhiy Storchaka. | 25 September 2013, 13:36:58 UTC |
| 1874f47 | Barry Warsaw | 22 September 2013, 20:07:09 UTC | - Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit line length. Patch by Emil Lind. | 22 September 2013, 20:07:09 UTC |
| 4a19682 | R David Murray | 18 September 2013, 12:49:25 UTC | #14984: only import pwd on POSIX. | 18 September 2013, 12:49:25 UTC |
| d1861e5 | R David Murray | 18 September 2013, 00:08:09 UTC | Add versionchanged for #14984, remove extra blank from string. | 18 September 2013, 00:08:09 UTC |
| 8f3680a | R David Murray | 16 September 2013, 17:48:44 UTC | #14984: On POSIX, enforce permissions when reading default .netrc. Initial patch by Bruno Piguet. This is implemented as if a useful .netrc file could exist without passwords, which is possible in the general case; but in fact our netrc implementation does not support it. Fixing that issue will be an enhancement. | 16 September 2013, 17:48:44 UTC |
| aa5e726 | Andrew Kuchling | 15 September 2013, 17:11:47 UTC | #16042: CVE-2013-1752: Limit amount of data read by limiting the call to readline(). The SSLFakeFile.readline() method needs to support limiting readline() as well. It's not a full emulation of readline()'s signature, but this class is only used by smtplib's code, so it doesn't have to be. Modified version of original patch by Christian Heimes. | 15 September 2013, 17:11:47 UTC |
| 6169b81 | Christian Heimes | 05 September 2013, 14:04:35 UTC | Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case | 05 September 2013, 14:04:35 UTC |
| 4627799 | Christian Heimes | 03 September 2013, 12:47:00 UTC | Python 2.6's ssl module has neither OPENSSL_VERSION_INFO nor _OPENSSL_API_VERSION | 03 September 2013, 12:47:00 UTC |
| c931e3b | Christian Heimes | 25 August 2013, 12:12:41 UTC | Issue #18709: Fix issue with IPv6 address in subjectAltName on Mac OS X Tiger | 25 August 2013, 12:12:41 UTC |
| 4d07483 | Barry Warsaw | 23 August 2013, 17:26:49 UTC | - Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for `rfc822Name` (email), `dNSName` (DNS) and `uniformResourceIdentifier` (URI). | 23 August 2013, 17:26:49 UTC |
| 6a44f92 | Barry Warsaw | 21 August 2013, 00:35:20 UTC | Fix UnboundLocalError regression due to previous incorrect fix for issue 16248. | 21 August 2013, 00:35:20 UTC |
| 29f9b21 | Barry Warsaw | 20 February 2013, 23:19:55 UTC | - Issue #16248: Disable code execution from the user's home directory by tkinter when the -E flag is passed to Python. Patch by Zachary Ware. | 20 February 2013, 23:19:55 UTC |
| f1b7726 | Georg Brandl | 28 October 2012, 07:04:38 UTC | #8040: port versionswitcher patch to 2.6. | 28 October 2012, 07:04:38 UTC |
| eedb9d8 | Barry Warsaw | 10 April 2012, 18:50:39 UTC | Post release twiddle. | 10 April 2012, 18:50:39 UTC |
| 2d16d1e | Barry Warsaw | 10 April 2012, 15:18:47 UTC | Added tag v2.6.8 for changeset c9910fd022fc | 10 April 2012, 15:18:47 UTC |
| 842378a | Barry Warsaw | 10 April 2012, 14:59:35 UTC | Bump to 2.6.8 | 10 April 2012, 14:59:35 UTC |
| 906ccd8 | Barry Warsaw | 10 April 2012, 14:56:26 UTC | update docs | 10 April 2012, 14:56:26 UTC |
| 544dfb8 | Georg Brandl | 18 March 2012, 06:31:17 UTC | Remove duplicate hgtags entries for 2.6.8rc{1,2}. | 18 March 2012, 06:31:17 UTC |
| e54e5d4 | Barry Warsaw | 17 March 2012, 22:34:05 UTC | Added tag v2.6.8rc2 for changeset bd9e1a02e3e3 | 17 March 2012, 22:34:05 UTC |
| ad6c58a | Barry Warsaw | 17 March 2012, 22:19:42 UTC | Added tag v2.6.8rc2 for changeset 1d1b7b9fad48 | 17 March 2012, 22:19:42 UTC |
| f4f6af2 | Barry Warsaw | 17 March 2012, 22:19:15 UTC | Bump to 2.6.8rc2 | 17 March 2012, 22:19:15 UTC |
| 3e09d9a | Barry Warsaw | 17 March 2012, 22:16:58 UTC | Update Docs and NEWS for 2.6.8rc2. | 17 March 2012, 22:16:58 UTC |
| 5e5bed8 | Barry Warsaw | 15 March 2012, 00:10:41 UTC | - Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash table internal to the pyexpat module's copy of the expat library to avoid a denial of service due to hash collisions. Patch by David Malcolm with some modifications by the expat project. | 15 March 2012, 00:10:41 UTC |
| bcfa813 | Barry Warsaw | 23 February 2012, 16:10:31 UTC | Added tag v2.6.8rc1 for changeset 5356b6c7fd66 | 23 February 2012, 16:10:31 UTC |
| 2ad5123 | Barry Warsaw | 23 February 2012, 15:59:50 UTC | Added tag v2.6.8rc1 for changeset caab08cd2b3e | 23 February 2012, 15:59:50 UTC |
| 40bae7e | Barry Warsaw | 23 February 2012, 15:59:38 UTC | Bump some more copyright years (as per PEP 101), since this is the first release of 2.6 for 2012. | 23 February 2012, 15:59:38 UTC |
| 07c3c52 | Barry Warsaw | 23 February 2012, 15:55:57 UTC | Bump to version 2.6.8rc1. | 23 February 2012, 15:55:57 UTC |
| 8c71ce7 | Barry Warsaw | 22 February 2012, 22:26:50 UTC | Back port from 2.7: http://hg.python.org/cpython/rev/48705250232c changeset: 75187:48705250232c branch: 2.7 parent: 75184:9a1d902714ae user: Antoine Pitrou <solipsis@pitrou.net> date: Wed Feb 22 22:16:25 2012 +0100 | 22 February 2012, 22:26:50 UTC |
| 51857e7 | Barry Warsaw | 22 February 2012, 18:50:04 UTC | Backport from 2.7: changeset: 75153:9b7c6dd19e25 branch: 2.7 parent: 75151:b1a02c17b327 user: Antoine Pitrou <solipsis@pitrou.net> date: Tue Feb 21 22:02:04 2012 +0100 files: Lib/test/test_os.py | 22 February 2012, 18:50:04 UTC |
| 8842348 | Barry Warsaw | 22 February 2012, 18:34:18 UTC | Backport from 2.7 branch. changeset: 75165:780008020c40 user: Antoine Pitrou <solipsis@pitrou.net> date: Wed Feb 22 03:33:56 2012 +0100 summary: Fix (presumably) test_hash under big-endian systems (PPC). | 22 February 2012, 18:34:18 UTC |
| 27761b8 | Georg Brandl | 21 February 2012, 21:36:27 UTC | Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion. | 21 February 2012, 21:36:27 UTC |
| 92b19a9 | Benjamin Peterson | 21 February 2012, 20:08:51 UTC | don't need this hack anymore | 21 February 2012, 20:08:51 UTC |
| a604b3a | Antoine Pitrou | 21 February 2012, 19:42:48 UTC | Fix crash at startup with -W options. | 21 February 2012, 19:42:48 UTC |
| c5302ce | Benjamin Peterson | 21 February 2012, 16:23:21 UTC | merge heads | 21 February 2012, 16:23:21 UTC |
| b3f4ebb | Barry Warsaw | 21 February 2012, 16:16:06 UTC | Backport fix from default branch for ./python -R -Wd where hash('d') would not have gotten randomized. | 21 February 2012, 16:16:06 UTC |
| 433e54d | Benjamin Peterson | 21 February 2012, 16:08:50 UTC | ensure no one tries to hash things before the random seed is found | 21 February 2012, 16:08:50 UTC |
| 8f36ecc | Barry Warsaw | 21 February 2012, 15:22:34 UTC | Let's sort the keys so that this test passes even with random hashes. | 21 February 2012, 15:22:34 UTC |
| 6041e83 | Barry Warsaw | 21 February 2012, 01:44:15 UTC | Whitespace normalization | 21 February 2012, 01:44:15 UTC |
| 44dd84d | Barry Warsaw | 21 February 2012, 01:42:21 UTC | - Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types. Patch by David Malcolm, based on work by Victor Stinner. | 21 February 2012, 01:42:21 UTC |
| a938102 | Barry Warsaw | 20 February 2012, 19:43:22 UTC | Back port Python 2.7 fix for test_invalid_redirect() in test_urllib.py. | 20 February 2012, 19:43:22 UTC |
| 10a07b7 | Charles-François Natali | 18 February 2012, 13:15:38 UTC | Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon malformed POST request. | 18 February 2012, 13:15:38 UTC |
| a2eb0a4 | Antoine Pitrou | 27 January 2012, 08:42:45 UTC | Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. | 27 January 2012, 08:42:45 UTC |
| 43237ce | Martin v. Löwis | 31 October 2011, 11:39:25 UTC | merge closing of 2.5 branch | 31 October 2011, 11:39:25 UTC |
| 314f006 | Martin v. Löwis | 31 October 2011, 11:38:50 UTC | 2.5 is no longer maintained | 31 October 2011, 11:38:50 UTC |
| c3b8cce | Éric Araujo | 28 July 2011, 20:27:28 UTC | Remove mentions of previous license in profile module (#12417 followup) | 28 July 2011, 20:27:28 UTC |
| b4a47f1 | Benjamin Peterson | 29 June 2011, 02:57:21 UTC | fix ws | 29 June 2011, 02:57:21 UTC |
| 0322a06 | Benjamin Peterson | 27 June 2011, 14:14:34 UTC | update profile license (closes #12417) | 27 June 2011, 14:14:34 UTC |
| faf0edf | Barry Warsaw | 04 June 2011, 00:05:48 UTC | Replay svn r88852. | 04 June 2011, 00:05:48 UTC |
| ac77b5b | Barry Warsaw | 04 June 2011, 00:02:47 UTC | Replay svn r88850. | 04 June 2011, 00:02:47 UTC |
| 9e2de5f | Martin v. Löwis | 28 May 2011, 12:13:32 UTC | Nearly null-merge 2.5.6 | 28 May 2011, 12:13:32 UTC |
| 6982f3e | Martin v. Löwis | 28 May 2011, 12:06:55 UTC | merge 2.5.6c1 tag | 28 May 2011, 12:06:55 UTC |
| 7b30c2f | Martin v. Löwis | 28 May 2011, 12:05:31 UTC | Added tag v2.5.6c1 for changeset a87c7b96672b | 28 May 2011, 12:05:31 UTC |
| 548a96c | Martin v. Löwis | 28 May 2011, 12:00:37 UTC | Added tag v2.5.6 for changeset de34c7b097e8 | 28 May 2011, 12:00:37 UTC |
| c459641 | Martin v. Löwis | 28 May 2011, 11:58:36 UTC | r88840: Prepare for 2.5.6. | 28 May 2011, 11:58:36 UTC |
| cf7a89f | Martin v. Löwis | 28 May 2011, 11:57:28 UTC | r88828: Fix year. | 28 May 2011, 11:57:28 UTC |
| 9115e45 | Martin v. Löwis | 28 May 2011, 11:56:22 UTC | r88824: Prepare for 2.5.6c1. | 28 May 2011, 11:56:22 UTC |
| 51228dc | Barry Warsaw | 23 May 2011, 19:27:52 UTC | Replay changeset 70249:b571c7a8cf2e from fubar branch. Original commit message: Merging post 2.6.7rc2 changes from Subversion. | 23 May 2011, 19:27:52 UTC |
| bdd75a6 | Barry Warsaw | 23 May 2011, 19:26:11 UTC | Replay changeset 70248:c714e2f92f63 from fubar branch. Original commit message: Cross-port changes for 2.6.7rc2 from the Subversion branch. | 23 May 2011, 19:26:11 UTC |
| 5725b11 | Barry Warsaw | 23 May 2011, 19:22:56 UTC | Replay changeset 70238:03e488b5c009 from fubar branch. Original commit message: Reconcile with the 2.6svn branch. The 2.6.7 release will be made from Subversion, but there were differences, so this brings them in sync. These changes should *not* propagate to any newer versions. | 23 May 2011, 19:22:56 UTC |
| d1f1b16 | Barry Warsaw | 23 May 2011, 01:16:55 UTC | These files have Windows line endings in 2.6. | 23 May 2011, 01:16:55 UTC |
| b9be72c | Łukasz Langa | 28 April 2011, 15:27:59 UTC | Closes #11786: ConfigParser.[Raw]ConfigParser optionxform(). | 28 April 2011, 15:27:59 UTC |
| dec8497 | Martin v. Löwis | 17 April 2011, 20:56:19 UTC | merge 11442 NEWS | 17 April 2011, 20:56:19 UTC |
| faa177f | Martin v. Löwis | 17 April 2011, 20:29:40 UTC | Issue 11442: Add NEWS entry for e9724d7abbc2 | 17 April 2011, 20:29:40 UTC |
| aa403b4 | Guido van Rossum | 29 March 2011, 20:03:10 UTC | Merge cleanup. | 29 March 2011, 20:03:10 UTC |
| 2288380 | Guido van Rossum | 29 March 2011, 19:51:16 UTC | Merge issue 11662 from 2.5. | 29 March 2011, 19:51:16 UTC |
| be51e00 | guido | 29 March 2011, 17:48:23 UTC | Merge urllib/urllib2 security fix from 2.5 branch. | 29 March 2011, 17:48:23 UTC |
| 57ad4da | guido | 29 March 2011, 16:53:33 UTC | Adding .hgignore (copied from default branch). | 29 March 2011, 16:53:33 UTC |
| 3723575 | Vinay Sajip | 29 March 2011, 00:07:50 UTC | Issue #11639: Configuration function documentation referred to logging.XXX rather than logging.config.XXX. | 29 March 2011, 00:07:50 UTC |
| aa13c24 | guido | 28 March 2011, 20:53:40 UTC | Add CVE number to urllib/urllib2 news item. | 28 March 2011, 20:53:40 UTC |
| 171f03d | guido | 28 March 2011, 20:47:01 UTC | Add tests for the urllib[2] vulnerability. Change to raise exceptions. | 28 March 2011, 20:47:01 UTC |
| 83e4a1d | guido | 24 March 2011, 17:44:17 UTC | Add FTP to the allowed url schemes. Add Misc/NEWS. | 24 March 2011, 17:44:17 UTC |
| 96ec281 | guido | 24 March 2011, 15:07:45 UTC | Issue 22663: fix redirect vulnerability in urllib/urllib2. | 24 March 2011, 15:07:45 UTC |
| 078f122 | Martin v. Löwis | 21 March 2011, 09:31:44 UTC | null merge | 21 March 2011, 09:31:44 UTC |
| 4310032 | Martin v. Löwis | 21 March 2011, 09:30:07 UTC | Set subversion version identification to empty strings if this is not a subversion checkout (but a mercurial one). Closes #11579. Closes #11421. Patch by Senthil Kumaran. | 21 March 2011, 09:30:07 UTC |
| 235e913 | Guido van Rossum | 19 March 2011, 23:20:39 UTC | Whoops. The copyright should be two lines (merge from 2.5). | 19 March 2011, 23:20:39 UTC |
| aafa820 | Guido van Rossum | 19 March 2011, 23:20:06 UTC | Whoops. The copyright should be two lines. | 19 March 2011, 23:20:06 UTC |
| d261a49 | Guido van Rossum | 19 March 2011, 23:17:14 UTC | Test commit. Add 2011 to copyright line (merge from 2.5). | 19 March 2011, 23:17:14 UTC |
| 2c2c310 | Guido van Rossum | 19 March 2011, 23:14:44 UTC | Test commit. Add 2011 to copyright line. | 19 March 2011, 23:14:44 UTC |
| 7d339ff | Senthil Kumaran | 17 March 2011, 06:23:24 UTC | merge from 2.5 branch. | 17 March 2011, 06:23:24 UTC |
| 5bd75ae | Senthil Kumaran | 17 March 2011, 04:34:18 UTC | Fix issue11442 - Add a charset parameter to the Content-type to avoid XSS attacks. Patch by Tom N. (Backported from py3k codeline). | 17 March 2011, 04:34:18 UTC |
| 1dcdaba | Vinay Sajip | 11 March 2011, 18:44:10 UTC | Reverted bug fixes for #11444 (fc4d045e3170) and #11424 (b9d76846bb1c), which should not have been made in this branch. | 11 March 2011, 18:44:10 UTC |
| c2b2444 | Vinay Sajip | 08 March 2011, 22:39:55 UTC | Issue #11444: Lock handlers while flushing/closing during shutdown. | 08 March 2011, 22:39:55 UTC |
| e58cb66 | Vinay Sajip | 07 March 2011, 15:02:11 UTC | Issue #11424: Fix bug in determining child loggers. | 07 March 2011, 15:02:11 UTC |
| 6e0c15b | Georg Brandl | 05 March 2011, 19:40:50 UTC | Merge tags from 2.5. | 05 March 2011, 19:40:50 UTC |
