| edc3cba | Georg Brandl | 04 October 2014, 12:16:59 UTC | Copyright year update, add version to licenses. | 04 October 2014, 12:16:59 UTC |
| e800a0e | Georg Brandl | 04 October 2014, 12:15:42 UTC | Bump to 3.2.6rc1 | 04 October 2014, 12:15:42 UTC |
| 4480d30 | Georg Brandl | 01 October 2014, 20:31:04 UTC | ref #19855: skip uuid test_find_mac on non-Posix as in later branches | 01 October 2014, 20:31:04 UTC |
| ff3e5e3 | Georg Brandl | 01 October 2014, 17:15:11 UTC | Fix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX). | 01 October 2014, 17:15:11 UTC |
| 51c1162 | Georg Brandl | 30 September 2014, 17:34:19 UTC | Issue #19855: uuid.getnode() on Unix now looks on the PATH for the executables used to find the mac address, with /sbin and /usr/sbin as fallbacks. Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with virtual interface. Original patch by Kent Frazier. Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, if all necessary functions are already found in libuuid. Patch by Evgeny Sologubov. Issue #16102: Make uuid._netbios_getnode() work again on Python 3. | 30 September 2014, 17:34:19 UTC |
| 3bc3567 | Georg Brandl | 30 September 2014, 15:30:18 UTC | Backport b533cc11d114 to fix intermittent test_urllibnet failures. | 30 September 2014, 15:30:18 UTC |
| 4615076 | Georg Brandl | 30 September 2014, 14:41:11 UTC | Add a dummy "touch" target to the Makefile so that the custom buildbots can test this branch. | 30 September 2014, 14:41:11 UTC |
| 786c8e7 | Georg Brandl | 30 September 2014, 14:31:21 UTC | Fix-up for 0f362676460d: add missing size argument to SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b | 30 September 2014, 14:31:21 UTC |
| e558181 | Ned Deily | 27 March 2014, 06:31:39 UTC | Issue #20939: Use www.example.com instead of www.python.org to avoid test failures when ssl is not present. | 27 March 2014, 06:31:39 UTC |
| fd9262c | Georg Brandl | 30 September 2014, 14:00:09 UTC | Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit line length. Patch by Emil Lind. | 30 September 2014, 14:00:09 UTC |
| 0840b41 | Georg Brandl | 17 September 2014, 05:17:58 UTC | Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces. | 17 September 2014, 05:17:58 UTC |
| dad182c | Antoine Pitrou | 16 September 2014, 22:23:55 UTC | Lax cookie parsing in http.cookies could be a security issue when combined with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov. | 16 September 2014, 22:23:55 UTC |
| 860c367 | Georg Brandl | 30 September 2014, 12:56:46 UTC | Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook. | 30 September 2014, 12:56:46 UTC |
| 21bf3f9 | Georg Brandl | 30 September 2014, 12:54:39 UTC | Issue #22517: When a io.BufferedRWPair object is deallocated, clear its weakrefs. | 30 September 2014, 12:54:39 UTC |
| eaca861 | Georg Brandl | 30 September 2014, 12:45:39 UTC | Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen. | 30 September 2014, 12:45:39 UTC |
| 210ee47 | Georg Brandl | 30 September 2014, 12:18:02 UTC | Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by limiting the call to readline(). Original patch by Christian Heimes. | 30 September 2014, 12:18:02 UTC |
| 70088f1 | Christian Heimes | 29 October 2013, 20:08:56 UTC | Issue #18747: document issue with OpenSSL's CPRNG state and fork | 29 October 2013, 20:08:56 UTC |
| c9cb18d | Georg Brandl | 30 September 2014, 12:12:24 UTC | Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola. | 30 September 2014, 12:12:24 UTC |
| f0746ca | Georg Brandl | 30 September 2014, 12:08:04 UTC | Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than 100 headers are read. Adapted from patch by Jyrki Pulliainen. | 30 September 2014, 12:08:04 UTC |
| ec3c103 | Georg Brandl | 30 September 2014, 12:04:51 UTC | Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI). | 30 September 2014, 12:04:51 UTC |
| 79690ac | Jason R. Coombs | 03 August 2014, 18:54:11 UTC | Issue #13540: Update references to Action class to match syntax used for other classes in this file. | 03 August 2014, 18:54:11 UTC |
| eb0ef41 | Jason R. Coombs | 20 July 2014, 14:52:46 UTC | Issue #13540: Removed redundant documentation about Action instance attributes. Updated example and documentation per recommendations by Steven Bethard in msg149524. | 20 July 2014, 14:52:46 UTC |
| f28cf7a | Jason R. Coombs | 14 December 2011, 04:36:45 UTC | Issue #13540: Expanded argparse documents to clarify the action API | 14 December 2011, 04:36:45 UTC |
| 915a30f | Ned Deily | 13 July 2014, 05:06:26 UTC | Issue #21323: Fix http.server to again handle scripts in CGI subdirectories, broken by the fix for security issue #19435. Patch by Zach Byrne. | 13 July 2014, 05:06:26 UTC |
| 314dc12 | Benjamin Peterson | 17 June 2014, 06:15:50 UTC | expect the correct platform-dependent linesep | 17 June 2014, 06:15:50 UTC |
| 73b8b1c | Benjamin Peterson | 15 June 2014, 01:36:29 UTC | url unquote the path before checking if it refers to a CGI script (closes #21766) | 15 June 2014, 01:36:29 UTC |
| 49991de | Benjamin Peterson | 14 April 2014, 16:15:28 UTC | fix poor spelling | 14 April 2014, 16:15:28 UTC |
| 6ef2b36 | Benjamin Peterson | 14 April 2014, 15:45:21 UTC | disallow a negative idx parameter | 14 April 2014, 15:45:21 UTC |
| 99b5afa | Benjamin Peterson | 14 April 2014, 02:10:38 UTC | in scan_once, prevent the reading of arbitrary memory when passed a negative index Bug reported by Guido Vranken. | 14 April 2014, 02:10:38 UTC |
| 80e6af1 | Benjamin Peterson | 04 April 2014, 13:50:35 UTC | fix versionchanged version | 04 April 2014, 13:50:35 UTC |
| ee5f1c1 | Benjamin Peterson | 01 April 2014, 23:13:18 UTC | remove directory mode check from makedirs (closes #21082) | 01 April 2014, 23:13:18 UTC |
| b4be376 | Benjamin Peterson | 31 March 2014, 17:44:53 UTC | use https docs url (#21115) | 31 March 2014, 17:44:53 UTC |
| 8aef28a | Benjamin Peterson | 31 March 2014, 00:33:47 UTC | add Ian Beer | 31 March 2014, 00:33:47 UTC |
| 23cf403 | Benjamin Peterson | 30 March 2014, 23:47:57 UTC | fix expandtabs overflow detection to be consistent and not rely on signed overflow | 30 March 2014, 23:47:57 UTC |
| cf25c5c | Benjamin Peterson | 12 March 2014, 23:05:53 UTC | use ssl.PROTOCOL_SSLv23 for maximum compatibility (closes #20896) | 12 March 2014, 23:05:53 UTC |
| d9bed99 | Stefan Krah | 21 January 2014, 21:58:40 UTC | Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts. | 21 January 2014, 21:58:40 UTC |
| 1b94030 | Benjamin Peterson | 20 February 2014, 03:55:16 UTC | update logo url (#20695) | 20 February 2014, 03:55:16 UTC |
| f6218a2 | Benjamin Peterson | 20 February 2014, 03:56:35 UTC | open retrieved file in binary mode, since it's now compressed | 20 February 2014, 03:56:35 UTC |
| fbf648e | Benjamin Peterson | 14 January 2014, 03:59:38 UTC | complain when nbytes > buflen to fix possible buffer overflow (closes #20246) | 14 January 2014, 03:59:38 UTC |
| f60b7df | Antoine Pitrou | 22 December 2013, 00:35:53 UTC | Issue #12226: HTTPS is now used by default when connecting to PyPI. | 22 December 2013, 00:35:53 UTC |
| ee7f3fc | Georg Brandl | 04 November 2013, 06:44:29 UTC | Backout 7d399099334d. | 04 November 2013, 06:44:29 UTC |
| 7b5d6ad | Georg Brandl | 04 November 2013, 06:43:41 UTC | Backout 265d369ad3b9. | 04 November 2013, 06:43:41 UTC |
| 7ec3e56 | Georg Brandl | 04 November 2013, 06:43:32 UTC | Backout d80207d15294. | 04 November 2013, 06:43:32 UTC |
| 32bf5e1 | Jason R. Coombs | 02 November 2013, 17:00:01 UTC | Update NEWS for 265d369ad3b9. | 02 November 2013, 17:00:01 UTC |
| bd26d86 | Jason R. Coombs | 02 November 2013, 15:07:35 UTC | Issue #19286: [distutils] Only match files in build_py.find_data_files. | 02 November 2013, 15:07:35 UTC |
| 93912b9 | Jason R. Coombs | 02 November 2013, 15:29:33 UTC | Issue #19286: Adding test demonstrating the failure when a directory is found in the package_data globs. | 02 November 2013, 15:29:33 UTC |
| 35aca89 | Benjamin Peterson | 30 October 2013, 16:48:59 UTC | merge 3.1 (#19435) | 30 October 2013, 16:48:59 UTC |
| 04e9de4 | Benjamin Peterson | 30 October 2013, 16:43:09 UTC | use the collapsed path in the run_cgi method (closes #19435) | 30 October 2013, 16:43:09 UTC |
| 58bf8d2 | R David Murray | 18 September 2013, 12:53:26 UTC | Merge #14984: only import pwd on POSIX. | 18 September 2013, 12:53:26 UTC |
| 505be21 | R David Murray | 18 September 2013, 12:52:38 UTC | #14984: only import pwd on POSIX. | 18 September 2013, 12:52:38 UTC |
| 8270a2c | R David Murray | 18 September 2013, 00:32:54 UTC | Merge #14984: On POSIX, enforce permissions when reading default .netrc. | 18 September 2013, 00:32:54 UTC |
| 104aab9 | R David Murray | 18 September 2013, 00:30:02 UTC | #14984: On POSIX, enforce permissions when reading default .netrc. Initial patch by Bruno Piguet. This is implemented as if a useful .netrc file could exist without passwords, which is possible in the general case; but in fact our netrc implementation does not support it. Fixing that issue will be an enhancement. | 18 September 2013, 00:30:02 UTC |
| 945a251 | Tim Peters | 15 September 2013, 20:37:25 UTC | Null merge of 3.1 into 3.2 Changeset c39f42f46a05 left a dangling head on 3.1. | 15 September 2013, 20:37:25 UTC |
| bc75046 | Georg Brandl | 14 September 2013, 07:10:21 UTC | Add a NEWS entry for b9b521efeba3. | 14 September 2013, 07:10:21 UTC |
| c5884d8 | Georg Brandl | 14 September 2013, 07:09:18 UTC | Add NEWS entry for c18c18774e24. | 14 September 2013, 07:09:18 UTC |
| c17a8df | Georg Brandl | 14 September 2013, 07:08:09 UTC | Fix tkinter regression introduced by the security fix in #16248. | 14 September 2013, 07:08:09 UTC |
| db4309e | Georg Brandl | 14 September 2013, 07:08:09 UTC | Fix tkinter regression introduced by the security fix in #16248. | 14 September 2013, 07:08:09 UTC |
| 86d53ca | Antoine Pitrou | 18 May 2013, 15:56:42 UTC | Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099). | 18 May 2013, 15:56:42 UTC |
| 8833c3b | Georg Brandl | 12 May 2013, 10:28:30 UTC | Added tag v3.2.5 for changeset cef745775b65 | 12 May 2013, 10:28:30 UTC |
| bfe36ec | Georg Brandl | 12 May 2013, 10:28:20 UTC | Bump to version 3.2.5. | 12 May 2013, 10:28:20 UTC |
| c502df4 | Georg Brandl | 12 May 2013, 09:41:12 UTC | Issue #17915: Fix interoperability of xml.sax with file objects returned by codecs.open(). | 12 May 2013, 09:41:12 UTC |
| 93b061b | Georg Brandl | 12 May 2013, 09:29:27 UTC | Issue #1159051: Back out a fix for handling corrupted gzip files that broke backwards compatibility. | 12 May 2013, 09:29:27 UTC |
| a9217a4 | Serhiy Storchaka | 28 April 2013, 11:10:27 UTC | Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3, such as was shipped with Centos 5 and Mac OS X 10.4. | 28 April 2013, 11:10:27 UTC |
| ba2f8be | Georg Brandl | 12 May 2013, 09:11:51 UTC | Issue #17843: Remove bz2 test data that triggers antivirus warnings. | 12 May 2013, 09:11:51 UTC |
| ce654f4 | Georg Brandl | 12 May 2013, 09:09:11 UTC | Issue #15535: Fix pickling of named tuples. | 12 May 2013, 09:09:11 UTC |
| a6df938 | Serhiy Storchaka | 08 April 2013, 19:35:02 UTC | Close #17666: Fix reading gzip files with an extra field. | 08 April 2013, 19:35:02 UTC |
| cf86d94 | Gregory P. Smith | 30 April 2013, 07:57:18 UTC | news entry | 30 April 2013, 07:57:18 UTC |
| 910bfb7 | Gregory P. Smith | 30 April 2013, 07:05:25 UTC | This local change was lost during the fixing of issue17192 to update libffi to 3.0.13. (i'm not sure if it is needed anymore but see issue 10309 for details which makes no mention of upstream; this change is already in 3.3 and 3.4 but may need reapplying to 2.7 as done here) | 30 April 2013, 07:05:25 UTC |
| 9330597 | Gregory P. Smith | 30 April 2013, 06:45:38 UTC | * Fix issue 17192 for 3.2 - reapply the issue11729 patch that was undone in the merge fun from upstream which already had it in 3.0.13. * Add the missing update to libffi.info. | 30 April 2013, 06:45:38 UTC |
| 11692ac | Georg Brandl | 06 April 2013, 07:37:53 UTC | Added tag v3.2.4 for changeset 1e10bdeabe3d | 06 April 2013, 07:37:53 UTC |
| 8bc7e31 | Georg Brandl | 06 April 2013, 07:36:20 UTC | Bump to 3.2.4. | 06 April 2013, 07:36:20 UTC |
| 7684fa8 | Benjamin Peterson | 04 April 2013, 02:35:12 UTC | close search and replace dialog after it is used (closes #17625) | 04 April 2013, 02:35:12 UTC |
| ef0faa5 | Georg Brandl | 02 April 2013, 09:07:27 UTC | merge | 02 April 2013, 09:07:27 UTC |
| b147aae | Martin v. Löwis | 30 March 2013, 12:06:57 UTC | Add 3.2.4 UUIDs | 30 March 2013, 12:06:57 UTC |
| 6f18a86 | Georg Brandl | 28 March 2013, 08:02:18 UTC | Fix XML vulnerability link references. | 28 March 2013, 08:02:18 UTC |
| f5390fc | Georg Brandl | 28 March 2013, 07:57:50 UTC | merge with last upstream doc changes in 3.2 | 28 March 2013, 07:57:50 UTC |
| fd4365a | Ezio Melotti | 28 March 2013, 02:31:53 UTC | Update suspicious ignore file. | 28 March 2013, 02:31:53 UTC |
| 265281a | Ezio Melotti | 27 March 2013, 18:11:55 UTC | #17329: document unittest.SkipTest. Initial patch by Zachary Ware. | 27 March 2013, 18:11:55 UTC |
| 1df04e8 | Christian Heimes | 26 March 2013, 16:35:55 UTC | Issue 17538: Document XML vulnerabilties | 26 March 2013, 16:35:55 UTC |
| 7380a67 | Christian Heimes | 26 March 2013, 16:35:55 UTC | Issue 17538: Document XML vulnerabilties | 26 March 2013, 16:35:55 UTC |
| 2323cb7 | Georg Brandl | 25 March 2013, 05:57:10 UTC | Added tag v3.2.4rc1 for changeset b2cb7bc1edb8 | 25 March 2013, 05:57:10 UTC |
| 4eb5f1a | Georg Brandl | 25 March 2013, 05:56:31 UTC | merge with main repo 3.2 branch | 25 March 2013, 05:56:31 UTC |
| 5be6d74 | Martin v. Loewis | 24 March 2013, 21:03:30 UTC | Issue #17425: Build with openssl 1.0.0k on Windows. | 24 March 2013, 21:03:30 UTC |
| 656c808 | Ezio Melotti | 23 March 2013, 21:35:06 UTC | Clean up references to threads in test_queue. | 23 March 2013, 21:35:06 UTC |
| a1ed539 | Gregory P. Smith | 23 March 2013, 18:44:25 UTC | Fixes issue #17488: Change the subprocess.Popen bufsize parameter default value from unbuffered (0) to buffering (-1) to match the behavior existing code expects and match the behavior of the subprocess module in Python 2 to avoid introducing hard to track down bugs. | 23 March 2013, 18:44:25 UTC |
| a7d2f00 | Georg Brandl | 23 March 2013, 15:06:13 UTC | Copyright update to 2013. | 23 March 2013, 15:06:13 UTC |
| b673d99 | Georg Brandl | 23 March 2013, 15:02:08 UTC | Bump to 3.2.4rc1. | 23 March 2013, 15:02:08 UTC |
| d50fe72 | Georg Brandl | 23 March 2013, 15:00:41 UTC | Fix suspicious markup in the docs. | 23 March 2013, 15:00:41 UTC |
| 47f2542 | Georg Brandl | 23 March 2013, 14:46:53 UTC | Update pydoc topics. | 23 March 2013, 14:46:53 UTC |
| 68b4cc8 | Vinay Sajip | 23 March 2013, 11:18:45 UTC | Issue #17521: Corrected non-enabling of logger following two calls to fileConfig(). | 23 March 2013, 11:18:45 UTC |
| a4cfd60 | Vinay Sajip | 23 March 2013, 10:57:47 UTC | Updated Misc/NEWS with #17508. | 23 March 2013, 10:57:47 UTC |
| 4b52ae8 | Gregory P. Smith | 22 March 2013, 20:43:30 UTC | Clean up references to the no longer existing PyString_ APIs in our docs. | 22 March 2013, 20:43:30 UTC |
| 3f885b5 | Vinay Sajip | 22 March 2013, 15:19:54 UTC | Issue #17508: Handled out-of-order handler configuration correctly. | 22 March 2013, 15:19:54 UTC |
| d5537d0 | doko@ubuntu.com | 21 March 2013, 20:21:49 UTC | - Issue #16754: Fix the incorrect shared library extension on linux. Introduce two makefile macros SHLIB_SUFFIX and EXT_SUFFIX. SO now has the value of SHLIB_SUFFIX again (as in 2.x and 3.1). The SO macro is removed in 3.4. | 21 March 2013, 20:21:49 UTC |
| 03b0116 | R David Murray | 21 March 2013, 02:11:40 UTC | #5712: Preemptively fix some other possible timing issues. | 21 March 2013, 02:11:40 UTC |
| 853c0f9 | R David Murray | 21 March 2013, 01:54:05 UTC | #5713: fix timing issue in smtplib tests. | 21 March 2013, 01:54:05 UTC |
| 1f8a40b | Gregory P. Smith | 21 March 2013, 01:32:03 UTC | remove the long obsolete mention of universal newlines mode only being available when configured at compile time. | 21 March 2013, 01:32:03 UTC |
| d312c74 | R David Murray | 21 March 2013, 00:36:14 UTC | #5713: Handle 421 error codes during sendmail by closing the socket. This is a partial fix to the issue of servers disconnecting unexpectedly; in this case the 421 says they are disconnecting, so we close the socket and return the 421 in the appropriate error context. Original patch by Mark Sapiro, updated by Kushal Das, with additional tests by me. | 21 March 2013, 00:36:14 UTC |
| 958f7ae | Ezio Melotti | 20 March 2013, 16:14:48 UTC | #17493: re-enable a test on Windows. Patch by Zachary Ware. | 20 March 2013, 16:14:48 UTC |
| 93115e0 | Ezio Melotti | 20 March 2013, 11:53:32 UTC | Fix usage of argument/parameter and markup. | 20 March 2013, 11:53:32 UTC |
