summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Issue #27369: Don?t test error message detail that changed in Expat 2.2.03.2Martin Panter2016-07-142-4/+5
|
* Issue #22758: Move NEWS entry to Library sectionMartin Panter2016-07-141-3/+3
|
* #22758: fix regression in handling of secure cookies.R David Murray2016-07-103-11/+61
| | | | | This backports the fix from #16611, per discussion with the release manager.
* Issue #25940: On Windows, connecting to port 444 returns ETIMEDOUTMartin Panter2016-01-151-1/+3
|
* Issue #25940: Use self-signed.pythontest.net in SSL testsMartin Panter2016-01-146-96/+97
| | | | | | | | | | | | | | | | | | | | This is instead of svn.python.org, whose certificate recently expired, and whose new certificate uses a different root certificate. The certificate used at the pythontest server was modifed to set the "basic constraints" CA flag. This flag seems to be required for test_get_ca_certs_ capath() to work (in Python 3.4+). Added the new self-signed certificate to capath with the following commands: cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/} c_rehash -v Lib/test/capath/ c_rehash -v -old Lib/test/capath/ # Note the generated file names cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0} mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0} The new server responds with "No route to host" when connecting to port 444.
* Issue #25940: Backport self-signed.pythontest.net testing for test_httplibGeorg Brandl2014-11-052-7/+24
| | | | | The svn.python.org server recently changed root certificate, causing the test to fail. This backports revision 4985375db40f.
* add CVE and issue numberBenjamin Peterson2015-12-051-2/+3
|
* keep distutils version in sync with python version automaticallyBenjamin Peterson2015-05-251-7/+3
|
* allow square brackets in cookie values (closes #22931)Benjamin Peterson2015-05-233-3/+23
|
* properly handle malloc failure (closes #24044)Benjamin Peterson2015-04-232-2/+7
| | | | Patch by Christian Heimes.
* remove RPM, since it's unused and unmaintainedBenjamin Peterson2015-02-183-424/+0
|
* Issue #23055: Fixed read-past-the-end error in PyUnicode_FromFormatV.Serhiy Storchaka2015-01-311-0/+2
|
* Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. AnalysisSerhiy Storchaka2015-01-273-33/+161
| | | | and fix by Guido Vranken.
* add some overflow checks before multiplying (closes #23165)Benjamin Peterson2015-01-042-3/+16
|
* update for copyright for 2015Benjamin Peterson2014-12-316-7/+7
|
* delete old ftpmirror script, which now has security bugs (closes #23130)Benjamin Peterson2014-12-301-405/+0
|
* add a default limit for the amount of data xmlrpclib.gzip_decode will return ↵Benjamin Peterson2014-12-053-3/+36
| | | | (closes #16043)
* use pythontest.net for url fragment testBenjamin Peterson2014-11-051-2/+2
|
* move idna test domain to pythontest.netBenjamin Peterson2014-11-031-3/+4
|
* Added tag v3.2.6 for changeset 0bd5f4f14de9Georg Brandl2014-10-120-0/+0
|
* Bump to 3.2.6v3.2.6Georg Brandl2014-10-125-8/+8
|
* #16040: fix unlimited read from connection in nntplib.Georg Brandl2014-10-123-1/+24
|
* Added tag v3.2.6rc1 for changeset 51382a5598ecGeorg Brandl2014-10-040-0/+0
|
* Copyright year update, add version to licenses.v3.2.6rc1Georg Brandl2014-10-045-5/+11
|
* Bump to 3.2.6rc1Georg Brandl2014-10-046-11/+11
|
* ref #19855: skip uuid test_find_mac on non-Posix as in later branchesGeorg Brandl2014-10-011-2/+3
|
* Fix unicode_aswidechar() for 4b unicode and 2b wchar_t (AIX).Georg Brandl2014-10-012-1/+7
|
* Issue #19855: uuid.getnode() on Unix now looks on the PATH for theGeorg Brandl2014-09-304-16/+67
| | | | | | | | | | | | | | executables used to find the mac address, with /sbin and /usr/sbin as fallbacks. Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with virtual interface. Original patch by Kent Frazier. Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL, if all necessary functions are already found in libuuid. Patch by Evgeny Sologubov. Issue #16102: Make uuid._netbios_getnode() work again on Python 3.
* Backport b533cc11d114 to fix intermittent test_urllibnet failures.Georg Brandl2014-09-301-1/+1
|
* Add a dummy "touch" target to the Makefile so that the custom buildbots can ↵Georg Brandl2014-09-301-1/+4
| | | | test this branch.
* Fix-up for 0f362676460d: add missing size argument to ↵Georg Brandl2014-09-301-1/+5
| | | | SSLFakeFile.readline(), as in 2.6 backport 8a6def3add5b
* Issue #20939: Use www.example.com instead of www.python.org to avoid testNed Deily2014-03-263-18/+25
| | | | failures when ssl is not present.
* Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limitGeorg Brandl2014-09-303-1/+27
| | | | line length. Patch by Emil Lind.
* Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all ↵Georg Brandl2014-09-173-2/+7
| | | | interfaces.
* Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-174-1/+16
| | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
* Issue #22419: Limit the length of incoming HTTP request in wsgiref server toGeorg Brandl2014-09-304-1/+18
| | | | | 65536 bytes and send a 414 error code for higher lengths. Patch contributed by Devin Cook.
* Issue #22517: When a io.BufferedRWPair object is deallocated, clear itsGeorg Brandl2014-09-303-0/+11
| | | | weakrefs.
* Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 toGeorg Brandl2014-09-303-2/+19
| | | | | prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
* Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read byGeorg Brandl2014-09-304-4/+43
| | | | limiting the call to readline(). Original patch by Christian Heimes.
* Issue #18747: document issue with OpenSSL's CPRNG state and forkChristian Heimes2013-10-292-0/+12
|
* Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read byGeorg Brandl2014-09-303-6/+43
| | | | | limiting the call to readline(). Original patch by Micha? Jastrz?bski and Giampaolo Rodola.
* Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more thanGeorg Brandl2014-09-304-2/+18
| | | | 100 headers are read. Adapted from patch by Jyrki Pulliainen.
* Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytesGeorg Brandl2014-09-304-6/+185
| | | | | | | inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI).
* Issue #13540: Update references to Action class to match syntax used for ↵Jason R. Coombs2014-08-031-2/+2
| | | | other classes in this file.
* Issue #13540: Removed redundant documentation about Action instance ↵Jason R. Coombs2014-07-201-49/+26
| | | | attributes. Updated example and documentation per recommendations by Steven Bethard in msg149524.
* Issue #13540: Expanded argparse documents to clarify the action APIJason R. Coombs2011-12-131-19/+76
|
* Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-124-5/+25
| | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
* expect the correct platform-dependent linesepBenjamin Peterson2014-06-161-1/+1
|
* url unquote the path before checking if it refers to a CGI script (closes ↵Benjamin Peterson2014-06-143-1/+9
| | | | #21766)
* fix poor spellingBenjamin Peterson2014-04-141-1/+1
|
View Lorry Controller Status