-
-
Notifications
You must be signed in to change notification settings - Fork 29.6k
Comparing changes
Open a pull request
base repository: python/cpython
base: v3.9.15
head repository: python/cpython
compare: v3.9.16
- 10 commits
- 21 files changed
- 6 contributors
Commits on Oct 11, 2022
-
Configuration menu - View commit details
-
Copy full SHA for bd4e532 - Browse repository at this point
Copy the full SHA bd4e532View commit details -
[3.9] gh-68966: Make mailcap refuse to match unsafe filenames/types/p…
Configuration menu - View commit details
-
Copy full SHA for c59a16e - Browse repository at this point
Copy the full SHA c59a16eView commit details -
[3.9] gh-96710: Make the test timing more lenient for the int/str DoS…
… regression test. (GH-96717) (#98196) gh-96710: Make the test timing more lenient for the int/str DoS regression test. (GH-96717) A regression would still absolutely fail and even a flaky pass isn't harmful as it'd fail most of the time across our N system test runs. Windows has a low resolution timer and CI systems are prone to odd timing so this just gives more leeway to avoid flakiness. (cherry picked from commit 11e3548) Co-authored-by: Gregory P. Smith <greg@krypto.org>
Configuration menu - View commit details
-
Copy full SHA for 157a8b8 - Browse repository at this point
Copy the full SHA 157a8b8View commit details
Commits on Oct 28, 2022
-
[3.9] gh-98739: Update libexpat from 2.4.9 to 2.5.0 (GH-98742) (#98786)
Update libexpat from 2.4.9 to 2.5.0 to address CVE-2022-43680. Co-authored-by: Shaun Walbridge <shaun.walbridge@gmail.com> (cherry picked from commit 3e07f82)
Configuration menu - View commit details
-
Copy full SHA for 71a075a - Browse repository at this point
Copy the full SHA 71a075aView commit details -
[3.9] gh-98517: Fix buffer overflows in _sha3 module (GH-98519) (#98526)
This is a port of the applicable part of XKCP's fix [1] for CVE-2022-37454 and avoids the segmentation fault and the infinite loop in the test cases published in [2]. [1]: XKCP/XKCP@fdc6fef [2]: https://mouha.be/sha-3-buffer-overflow/ Regression test added by: Gregory P. Smith [Google LLC] <greg@krypto.org> (cherry picked from commit 0e4e058) Co-authored-by: Theo Buehler <botovq@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 857efee - Browse repository at this point
Copy the full SHA 857efeeView commit details -
[3.9] gh-97514: Don't use Linux abstract sockets for multiprocessing (G…
…H-98501) (#98504) Linux abstract sockets are insecure as they lack any form of filesystem permissions so their use allows anyone on the system to inject code into the process. This removes the default preference for abstract sockets in multiprocessing introduced in Python 3.9+ via #18866 while fixing #84031. Explicit use of an abstract socket by a user now generates a RuntimeWarning. If we choose to keep this warning, it should be backported to the 3.7 and 3.8 branches. (cherry picked from commit 49f6106) Co-authored-by: Gregory P. Smith <greg@krypto.org>
Configuration menu - View commit details
-
Copy full SHA for b43496c - Browse repository at this point
Copy the full SHA b43496cView commit details
Commits on Nov 10, 2022
-
[3.9] gh-98433: Fix quadratic time idna decoding. (GH-99092) (GH-99222)…
… (#99230) There was an unnecessary quadratic loop in idna decoding. This restores the behavior to linear. (cherry picked from commit d315722) (cherry picked from commit a6f6c3a) Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Co-authored-by: Gregory P. Smith <greg@krypto.org>
Configuration menu - View commit details
-
Copy full SHA for c09dba5 - Browse repository at this point
Copy the full SHA c09dba5View commit details
Commits on Nov 21, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 7b98207 - Browse repository at this point
Copy the full SHA 7b98207View commit details
Commits on Dec 6, 2022
-
[3.9] gh-100001: Omit control characters in http.server stderr logs. (G…
…H-100002) (#100032) * gh-100001: Omit control characters in http.server stderr logs. (GH-100002) Replace control characters in http.server.BaseHTTPRequestHandler.log_message with an escaped \xHH sequence to avoid causing problems for the terminal the output is printed to. (cherry picked from commit d8ab0a4) Co-authored-by: Gregory P. Smith <greg@krypto.org> * also escape \s (backport of PR #100038). * add versionadded and remove extra 'to' Co-authored-by: Gregory P. Smith <greg@krypto.org>
Configuration menu - View commit details
-
Copy full SHA for 3b81c13 - Browse repository at this point
Copy the full SHA 3b81c13View commit details -
Configuration menu - View commit details
-
Copy full SHA for 595f9cc - Browse repository at this point
Copy the full SHA 595f9ccView commit details
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v3.9.15...v3.9.16