|
|
|
@ -17,6 +17,9 @@ Core and Builtins |
|
|
|
Library |
|
|
|
------- |
|
|
|
|
|
|
|
- Issue #2466: posixpath.ismount now correctly recognizes mount points which |
|
|
|
the user does not have permission to access. |
|
|
|
|
|
|
|
- Issue #9998: On Linux, ctypes.util.find_library now looks in LD_LIBRARY_PATH |
|
|
|
for shared libraries. |
|
|
|
|
|
|
|
@ -43,7 +46,8 @@ Core and Builtins |
|
|
|
- Issue #27574: Decreased an overhead of parsing keyword arguments in functions |
|
|
|
implemented with using Argument Clinic. |
|
|
|
|
|
|
|
- Issue #22557: Now importing already imported modules is up to 2.5 times faster. |
|
|
|
- Issue #22557: Now importing already imported modules is up to 2.5 times |
|
|
|
faster. |
|
|
|
|
|
|
|
- Issue #17596: Include <wincrypt.h> to help with Min GW building. |
|
|
|
|
|
|
|
@ -76,9 +80,6 @@ Core and Builtins |
|
|
|
Library |
|
|
|
------- |
|
|
|
|
|
|
|
- Issue #2466: posixpath.ismount now correctly recognizes mount points which |
|
|
|
the user does not have permission to access. |
|
|
|
|
|
|
|
- Issue #25958: Support "anti-registration" of special methods from |
|
|
|
various ABCs, like __hash__, __iter__ or __len__. All these (and |
|
|
|
several more) can be set to None in an implementation class and the |
|
|
|
@ -94,8 +95,8 @@ Library |
|
|
|
to ref count problem introduced in code for Issue #27038 in 3.6.0a3. |
|
|
|
Patch by Xiang Zhang. |
|
|
|
|
|
|
|
- Issue #25628: The *verbose* and *rename* parameters for collections.namedtuple |
|
|
|
are now keyword-only. |
|
|
|
- Issue #25628: The *verbose* and *rename* parameters for |
|
|
|
collections.namedtuple are now keyword-only. |
|
|
|
|
|
|
|
- Issue #12345: Add mathemathical constant tau to math and cmath. See also |
|
|
|
PEP 628. |
|
|
|
@ -114,7 +115,8 @@ Library |
|
|
|
|
|
|
|
- Issue #6422: Add autorange method to timeit.Timer objects. |
|
|
|
|
|
|
|
- Issue #27773: Correct some memory management errors server_hostname in _ssl.wrap_socket(). |
|
|
|
- Issue #27773: Correct some memory management errors server_hostname in |
|
|
|
_ssl.wrap_socket(). |
|
|
|
|
|
|
|
- Issue #26750: unittest.mock.create_autospec() now works properly for |
|
|
|
subclasses of property() and other data descriptors. Removes the never |
|
|
|
@ -131,14 +133,15 @@ Library |
|
|
|
- In the curses module, raise an error if window.getstr() or window.instr() is |
|
|
|
passed a negative value. |
|
|
|
|
|
|
|
- Issue #27783: Fix possible usage of uninitialized memory in operator.methodcaller. |
|
|
|
- Issue #27783: Fix possible usage of uninitialized memory in |
|
|
|
operator.methodcaller. |
|
|
|
|
|
|
|
- Issue #27774: Fix possible Py_DECREF on unowned object in _sre. |
|
|
|
|
|
|
|
- Issue #27760: Fix possible integer overflow in binascii.b2a_qp. |
|
|
|
|
|
|
|
- Issue #27758: Fix possible integer overflow in the _csv module for large record |
|
|
|
lengths. |
|
|
|
- Issue #27758: Fix possible integer overflow in the _csv module for large |
|
|
|
record lengths. |
|
|
|
|
|
|
|
- Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the |
|
|
|
HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates |
|
|
|
@ -319,9 +322,9 @@ Library |
|
|
|
when exiting, let the new chained one through. This avoids the PEP 479 |
|
|
|
bug described in issue25782. |
|
|
|
|
|
|
|
- [Security] Issue #27278: Fix os.urandom() implementation using getrandom() on Linux. |
|
|
|
Truncate size to INT_MAX and loop until we collected enough random bytes, |
|
|
|
instead of casting a directly Py_ssize_t to int. |
|
|
|
- [Security] Issue #27278: Fix os.urandom() implementation using getrandom() on |
|
|
|
Linux. Truncate size to INT_MAX and loop until we collected enough random |
|
|
|
bytes, instead of casting a directly Py_ssize_t to int. |
|
|
|
|
|
|
|
- Issue #16864: sqlite3.Cursor.lastrowid now supports REPLACE statement. |
|
|
|
Initial patch by Alex LordThorsen. |
|
|
|
@ -371,9 +374,9 @@ IDLE |
|
|
|
Previously, when IDLE was started from a console or by import, a cascade |
|
|
|
of warnings was emitted. Patch by Serhiy Storchaka. |
|
|
|
|
|
|
|
- Issue #24137: Run IDLE, test_idle, and htest with tkinter default root disabled. |
|
|
|
Fix code and tests that fail with this restriction. |
|
|
|
Fix htests to not create a second and redundant root and mainloop. |
|
|
|
- Issue #24137: Run IDLE, test_idle, and htest with tkinter default root |
|
|
|
disabled. Fix code and tests that fail with this restriction. Fix htests to |
|
|
|
not create a second and redundant root and mainloop. |
|
|
|
|
|
|
|
- Issue #27310: Fix IDLE.app failure to launch on OS X due to vestigial import. |
|
|
|
|
|
|
|
@ -486,8 +489,8 @@ Library |
|
|
|
|
|
|
|
- [Security] Issue #26556: Update expat to 2.1.1, fixes CVE-2015-1283. |
|
|
|
|
|
|
|
- [Security] Fix TLS stripping vulnerability in smtplib, CVE-2016-0772. Reported by Team |
|
|
|
Oststrom |
|
|
|
- [Security] Fix TLS stripping vulnerability in smtplib, CVE-2016-0772. |
|
|
|
Reported by Team Oststrom. |
|
|
|
|
|
|
|
- Issue #21386: Implement missing IPv4Address.is_global property. It was |
|
|
|
documented since 07a5610bae9d. Initial patch by Roger Luethi. |
|
|
|
@ -529,9 +532,10 @@ Library |
|
|
|
- Issue #21313: Fix the "platform" module to tolerate when sys.version |
|
|
|
contains truncated build information. |
|
|
|
|
|
|
|
- [Security] Issue #26839: On Linux, :func:`os.urandom` now calls ``getrandom()`` with |
|
|
|
``GRND_NONBLOCK`` to fall back on reading ``/dev/urandom`` if the urandom |
|
|
|
entropy pool is not initialized yet. Patch written by Colm Buckley. |
|
|
|
- [Security] Issue #26839: On Linux, :func:`os.urandom` now calls |
|
|
|
``getrandom()`` with ``GRND_NONBLOCK`` to fall back on reading |
|
|
|
``/dev/urandom`` if the urandom entropy pool is not initialized yet. Patch |
|
|
|
written by Colm Buckley. |
|
|
|
|
|
|
|
- Issue #23883: Added missing APIs to __all__ to match the documented APIs |
|
|
|
for the following modules: cgi, mailbox, mimetypes, plistlib and smtpd. |
|
|
|
@ -893,7 +897,8 @@ Core and Builtins |
|
|
|
This allows sys.getsize() to work correctly with their subclasses with |
|
|
|
__slots__ defined. |
|
|
|
|
|
|
|
- Issue #25709: Fixed problem with in-place string concatenation and utf-8 cache. |
|
|
|
- Issue #25709: Fixed problem with in-place string concatenation and utf-8 |
|
|
|
cache. |
|
|
|
|
|
|
|
- Issue #5319: New Py_FinalizeEx() API allowing Python to set an exit status |
|
|
|
of 120 on failure to flush buffered streams. |
|
|
|
@ -1124,9 +1129,9 @@ Library |
|
|
|
- Issue #24838: tarfile's ustar and gnu formats now correctly calculate name |
|
|
|
and link field limits for multibyte character encodings like utf-8. |
|
|
|
|
|
|
|
- [Security] Issue #26657: Fix directory traversal vulnerability with http.server on |
|
|
|
Windows. This fixes a regression that was introduced in 3.3.4rc1 and |
|
|
|
3.4.0rc1. Based on patch by Philipp Hagemeister. |
|
|
|
- [Security] Issue #26657: Fix directory traversal vulnerability with |
|
|
|
http.server on Windows. This fixes a regression that was introduced in |
|
|
|
3.3.4rc1 and 3.4.0rc1. Based on patch by Philipp Hagemeister. |
|
|
|
|
|
|
|
- Issue #26717: Stop encoding Latin-1-ized WSGI paths with UTF-8. Patch by |
|
|
|
Anthony Sottile. |
|
|
|
@ -1230,8 +1235,8 @@ Library |
|
|
|
:class:`warnings.WarningMessage`. Add warnings._showwarnmsg() which uses |
|
|
|
tracemalloc to get the traceback where source object was allocated. |
|
|
|
|
|
|
|
- [Security] Issue #26313: ssl.py _load_windows_store_certs fails if windows cert store |
|
|
|
is empty. Patch by Baji. |
|
|
|
- [Security] Issue #26313: ssl.py _load_windows_store_certs fails if windows |
|
|
|
cert store is empty. Patch by Baji. |
|
|
|
|
|
|
|
- Issue #26569: Fix :func:`pyclbr.readmodule` and :func:`pyclbr.readmodule_ex` |
|
|
|
to support importing packages. |
|
|
|
@ -1266,7 +1271,8 @@ Library |
|
|
|
isoformat() method to choose the precision of the time component. |
|
|
|
|
|
|
|
- Issue #2202: Fix UnboundLocalError in |
|
|
|
AbstractDigestAuthHandler.get_algorithm_impls. Initial patch by Mathieu Dupuy. |
|
|
|
AbstractDigestAuthHandler.get_algorithm_impls. Initial patch by Mathieu |
|
|
|
Dupuy. |
|
|
|
|
|
|
|
- Issue #26167: Minimized overhead in copy.copy() and copy.deepcopy(). |
|
|
|
Optimized copying and deepcopying bytearrays, NotImplemented, slices, |
|
|
|
@ -1313,7 +1319,8 @@ Library |
|
|
|
trigger the handle_error() method, and will now to stop a single-threaded |
|
|
|
server. |
|
|
|
|
|
|
|
- [Security] Issue #25939: On Windows open the cert store readonly in ssl.enum_certificates. |
|
|
|
- [Security] Issue #25939: On Windows open the cert store readonly in |
|
|
|
ssl.enum_certificates. |
|
|
|
|
|
|
|
- Issue #25995: os.walk() no longer uses FDs proportional to the tree depth. |
|
|
|
|
|
|
|
@ -1629,7 +1636,8 @@ Library |
|
|
|
- Issue #25011: rlcompleter now omits private and special attribute names unless |
|
|
|
the prefix starts with underscores. |
|
|
|
|
|
|
|
- Issue #25209: rlcompleter now can add a space or a colon after completed keyword. |
|
|
|
- Issue #25209: rlcompleter now can add a space or a colon after completed |
|
|
|
keyword. |
|
|
|
|
|
|
|
- Issue #22241: timezone.utc name is now plain 'UTC', not 'UTC-00:00'. |
|
|
|
|
|
|
|
|
R David Murray
10 years ago