1a4a859001
Python 3.8.10 final Security bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. Core and Builtins bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). Library bpo-43993: Update bundled pip to 21.1.1. bpo-43937: Fixed the turtle module working with non-default root window. bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module’s _syscmd_ver private function to return an accurate version. bpo-42248: [Enum] ensure exceptions raised in _missing__ are released bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) bpo-43789: OpenSSL 3.0.0: Don’t call the password callback function a second time when first call has signaled an error condition. bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL’s text file with error codes. bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. bpo-32745: Fix a regression in the handling of ctypes’ ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. Documentation bpo-43959: The documentation on the PyContextVar C-API was clarified. bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. Tests bpo-43842: Fix a race condition in the SMTP test of test_logging. Don’t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. Windows bpo-35306: Avoid raising errors from pathlib.Path.exists() when passed an invalid filename. bpo-38822: Fixed os.stat() failing on inaccessible directories with a trailing slash, rather than falling back to the parent directory’s metadata. This implicitly affected os.path.exists() and os.path.isdir(). bpo-26227: Fixed decoding of host names in socket.gethostbyaddr() and socket.gethostbyname_ex(). bpo-43745: Actually updates Windows release to OpenSSL 1.1.1k. Earlier releases were mislabelled and actually included 1.1.1i again. bpo-43492: Upgrade Windows installer to use SQLite 3.35.5. macOS bpo-44009: Provide “python3.x-intel64” executable to allow reliably forcing macOS universal2 framework builds to run under Rosetta 2 Intel-64 emulation on Apple Silicon Macs. This can be useful for testing or when universal2 wheels are not yet available. bpo-41100: As of 3.8.10, Python now supports building and running on macOS 11 (Big Sur) and on Apple Silicon Macs (based on the ARM64 architecture). A new universal build variant, universal2, is also available to natively support both ARM64 and Intel 64 in one set of executables. This backport from Python 3.9 does not include support for “weaklinking”; to support a range of macOS versions, continue to target for and build on the oldest version in the range; for 3.8.x, the universal2 variant is only useful on macOS 11 or later. bpo-43492: Update macOS installer to use SQLite 3.35.4. IDLE bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. C API bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. |
||
---|---|---|
.. | ||
patches | ||
ALTERNATIVES | ||
buildlink3.mk | ||
DESCR | ||
dist.mk | ||
distinfo | ||
Makefile | ||
options.mk | ||
PLIST | ||
PLIST.Darwin | ||
PLIST.FreeBSD | ||
PLIST.IRIX | ||
PLIST.Linux | ||
PLIST.SunOS |