87a954a864
Python 3.9.15 Security gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner. gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner. Core and Builtins gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. Patch by Victor Stinner. gh-95778: When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. Patch by Victor Stinner. Library gh-97005: Update bundled libexpat to 2.4.9 Windows gh-96577: Fixes a potential buffer overrun in msilib. macOS gh-97897: The macOS 13 SDK includes support for the mkfifoat and mknodat system calls. Using the dir_fd option with either os.mkfifo() or os.mknod() could result in a segfault if cpython is built with the macOS 13 SDK but run on an earlier version of macOS. Prevent this by adding runtime support for detection of these system calls (“weaklinking”) as is done for other newer syscalls on macOS. |
||
|---|---|---|
| .. | ||
| patches | ||
| ALTERNATIVES | ||
| buildlink3.mk | ||
| DESCR | ||
| dist.mk | ||
| distinfo | ||
| Makefile | ||
| options.mk | ||
| PLIST | ||
| PLIST.Darwin | ||
| PLIST.FreeBSD | ||
| PLIST.IRIX | ||
| PLIST.Linux | ||
| PLIST.SunOS | ||