Skip to content
Projeler
Gruplar
Parçacıklar
Yardım
Yükleniyor...
Oturum aç / Kaydol
Gezinmeyi değiştir
C
cpython
Proje
Proje
Ayrıntılar
Etkinlik
Cycle Analytics
Depo (repository)
Depo (repository)
Dosyalar
Kayıtlar (commit)
Dallar (branch)
Etiketler
Katkıda bulunanlar
Grafik
Karşılaştır
Grafikler
Konular (issue)
0
Konular (issue)
0
Liste
Pano
Etiketler
Kilometre Taşları
Birleştirme (merge) Talepleri
0
Birleştirme (merge) Talepleri
0
CI / CD
CI / CD
İş akışları (pipeline)
İşler
Zamanlamalar
Grafikler
Paketler
Paketler
Wiki
Wiki
Parçacıklar
Parçacıklar
Üyeler
Üyeler
Collapse sidebar
Close sidebar
Etkinlik
Grafik
Grafikler
Yeni bir konu (issue) oluştur
İşler
Kayıtlar (commit)
Konu (issue) Panoları
Kenar çubuğunu aç
Batuhan Osman TASKAYA
cpython
Commits
e9a74c41
Kaydet (Commit)
e9a74c41
authored
Tem 24, 2017
tarafından
Larry Hastings
Dosyalara gözat
Seçenekler
Dosyalara Gözat
İndir
Eposta Yamaları
Sade Fark
blurb release for 3.4.7rc1.
üst
f067f7e2
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
99 additions
and
30 deletions
+99
-30
3.4.7rc1.rst
Misc/NEWS.d/3.4.7rc1.rst
+99
-0
04.bpo-27945.p29r3O.rst
Misc/NEWS.d/next/Core and Builtins/04.bpo-27945.p29r3O.rst
+0
-3
2017-07-15-13-55-22.bpo-26617.Gh5LvN.rst
...ore and Builtins/2017-07-15-13-55-22.bpo-26617.Gh5LvN.rst
+0
-1
03.bpo-25008.CeIzyU.rst
Misc/NEWS.d/next/Documentation/03.bpo-25008.CeIzyU.rst
+0
-2
01.bpo-27850.kIVQ0m.rst
Misc/NEWS.d/next/Library/01.bpo-27850.kIVQ0m.rst
+0
-2
02.bpo-30730.ZF8XGV.rst
Misc/NEWS.d/next/Security/02.bpo-30730.ZF8XGV.rst
+0
-4
2017-07-11-22-02-51.bpo-30500.wXUrkQ.rst
....d/next/Security/2017-07-11-22-02-51.bpo-30500.wXUrkQ.rst
+0
-4
2017-07-11-22-07-03.bpo-26657.wvpzFD.rst
....d/next/Security/2017-07-11-22-07-03.bpo-26657.wvpzFD.rst
+0
-3
2017-07-11-22-25-24.bpo-30694.oOf3Er.rst
....d/next/Security/2017-07-11-22-25-24.bpo-30694.oOf3Er.rst
+0
-8
2017-07-11-22-26-48.bpo-29591.cOeMX-.rst
....d/next/Security/2017-07-11-22-26-48.bpo-29591.cOeMX-.rst
+0
-3
No files found.
Misc/NEWS.d/3.4.7rc1.rst
0 → 100644
Dosyayı görüntüle @
e9a74c41
.. bpo: 29591
.. date: 2017-07-11-22-26-48
.. nonce: cOeMX-
.. release date: 2017-07-23
.. section: Security
Update expat copy from 2.1.1 to 2.2.0 to get fixes of CVE-2016-0718 and
CVE-2016-4472. See https://sourceforge.net/p/expat/bugs/537/ for more
information.
..
.. bpo: 30694
.. date: 2017-07-11-22-25-24
.. nonce: oOf3Er
.. section: Security
Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple security
vulnerabilities including: CVE-2017-9233 (External entity infinite loop
DoS), CVE-2016-9063 (Integer overflow, re-fix), CVE-2016-0718 (Fix
regression bugs from 2.2.0's fix to CVE-2016-0718) and CVE-2012-0876
(Counter hash flooding with SipHash). Note: the CVE-2016-5300 (Use os-
specific entropy sources like getrandom) doesn't impact Python, since Python
already gets entropy from the OS to set the expat secret using
``XML_SetHashSalt()``.
..
.. bpo: 26657
.. date: 2017-07-11-22-07-03
.. nonce: wvpzFD
.. section: Security
Fix directory traversal vulnerability with http.server on Windows. This
fixes a regression that was introduced in 3.3.4rc1 and 3.4.0rc1. Based on
patch by Philipp Hagemeister.
..
.. bpo: 30500
.. date: 2017-07-11-22-02-51
.. nonce: wXUrkQ
.. section: Security
Fix urllib.parse.splithost() to correctly parse fragments. For example,
``splithost('//127.0.0.1#@evil.com/')`` now correctly returns the
``127.0.0.1`` host, instead of treating ``@evil.com`` as the host in an
authentification (``login@host``).
..
.. bpo: 30730
.. date: 02
.. nonce: ZF8XGV
.. original section: Library
.. section: Security
Prevent environment variables injection in subprocess on Windows. Prevent
passing other invalid environment variables and command arguments.
..
.. bpo: 26617
.. date: 2017-07-15-13-55-22
.. nonce: Gh5LvN
.. section: Core and Builtins
Fix crash when GC runs during weakref callbacks.
..
.. bpo: 27945
.. date: 04
.. nonce: p29r3O
.. section: Core and Builtins
Fixed various segfaults with dict when input collections are mutated during
searching, inserting or comparing. Based on patches by Duane Griffin and
Tim Mitchell.
..
.. bpo: 27850
.. date: 01
.. nonce: kIVQ0m
.. section: Library
Remove 3DES from ssl module's default cipher list to counter measure sweet32
attack (CVE-2016-2183).
..
.. bpo: 25008
.. date: 03
.. nonce: CeIzyU
.. section: Documentation
Document smtpd.py as effectively deprecated and add a pointer to aiosmtpd, a
third-party asyncio-based replacement.
Misc/NEWS.d/next/Core and Builtins/04.bpo-27945.p29r3O.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Fixed various segfaults with dict when input collections are mutated during
searching, inserting or comparing. Based on patches by Duane Griffin and
Tim Mitchell.
Misc/NEWS.d/next/Core and Builtins/2017-07-15-13-55-22.bpo-26617.Gh5LvN.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Fix crash when GC runs during weakref callbacks.
Misc/NEWS.d/next/Documentation/03.bpo-25008.CeIzyU.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Document smtpd.py as effectively deprecated and add a pointer to aiosmtpd, a
third-party asyncio-based replacement.
Misc/NEWS.d/next/Library/01.bpo-27850.kIVQ0m.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Remove 3DES from ssl module's default cipher list to counter measure sweet32
attack (CVE-2016-2183).
Misc/NEWS.d/next/Security/02.bpo-30730.ZF8XGV.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
.. original section: Library
Prevent environment variables injection in subprocess on Windows. Prevent
passing other invalid environment variables and command arguments.
Misc/NEWS.d/next/Security/2017-07-11-22-02-51.bpo-30500.wXUrkQ.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Fix urllib.parse.splithost() to correctly parse fragments. For example,
``splithost('//127.0.0.1#@evil.com/')`` now correctly returns the
``127.0.0.1`` host, instead of treating ``@evil.com`` as the host in an
authentification (``login@host``).
Misc/NEWS.d/next/Security/2017-07-11-22-07-03.bpo-26657.wvpzFD.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Fix directory traversal vulnerability with http.server on Windows. This
fixes a regression that was introduced in 3.3.4rc1 and 3.4.0rc1. Based on
patch by Philipp Hagemeister.
Misc/NEWS.d/next/Security/2017-07-11-22-25-24.bpo-30694.oOf3Er.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple security
vulnerabilities including: CVE-2017-9233 (External entity infinite loop
DoS), CVE-2016-9063 (Integer overflow, re-fix), CVE-2016-0718 (Fix
regression bugs from 2.2.0's fix to CVE-2016-0718) and CVE-2012-0876
(Counter hash flooding with SipHash). Note: the CVE-2016-5300 (Use os-
specific entropy sources like getrandom) doesn't impact Python, since Python
already gets entropy from the OS to set the expat secret using
``XML_SetHashSalt()``.
Misc/NEWS.d/next/Security/2017-07-11-22-26-48.bpo-29591.cOeMX-.rst
deleted
100644 → 0
Dosyayı görüntüle @
f067f7e2
Update expat copy from 2.1.1 to 2.2.0 to get fixes of CVE-2016-0718 and
CVE-2016-4472. See https://sourceforge.net/p/expat/bugs/537/ for more
information.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
