Victor Stinner [Mon, 4 Jun 2018 20:25:54 +0000 (22:25 +0200)]
[2.7] bpo-33718: Update regrtest from master (GH-7402)
Backport manually regrtest enhancements from master:
* No longer clear filters, like --match, to re-run failed tests in
verbose mode (-w option).
* Tests result: always indicate if tests have been interrupted.
* Enhance tests summary
* After failing tests are re-run, display again the summary.
* Add environment_altered to test.support, but it's currently unused
* regrtest: count also ENV_CHANGED as failures
* regrtest: Enhance format_duration()
* Replace test_support with support
Victor Stinner [Wed, 30 May 2018 15:24:40 +0000 (17:24 +0200)]
bpo-29512: Rename Lib/test/bisect.py to bisect_cmd.py (#7229)
Rename Lib/test/bisect.py to Lib/test/bisect_cmd.py. The old name was
in conflict with Lib/bisect.py, causing test failures, depending how
tests were run.
For example, "python2.7 Lib/test/test_httpservers.py" imported
indirectly Lib/test/bisect.py instead of Lib/bisect.py
on "import bisect".
* Add a space to ensurepip's --altinstall option
* Add periods to the arguments of ensurepip that didn't have it
This makes --help for all optional arguments consistent and also makes it
consistent with pip --help..
(cherry picked from commit e9537ad6a128924dd610bea2268065500c174181)
Serhiy Storchaka [Thu, 24 May 2018 20:27:08 +0000 (23:27 +0300)]
[2.7] bpo-33622: Fix issues with handling errors in the GC. (GH-7078) (#7096)
* Fixed a leak when the GC fails to add an object with __del__ into
the gc.garbage list.
* PyGC_Collect() can now be called when an exception is set and
preserves it.
(cherry picked from commit 301e3cc8a5bc68c5347ab6ac6f83428000d31ab2)
Serhiy Storchaka [Sun, 20 May 2018 22:50:33 +0000 (01:50 +0300)]
[2.7] bpo-33542: Ignore DUID in uuid.get_node on Windows. (GH-6922) (GH-7015)
uuid._ipconfig_getnode did not validate the maximum length of the value,
so long as the value had the same type of formatting as a MAC address.
This let it select DUIDs as MAC addresses. It now requires an exact
length match..
(cherry picked from commit c66c342cb42ab8a88884527ddfe3a5086bc06316)
Indicate that _PyGC_Head is only 8-byte aligned. (closes bpo-33374)
By spec, the "long double" in _PyGC_Head requires the union to always be 16-byte
aligned. However, obmalloc only yields 8-byte alignment. Compilers including GCC
8 are starting to use alignment information to do store-merging. So, the "long
double" needs to be changed to a simple "double" as was long ago done in Python
3 by e348c8d154cf6342c79d627ebfe89dfe9de23817. For 2.7, we need to add some
dummy padding to make sure _PyGC_Head stays the same size.
bpo-33295: Skip test using missing external site (GH-6504) (GH-6510)
`test_urllib2net.OtherNetworkTests.test_sites_no_connection_close`
used `http://www.imdb.com/` but it is moved to https so the test is
not valid anymore. Skip test for the moment to allow CI to proceed.
(cherry picked from commit 36d56ea826caffbeac0fc0c6d90248b80516e33c)
Ned Deily [Sat, 14 Apr 2018 14:37:28 +0000 (10:37 -0400)]
[2.7] Backport macOS universal build and installer fixes from 3.6. (GH-6469)
These include:
- bpo-32726: Provide an additional, more modern macOS installer variant that
supports macOS 10.9+ systems in 64-bit mode only. Upgrade the supplied
third-party libraries to OpenSSL 1.0.2n and SQLite 3.22.0. The 10.9+
installer now supplies its own private copy of Tcl/Tk 8.6.8.
- bpo-24414: Default macOS deployment target is now set by ``configure`` to
the build system's OS version (as is done by Python 3), not ``10.4``;
override with, for example, ``./configure MACOSX_DEPLOYMENT_TARGET=10.4``.
- bpo-19019: All 2.7 macOS installer variants now supply their own version
of ``OpenSSL 1.0.2``; the Apple-supplied SSL libraries and root
certificates are not longer used. The ``Installer Certificate`` command
in ``/Applications/Python 2.7`` may be used to download and install a
default set of root certificates from the third-party ``certifi`` package.
- bpo-11485: python.org macOS Pythons no longer supply a default SDK value
(e.g. ``-isysroot /``) or specific compiler version default (e.g.
``gcc-4.2``) when building extension modules. Use ``CC``, ``SDKROOT``,
and ``DEVELOPER_DIR`` environment variables to override compilers or to
use an SDK. See Apple's ``xcrun`` man page for more info.
- prepare for pending Apple removal of 32-bit support in future macOS release
Allow ttk.Treeview.insert to insert iid that has a false boolean value.
Note iid=0 and iid=False would be same.
(cherry picked from commit 3ab44c0783eebdff687014f7d14d5dec59b6bd39)
scoder [Sat, 31 Mar 2018 12:23:30 +0000 (14:23 +0200)]
bpo-31544: Fix a reference leak to 'self' after the previous target error handling fixes. (GH-6318)
This change generally splits the xmlparser creation code into an unsafe part with "rollback" error handling and a safe "object initialisation done" part with normal decref cleanup.
Fix description about SimpleXMLRPCServer constructor parameter bind_and_activate. (GH-776)
Passing True as the `bind_and_activate` *do* immediately opening and binding to their socket.
(cherry picked from commit e6223579c87b93f3e60d28796f521587d88091d4)
Jamie Davis [Tue, 6 Mar 2018 05:59:02 +0000 (00:59 -0500)]
[2.7] closes bpo-32997: Fix REDOS in fpformat (GH-5984)
The regex to decode a number in fpformat is susceptible to catastrophic backtracking. This is a potential DOS vector if a server is using fpformat on untrusted number strings.
Replace it with an equivalent non-vulnerable regex. The match behavior of the new regex is slightly different. It captures the whole integer part of the number in one group, Leading zeros are stripped off later.
The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.
Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.
A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.
Replace it with a similar non-vulnerable regex.
The new regex is RFC compliant.
The old regex was non-compliant in edge cases.
* Prevent difflib REDOS (CVE-2018-1061)
The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.
Replace it with an equivalent non-vulnerable regex.
Also introduce unit and REDOS tests for difflib.
Co-authored-by: Tim Peters <tim.peters@gmail.com> Co-authored-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 0e6c8ee2358a2e23117501826c008842acb835ac)
This code never did anything correct or useful. The class attribute will never be affected, and the condition will never be true.
(cherry picked from commit 5fb632e83136399bad9427ee23ec8b771695290a)
Christian Heimes [Sun, 25 Feb 2018 09:21:03 +0000 (10:21 +0100)]
[2.7] bpo-30622: Improve NPN support detection (GH-5859) (#5863)
The ssl module now detects missing NPN support in LibreSSL.
Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org> Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 6cdb7954b0a578d899e4b78b868ea59eef08480a)
Co-authored-by: Christian Heimes <christian@python.org>
projects / thirdparty / Python / cpython.git / log
