From 627894459a84be3488a1789919679c997056a03c Mon Sep 17 00:00:00 2001 From: Thomas Wouters Date: Fri, 5 Dec 2025 17:06:17 +0100 Subject: [PATCH] Python 3.13.11 --- Include/patchlevel.h | 4 +- Lib/pydoc_data/topics.py | 2 +- Misc/NEWS.d/3.13.11.rst | 68 +++++++++++++++++++ ...-12-03-11-03-35.gh-issue-142218.44Fq_J.rst | 2 - ...-12-03-09-36-29.gh-issue-142206.ilwegH.rst | 7 -- ...-12-03-19-33-17.gh-issue-140797.YxB27u.rst | 3 - ...-05-23-11-44-41.gh-issue-119452.PRfsSv.rst | 5 -- ...-05-23-11-47-48.gh-issue-119451.qkJe9-.rst | 5 -- ...-12-01-09-36-45.gh-issue-142145.tcAUhg.rst | 1 - README.rst | 2 +- 10 files changed, 72 insertions(+), 27 deletions(-) create mode 100644 Misc/NEWS.d/3.13.11.rst delete mode 100644 Misc/NEWS.d/next/Core and Builtins/2025-12-03-11-03-35.gh-issue-142218.44Fq_J.rst delete mode 100644 Misc/NEWS.d/next/Library/2025-12-03-09-36-29.gh-issue-142206.ilwegH.rst delete mode 100644 Misc/NEWS.d/next/Library/2025-12-03-19-33-17.gh-issue-140797.YxB27u.rst delete mode 100644 Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst delete mode 100644 Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst delete mode 100644 Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst diff --git a/Include/patchlevel.h b/Include/patchlevel.h index 934d61045364..b255f96e94c5 100644 --- a/Include/patchlevel.h +++ b/Include/patchlevel.h @@ -18,12 +18,12 @@ /*--start constants--*/ #define PY_MAJOR_VERSION 3 #define PY_MINOR_VERSION 13 -#define PY_MICRO_VERSION 10 +#define PY_MICRO_VERSION 11 #define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL #define PY_RELEASE_SERIAL 0 /* Version as a string */ -#define PY_VERSION "3.13.10+" +#define PY_VERSION "3.13.11" /*--end constants--*/ /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2. diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py index a7a49271e4d7..fdbe8106adee 100644 --- a/Lib/pydoc_data/topics.py +++ b/Lib/pydoc_data/topics.py @@ -1,4 +1,4 @@ -# Autogenerated by Sphinx on Tue Dec 2 13:49:46 2025 +# Autogenerated by Sphinx on Fri Dec 5 17:06:29 2025 # as part of the release process. topics = { diff --git a/Misc/NEWS.d/3.13.11.rst b/Misc/NEWS.d/3.13.11.rst new file mode 100644 index 000000000000..89464e4dca79 --- /dev/null +++ b/Misc/NEWS.d/3.13.11.rst @@ -0,0 +1,68 @@ +.. date: 2025-12-01-09-36-45 +.. gh-issue: 142145 +.. nonce: tcAUhg +.. release date: 2025-12-05 +.. section: Security + +Remove quadratic behavior in ``xml.minidom`` node ID cache clearing. + +.. + +.. date: 2024-05-23-11-47-48 +.. gh-issue: 119451 +.. nonce: qkJe9- +.. section: Security + +Fix a potential memory denial of service in the :mod:`http.client` module. +When connecting to a malicious server, it could cause an arbitrary amount of +memory to be allocated. This could have led to symptoms including a +:exc:`MemoryError`, swapping, out of memory (OOM) killed processes or +containers, or even system crashes. + +.. + +.. date: 2024-05-23-11-44-41 +.. gh-issue: 119452 +.. nonce: PRfsSv +.. section: Security + +Fix a potential memory denial of service in the :mod:`http.server` module. +When a malicious user is connected to the CGI server on Windows, it could +cause an arbitrary amount of memory to be allocated. This could have led to +symptoms including a :exc:`MemoryError`, swapping, out of memory (OOM) +killed processes or containers, or even system crashes. + +.. + +.. date: 2025-12-03-19-33-17 +.. gh-issue: 140797 +.. nonce: YxB27u +.. section: Library + +Revert changes to the undocumented :class:`!re.Scanner` class. Capturing +groups are still allowed for backward compatibility, although using them can +lead to incorrect result. They will be forbidden in future Python versions. + +.. + +.. date: 2025-12-03-09-36-29 +.. gh-issue: 142206 +.. nonce: ilwegH +.. section: Library + +The resource tracker in the :mod:`multiprocessing` module now uses the +original communication protocol, as in Python 3.14.0 and below, by default. +This avoids issues with upgrading Python while it is running. (Note that +such 'in-place' upgrades are not tested.) The tracker remains compatible +with subprocesses that use new protocol (that is, subprocesses using Python +3.13.10, 3.14.1 and 3.15). + +.. + +.. date: 2025-12-03-11-03-35 +.. gh-issue: 142218 +.. nonce: 44Fq_J +.. section: Core and Builtins + +Fix crash when inserting into a split table dictionary with a non +:class:`str` key that matches an existing key. diff --git a/Misc/NEWS.d/next/Core and Builtins/2025-12-03-11-03-35.gh-issue-142218.44Fq_J.rst b/Misc/NEWS.d/next/Core and Builtins/2025-12-03-11-03-35.gh-issue-142218.44Fq_J.rst deleted file mode 100644 index a8ce0fc65267..000000000000 --- a/Misc/NEWS.d/next/Core and Builtins/2025-12-03-11-03-35.gh-issue-142218.44Fq_J.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fix crash when inserting into a split table dictionary with a non -:class:`str` key that matches an existing key. diff --git a/Misc/NEWS.d/next/Library/2025-12-03-09-36-29.gh-issue-142206.ilwegH.rst b/Misc/NEWS.d/next/Library/2025-12-03-09-36-29.gh-issue-142206.ilwegH.rst deleted file mode 100644 index 2fc2e3098f8c..000000000000 --- a/Misc/NEWS.d/next/Library/2025-12-03-09-36-29.gh-issue-142206.ilwegH.rst +++ /dev/null @@ -1,7 +0,0 @@ -The resource tracker in the :mod:`multiprocessing` module now uses the -original communication protocol, as in Python 3.14.0 and below, -by default. -This avoids issues with upgrading Python while it is running. -(Note that such 'in-place' upgrades are not tested.) -The tracker remains compatible with subprocesses that use new protocol -(that is, subprocesses using Python 3.13.10, 3.14.1 and 3.15). diff --git a/Misc/NEWS.d/next/Library/2025-12-03-19-33-17.gh-issue-140797.YxB27u.rst b/Misc/NEWS.d/next/Library/2025-12-03-19-33-17.gh-issue-140797.YxB27u.rst deleted file mode 100644 index ebbe06fddfb3..000000000000 --- a/Misc/NEWS.d/next/Library/2025-12-03-19-33-17.gh-issue-140797.YxB27u.rst +++ /dev/null @@ -1,3 +0,0 @@ -Revert changes to the undocumented :class:`!re.Scanner` class. Capturing -groups are still allowed for backward compatibility, although using them can -lead to incorrect result. They will be forbidden in future Python versions. diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst deleted file mode 100644 index 98956627f2b3..000000000000 --- a/Misc/NEWS.d/next/Security/2024-05-23-11-44-41.gh-issue-119452.PRfsSv.rst +++ /dev/null @@ -1,5 +0,0 @@ -Fix a potential memory denial of service in the :mod:`http.server` module. -When a malicious user is connected to the CGI server on Windows, it could cause -an arbitrary amount of memory to be allocated. -This could have led to symptoms including a :exc:`MemoryError`, swapping, out -of memory (OOM) killed processes or containers, or even system crashes. diff --git a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst b/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst deleted file mode 100644 index 6d6f25cd2f8b..000000000000 --- a/Misc/NEWS.d/next/Security/2024-05-23-11-47-48.gh-issue-119451.qkJe9-.rst +++ /dev/null @@ -1,5 +0,0 @@ -Fix a potential memory denial of service in the :mod:`http.client` module. -When connecting to a malicious server, it could cause -an arbitrary amount of memory to be allocated. -This could have led to symptoms including a :exc:`MemoryError`, swapping, out -of memory (OOM) killed processes or containers, or even system crashes. diff --git a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst b/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst deleted file mode 100644 index 440bc7794c69..000000000000 --- a/Misc/NEWS.d/next/Security/2025-12-01-09-36-45.gh-issue-142145.tcAUhg.rst +++ /dev/null @@ -1 +0,0 @@ -Remove quadratic behavior in ``xml.minidom`` node ID cache clearing. diff --git a/README.rst b/README.rst index 38c64567c56d..879a54272b45 100644 --- a/README.rst +++ b/README.rst @@ -1,4 +1,4 @@ -This is Python version 3.13.10 +This is Python version 3.13.11 ============================== .. image:: https://github.com/python/cpython/workflows/Tests/badge.svg -- 2.47.3