Library
-------
-- Issue #23367: Fix possible overflows in the unicodedata module.
+ - Issue #24094: Fix possible crash in json.encode with poorly behaved dict
+ subclasses.
+
+- Asyncio issue 222 / PR 231 (Victor Stinner) -- fix @coroutine
+ functions without __name__.
-- Issue #23361: Fix possible overflow in Windows subprocess creation code.
+- Issue #9246: On POSIX, os.getcwd() now supports paths longer than 1025 bytes.
+ Patch written by William Orr.
-- Issue #23363: Fix possible overflow in itertools.permutations.
+- Issues #24099, #24100, and #24101: Fix free-after-use bug in heapq's siftup
+ and siftdown functions.
-- Issue #23364: Fix possible overflow in itertools.product.
+- Backport collections.deque fixes from Python 3.5. Prevents reentrant badness
+ during deletion by deferring the decref until the container has been restored
+ to a consistent state.
-- Issue #23369: Fixed possible integer overflow in
- _json.encode_basestring_ascii.
+- Issue #23008: Fixed resolving attributes with boolean value is False in pydoc.
-- Issue #23366: Fixed possible integer overflow in itertools.combinations.
+- Fix asyncio issue 235: LifoQueue and PriorityQueue's put didn't
+ increment unfinished tasks (this bug was introduced in 3.4.3 when
+ JoinableQueue was merged with Queue).
-- Issue #23365: Fixed possible integer overflow in
- itertools.combinations_with_replacement.
+- Issue #23908: os functions now reject paths with embedded null character
+ on Windows instead of silently truncate them.
-C API
------
+- Issue #23728: binascii.crc_hqx() could return an integer outside of the range
+ 0-0xffff for empty data.
-- Issue #23998: PyImport_ReInitLock() now checks for lock allocation error
+- Issue #23811: Add missing newline to the PyCompileError error message.
+ Patch by Alex Shkop.
+- Issue #17898: Fix exception in gettext.py when parsing certain plural forms.
-What's New in Python 3.3.6?
-===========================
+- Issue #22982: Improve BOM handling when seeking to multiple positions of
+ a writable text file.
-*Release date: 11-Oct-2014*
+- Issue #23865: close() methods in multiple modules now are idempotent and more
+ robust at shutdown. If they need to release multiple resources, all are
+ released even if errors occur.
-Core and Builtins
------------------
+- Issue #23881: urllib.request.ftpwrapper constructor now closes the socket if
+ the FTP connection failed to fix a ResourceWarning.
-- Issue #22643: Fix integer overflow in Unicode case operations (upper, lower,
- title, swapcase, casefold).
+- Issue #23400: Raise same exception on both Python 2 and 3 if sem_open is not
+ available. Patch by Davin Potts.
-- Issue #22518: Fixed integer overflow issues in "backslashreplace",
- "xmlcharrefreplace", and "surrogatepass" error handlers.
+- Issue #15133: _tkinter.tkapp.getboolean() now supports Tcl_Obj and always
+ returns bool. tkinter.BooleanVar now validates input values (accepted bool,
+ int, str, and Tcl_Obj). tkinter.BooleanVar.get() now always returns bool.
-- Issue #22520: Fix overflow checking when generating the repr of a unicode
- object.
+- Issue #23338: Fixed formatting ctypes error messages on Cygwin.
+ Patch by Makoto Kato.
-- Issue #22519: Fix overflow checking in PyBytes_Repr.
+- Issue #16840: Tkinter now supports 64-bit integers added in Tcl 8.4 and
+ arbitrary precision integers added in Tcl 8.5.
-- Issue #22518: Fix integer overflow issues in latin-1 encoding.
+- Issue #23834: Fix socket.sendto(), use the C Py_ssize_t type to store the
+ result of sendto() instead of the C int type.
-- Issue #23165: Perform overflow checks before allocating memory in the
- _Py_char2wchar function.
+- Issue #21526: Tkinter now supports new boolean type in Tcl 8.5.
-Library
--------
+- Issue #23838: linecache now clears the cache and returns an empty result on
+ MemoryError.
-- Issue #16043: Add a default limit for the amount of data xmlrpclib.gzip_decode
- will return. This resolves CVE-2013-1753.
+- Issue #18473: Fixed 2to3 and 3to2 compatible pickle mappings. Fixed
+ ambigious reverse mappings. Added many new mappings. Import mapping is no
+ longer applied to modules already mapped with full name mapping.
-- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
- weakrefs.
+- Issue #23745: The new email header parser now handles duplicate MIME
+ parameter names without error, similar to how get_param behaves.
-- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
- 65536 bytes and send a 414 error code for higher lengths. Patch contributed
- by Devin Cook.
+- Issue #23792: Ignore KeyboardInterrupt when the pydoc pager is active.
+ This mimics the behavior of the standard unix pagers, and prevents
+ pipepager from shutting down while the pager itself is still running.
-- Lax cookie parsing in http.cookies could be a security issue when combined
- with non-standard cookie handling in some Web browsers. Reported by
- Sergey Bobrov.
+- Issue #23742: ntpath.expandvars() no longer loses unbalanced single quotes.
-- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
- before checking for a CGI script at that path.
+- Issue #21802: The reader in BufferedRWPair now is closed even when closing
+ writer failed in BufferedRWPair.close().
-- Fix arbitrary memory access in JSONDecoder.raw_decode with a negative second
- parameter. Bug reported by Guido Vranken.
+- Issue #23671: string.Template now allows to specify the "self" parameter as
+ keyword argument. string.Formatter now allows to specify the "self" and
+ the "format_string" parameters as keyword arguments.
-- Issue #20633: Replace relative import by absolute import.
+- Issue #21560: An attempt to write a data of wrong type no longer cause
+ GzipFile corruption. Original patch by Wolfgang Maier.
-- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
- changes behavior of makedirs when exist_ok=True.
+- Issue #23647: Increase impalib's MAXLINE to accommodate modern mailbox sizes.
-- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
- Patch by Claudiu Popa.
+- Issue #23539: If body is None, http.client.HTTPConnection.request now sets
+ Content-Length to 0 for PUT, POST, and PATCH headers to avoid 411 errors from
+ some web servers.
-- Issue #11599: When an external command (e.g. compiler) fails, distutils now
- prints out the whole command line (instead of just the command name) if the
- environment variable DISTUTILS_DEBUG is set.
+- Issue #22351: The nntplib.NNTP constructor no longer leaves the connection
+ and socket open until the garbage collector cleans them up. Patch by
+ Martin Panter.
-- Issue #4931: distutils should not produce unhelpful "error: None" messages
- anymore. distutils.util.grok_environment_error is kept but doc-deprecated.
+- Issue #23136: _strptime now uniformly handles all days in week 0, including
+ Dec 30 of previous year. Based on patch by Jim Carroll.
-- Issue #20283: RE pattern methods now accept the string keyword parameters
- as documented. The pattern and source keyword parameters are left as
- deprecated aliases.
+- Issue #23700: Iterator of NamedTemporaryFile now keeps a reference to
+ NamedTemporaryFile instance. Patch by Bohuslav Kabrda.
-- Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
- broken by the fix for security issue #19435. Patch by Zach Byrne.
+- Issue #22903: The fake test case created by unittest.loader when it fails
+ importing a test module is now picklable.
-Tests
------
+- Issue #23568: Add rdivmod support to MagicMock() objects.
+ Patch by Håkan Lövdahl.
-- Issue #17752: Fix distutils tests when run from the installed location.
+- Issue #23138: Fixed parsing cookies with absent keys or values in cookiejar.
+ Patch by Demian Brecht.
-- Issue #20946: Correct alignment assumptions of some ctypes tests.
+- Issue #23051: multiprocessing.Pool methods imap() and imap_unordered() now
+ handle exceptions raised by an iterator. Patch by Alon Diamant and Davin
+ Potts.
-- Issue #20939: Fix test_geturl failure in test_urllibnet due to
- new redirect of http://www.python.org/ to https://www.python.org.
+- Issue #22928: Disabled HTTP header injections in http.client.
+ Original patch by Demian Brecht.
+- Issue #23615: Modules bz2, tarfile and tokenize now can be reloaded with
+ imp.reload(). Patch by Thomas Kluyver.
-What's New in Python 3.3.5?
-===========================
+- Issue #23476: In the ssl module, enable OpenSSL's X509_V_FLAG_TRUSTED_FIRST
+ flag on certificate stores when it is available.
-*Release date: 09-Mar-2014*
+- Issue #23576: Avoid stalling in SSL reads when EOF has been reached in the
+ SSL layer but the underlying connection hasn't been closed.
-No changes from release candidate 2.
+- Issue #23504: Added an __all__ to the types module.
+- Issue #20204: Added the __module__ attribute to _tkinter classes.
-What's New in Python 3.3.5 release candidate 2?
-===============================================
+- Issue #23521: Corrected pure python implementation of timedelta division.
-*Release date: 02-Mar-2014*
+ * Eliminated OverflowError from timedelta * float for some floats;
+ * Corrected rounding in timedlta true division.
-Core and Builtins
------------------
+- Issue #21619: Popen objects no longer leave a zombie after exit in the with
+ statement if the pipe was broken. Patch by Martin Panter.
-- Issue #20731: Properly position in source code files even if they
- are opened in text mode. Patch by Serhiy Storchaka.
+- Issue #6639: Module-level turtle functions no longer raise TclError after
+ closing the window.
-- Issue #19619: str.encode, bytes.decode and bytearray.decode now use an
- internal API to throw LookupError for known non-text encodings, rather
- than attempting the encoding or decoding operation and then throwing a
- TypeError for an unexpected output type. (The latter mechanism remains
- in place for third party non-text encodings)
+- Issues #814253, #9179: Warnings now are raised when group references and
+ conditional group references are used in lookbehind assertions in regular
+ expressions.
-Library
--------
+- Issue #23215: Multibyte codecs with custom error handlers that ignores errors
+ consumed too much memory and raised SystemError or MemoryError.
+ Original patch by Aleksi Torhamo.
-- Issue #20778: Fix modulefinder to work with bytecode-only modules.
+- Issue #5700: io.FileIO() called flush() after closing the file.
+ flush() was not called in close() if closefd=False.
-- Issue #20791: copy.copy() now doesn't make a copy when the input is
- a bytes object. Initial patch by Peter Otten.
+- Issue #23374: Fixed pydoc failure with non-ASCII files when stdout encoding
+ differs from file system encoding (e.g. on Mac OS).
-- Issue #20621: Fixes a zipimport bug introduced in 3.3.4 that could cause
- spurious crashes or SystemErrors when importing modules or packages from a
- zip file. The change causing the problem was reverted.
+- Issue #23481: Remove RC4 from the SSL module's default cipher list.
-- Issue #20404: io.TextIOWrapper (and hence the open() builtin) now uses the
- internal codec marking system added for issue #19619 to throw LookupError
- for known non-text encodings at stream construction time. The existing
- output type checks remain in place to deal with unmarked third party
- codecs.
+- Issue #21548: Fix pydoc.synopsis() and pydoc.apropos() on modules with empty
+ docstrings.
+
+- Issue #22885: Fixed arbitrary code execution vulnerability in the dbm.dumb
+ module. Original patch by Claudiu Popa.
+
+- Issue #23146: Fix mishandling of absolute Windows paths with forward
+ slashes in pathlib.
+
+- Issue #23421: Fixed compression in tarfile CLI. Patch by wdv4758h.
+
+- Issue #23367: Fix possible overflows in the unicodedata module.
+
+- Issue #23361: Fix possible overflow in Windows subprocess creation code.
+
+- Issue #23801: Fix issue where cgi.FieldStorage did not always ignore the
+ entire preamble to a multipart body.
+
+- Issue #23310: Fix MagicMock's initializer to work with __methods__, just
+ like configure_mock(). Patch by Kasia Jachim.
Tests
-----
projects / thirdparty / Python / cpython.git / commitdiff
