merge 3.2 (#16043)

author Benjamin Peterson <benjamin@python.org>

Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)

committer Benjamin Peterson <benjamin@python.org>

Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)
author Benjamin Peterson <benjamin@python.org>
Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)
committer Benjamin Peterson <benjamin@python.org>
Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)
diff --cc Lib/test/test_xmlrpc.py
Simple merge
diff --cc Lib/xmlrpc/client.py
Simple merge
diff --cc Misc/NEWS

index 7676c9051dd382a70cc2abb67769601ef6f582c5,3cff3cdf876b0e8f7cef57350ccf866e27a513ad..c66da32f9e7394a61f500720e678800ab3138537
--- 1/Misc/NEWS
--- 2/Misc/NEWS
+++ b/Misc/NEWS
@@@ -26,8 -16,18 +26,11 @@@ Core and Builtin
   Library
   -------
   
- -- Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to
- -  prevent readline() calls from consuming too much memory.  Patch by Jyrki
- -  Pulliainen.
- -
- -- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit
- -  line length.  Patch by Emil Lind.
- -
- -- Issue #22421: Fix a regression that caused the pydoc server to be bound to
- -  all interfaces instead of only localhost.
+ - Issue #16043: Add a default limit for the amount of data xmlrpclib.gzip_decode
+   will return. This resolves CVE-2013-1753.
+ 
+ +- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
+ +  weakrefs.
   
   - Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
     65536 bytes and send a 414 error code for higher lengths. Patch contributed
author	Benjamin Peterson <benjamin@python.org>
	Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)
committer	Benjamin Peterson <benjamin@python.org>
	Sat, 6 Dec 2014 01:30:54 +0000 (20:30 -0500)
		1	2
Lib/test/test_xmlrpc.py	patch \|	diff1 \|	diff2 \|	blob \| history
Lib/xmlrpc/client.py	patch \|	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	patch \|	diff1 \|	diff2 \|	blob \| history