Library
-------
-- Issue #19082: Working SimpleXMLRPCServer and xmlrpclib examples, both in
- modules and documentation.
+ - Issue #20246: Fix buffer overflow in socket.recvfrom_into.
+
+- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler.
-- Issue #13107: argparse and optparse no longer raises an exception when output
- a help on environment with too small COLUMNS. Based on patch by
- Elazar Gershuni.
+- Issue #14984: On POSIX systems, when netrc is called without a filename
+ argument (and therefore is reading the user's $HOME/.netrc file), it now
+ enforces the same security rules as typical ftp clients: the .netrc file must
+ be owned by the user that owns the process and must not be readable by any
+ other user.
-- Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly
- asked for.
+- Issue #16248: Disable code execution from the user's home directory by tkinter
+ when the -E flag is passed to Python.
-- Issue #20072: Fixed multiple errors in tkinter with wantobjects is False.
-- Issue #1065986: pydoc can now handle unicode strings.
+What's New in Python 3.1.5?
+===========================
-- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to
- limit line length. Patch by Emil Lind.
+*Release date: 2012-04-08*
-- Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl
- module, rather than silently let them emit clear text data.
+Core and Builtins
+-----------------
-- Issue #20027: Fixed locale aliases for devanagari locales.
+- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
+ environment variable, to provide an opt-in way to protect against denial of
+ service attacks due to hash collisions within the dict and set types. Patch
+ by David Malcolm, based on work by Victor Stinner.
-- Issue #20067: Tkinter variables now work when wantobjects is false.
+Library
+-------
-- Issue #19020: Tkinter now uses splitlist() instead of split() in configure
- methods.
+- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
+ table internal to the pyexpat module's copy of the expat library to avoid a
+ denial of service due to hash collisions. Patch by David Malcolm with some
+ modifications by the expat project.
-- Issue #12226: HTTPS is now used by default when connecting to PyPI.
+- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
+ SimpleXMLRPCServer upon malformed POST request.
-- Issue #20048: Fixed ZipExtFile.peek() when it is called on the boundary of
- the uncompress buffer and read() goes through more than one readbuffer.
+- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
+ IV attack countermeasure.
-- Issue #20034: Updated alias mapping to most recent locale.alias file
- from X.org distribution using makelocalealias.py.
+- Issue #11603: Fix a crash when __str__ is rebound as __repr__. Patch by
+ Andreas Stührk.
-- Issue #5815: Fixed support for locales with modifiers. Fixed support for
- locale encodings with hyphens.
-- Issue #20026: Fix the sqlite module to handle correctly invalid isolation
- level (wrong type).
+What's New in Python 3.1.4?
+===========================
-- Issue #18829: csv.Dialect() now checks type for delimiter, escapechar and
- quotechar fields. Original patch by Vajrasky Kok.
+*Release date: 2011-06-11*
-- Issue #19855: uuid.getnode() on Unix now looks on the PATH for the
- executables used to find the mac address, with /sbin and /usr/sbin as
- fallbacks.
+Library
+-------
-- Issue #20007: HTTPResponse.read(0) no more prematurely closes connection.
- Original patch by Simon Sapin.
+- Issue #12502: asyncore: fix polling loop with AF_UNIX sockets.
-- Issue #19912: Fixed numerous bugs in ntpath.splitunc().
+- Issue #12009: Fixed regression in netrc file comment handling.
-- Issue #19623: Fixed writing to unseekable files in the aifc module.
- Fixed writing 'ulaw' (lower case) compressed AIFC files.
+Extension Modules
+-----------------
-- Issue #17919: select.poll.register() again works with poll.POLLNVAL on AIX.
- Fixed integer overflow in the eventmask parameter.
+- Issue #12221: Replace pyexpat.__version__ with the Python version.
-- Issue #17200: telnetlib's read_until and expect timeout was broken by the
- fix to Issue #14635 in Python 2.7.4 to be interpreted as milliseconds
- instead of seconds when the platform supports select.poll (ie: everywhere).
- It is now treated as seconds once again.
+What's New in Python 3.1.4 release candidate 1?
+===============================================
-- Issue #19099: The struct module now supports Unicode format strings.
+*Release date: 2011-05-29*
-- Issue #19878: Fix segfault in bz2 module after calling __init__ twice with
- non-existent filename. Initial patch by Vajrasky Kok.
+Core and Builtins
+-----------------
-- Issue #16373: Prevent infinite recursion for ABC Set class comparisons.
+- Issue #9670: Increase the default stack size for secondary threads on
+ Mac OS X and FreeBSD to reduce the chances of a crash instead of a
+ "maximum recursion depth" RuntimeError exception.
+ (patch by Ronald Oussoren)
-- Issue #19138: doctest's IGNORE_EXCEPTION_DETAIL now allows a match when
- no exception detail exists (no colon following the exception's name, or
- a colon does follow but no text follows the colon).
+- Correct lookup of __dir__ on objects. Among other things, this causes errors
+ besides AttributeError found on lookup to be propagated.
-- Issue #16231: Fixed pickle.Pickler to only fallback to its default pickling
- behaviour when Pickler.persistent_id returns None, but not for any other
- false values. This allows false values other than None to be used as
- persistent IDs. This behaviour is consistent with cPickle.
+- Issue #12060: Use sig_atomic_t type and volatile keyword in the signal
+ module. Patch written by Charles-François Natali.
-- Issue #11508: Fixed uuid.getnode() and uuid.uuid1() on environment with
- virtual interface. Original patch by Kent Frazier.
+- Issue #1195: Fix input() if it is interrupted by CTRL+d and then CTRL+c,
+ clear the end-of-file indicator after CTRL+d.
-- Issue #11489: JSON decoder now accepts lone surrogates.
+- Issue #9756: When calling a method descriptor or a slot wrapper descriptor,
+ the check of the object type doesn't read the __class__ attribute anymore.
+ Fix a crash if a class override its __class__ attribute (e.g. a proxy of the
+ str type). Patch written by Andreas Stührk.
-- Fix test.test_support.bind_port() to not cause an error when Python was
- compiled on a system with SO_REUSEPORT defined in the headers but run on
- a system with an OS kernel that does not support that new socket option.
+- Issue #6780: fix starts/endswith error message to mention that tuples are
+ accepted too.
-- Issue #19633: Fixed writing not compressed 16- and 32-bit wave files on
- big-endian platforms.
+- Issue #5057: fix a bug in the peepholer that led to non-portable pyc files
+ between narrow and wide builds while optimizing BINARY_SUBSCR on non-BMP
+ chars (e.g. "\U00012345"[0]).
-- Issue #19449: in csv's writerow, handle non-string keys when generating the
- error message that certain keys are not in the 'fieldnames' list.
+- Issue #11650: PyOS_StdioReadline() retries fgets() if it was interrupted
+ (EINTR), for example if the program is stopped with CTRL+z on Mac OS X. Patch
+ written by Charles-Francois Natali.
-- Issue #12853: Fix NameError in distutils.command.upload.
+- Issue #8651: PyArg_Parse*() functions raise an OverflowError if the file
+ doesn't have PY_SSIZE_T_CLEAN define and the size doesn't fit in an int
+ (length bigger than 2^31-1 bytes).
-- Issue #19523: Closed FileHandler leak which occurred when delay was set.
+- Issue #11450: Don't truncate hg version info in Py_GetBuildInfo() when
+ there are many tags (e.g. when using mq). Patch by Nadeem Vawda.
-- Issue #1575020: Fixed support of 24-bit wave files on big-endian platforms.
+- Issue #10451: memoryview objects could allow to mutate a readable buffer.
+ Initial patch by Ross Lagerwall.
-- Issue #19480: HTMLParser now accepts all valid start-tag names as defined
- by the HTML5 standard.
+- Issue #10892: Don't segfault when trying to delete __abstractmethods__ from a
+ class.
-- Issue #17827: Add the missing documentation for ``codecs.encode`` and
- ``codecs.decode``.
+- Issue #8020: Avoid a crash where the small objects allocator would read
+ non-Python managed memory while it is being modified by another thread.
+ Patch by Matt Bandy.
-- Issue #6157: Fixed Tkinter.Text.debug(). Original patch by Guilherme Polo.
+- Issue #8278: On Windows and with a NTFS filesystem, os.stat() and os.utime()
+ can now handle dates after 2038.
-- Issue #6160: The bbox() method of tkinter.Spinbox now returns a tuple of
- integers instead of a string. Based on patch by Guilherme Polo.
+- issue #11828: startswith and endswith don't accept None as slice index.
+ Patch by Torsten Becker.
-- Issue #19286: Directories in ``package_data`` are no longer added to
- the filelist, preventing failure outlined in the ticket.
+- Issue #4236: PyModule_Create2 now checks the import machinery directly
+ rather than the Py_IsInitialized flag, avoiding a Fatal Python
+ error in certain circumstances when an import is done in __del__.
-IDLE
-----
+- Issue #10596: Fix float.__mod__ to have the same behaviour as
+ float.__divmod__ with respect to signed zeros. -4.0 % 4.0 should be
+ 0.0, not -0.0.
-- Issue #20058: sys.stdin.readline() in IDLE now always returns only one line.
+- Issue #5587: add a repr to dict_proxy objects. Patch by David Stanek and
+ Daniel Urban.
-- Issue #19481: print() of unicode, str or bytearray subclass instance in IDLE
- no more hangs.
+- Issue #11506: Trying to assign to a bytes literal should result in a
+ SyntaxError.
-- Issue #18270: Prevent possible IDLE AttributeError on OS X when no initial
- shell window is present.
+Library
+-------
-Tests
------
+- Issue #12352: Fix a deadlock in multiprocessing.Heap when a block is freed by
+ the garbage collector while the Heap lock is held.
-- Issue #19804: The test_find_mac test in test_uuid is now skipped if the
- ifconfig executable is not available.
+- Issue #985064: Make plistlib more resilient to faulty input plists.
+ Patch by Mher Movsisyan.
-- Issue #19886: Use better estimated memory requirements for bigmem tests.
+- Issue #12175: RawIOBase.readall() now returns None if read() returns None.
-- Backported tests for Tkinter variables.
+- Issue #12175: FileIO.readall() now raises a ValueError instead of an IOError
+ if the file is closed.
-- Issue #19320: test_tcl no longer fails when wantobjects is false.
+- Issue #12100: Don't reset incremental encoders of CJK codecs at each call to
+ their encode() method anymore, but continue to call the reset() method if the
+ final argument is True.
-- Issue #19683: Removed empty tests from test_minidom. Initial patch by
- Ajitesh Gupta.
+- Issue #5715: In socketserver, close the server socket in the child process.
-- Issue #19928: Implemented a test for repr() of cell objects.
+- Issue #12124: zipimport doesn't keep a reference to zlib.decompress() anymore
+ to be able to unload the module.
-- Issue #19595, #19987: Re-enabled a long-disabled test in test_winsound.
+- Issue #10801: In zipfile, support different encodings for the header and
+ the filenames.
-- Issue #19588: Fixed tests in test_random that were silently skipped most
- of the time. Patch by Julian Gindi.
+- Issue #10154, #10090: change the normalization of UTF-8 to "UTF-8" instead
+ of "UTF8" in the locale module as the latter is not supported MacOSX and OpenBSD.
-- Issue #17883: Tweak test_tcl testLoadWithUNC to skip the test in the
- event of a permission error on Windows and to properly report other
- skip conditions.
+- Issue #10756: atexit normalizes the exception before displaying it. Patch by
+ Andreas Stührk.
-- Issue #17883: Backported _is_gui_available() in test.test_support to
- avoid hanging Windows buildbots on test_ttk_guionly.
+- Issue #8650: Make zlib module 64-bit clean. compress(), decompress() and
+ their incremental counterparts now raise OverflowError if given an input
+ larger than 4GB, instead of silently truncating the input and returning
+ an incorrect result.
-- Issue #18702, #19572: All skipped tests now reported as skipped.
+- Issue #12050: zlib.decompressobj().decompress() now clears the unconsumed_tail
+ attribute when called without a max_length argument.
-- Issue #19085: Added basic tests for all tkinter widget options.
+- Issue #12062: Fix a flushing bug when doing a certain type of I/O sequence
+ on a file opened in read+write mode (namely: reading, seeking a bit forward,
+ writing, then seeking before the previous write but still within buffered
+ data, and writing again).
-Documentation
--------------
+- Issue #1028: Tk returns invalid Unicode null in %A: UnicodeDecodeError.
+ With Tk < 8.5 _tkinter.c:PythonCmd() raised UnicodeDecodeError, caused
+ IDLE to exit. Converted to valid Unicode null in PythonCmd().
-- Issue #18840: Introduce the json module in the tutorial, and deemphasize
- the pickle module.
+- Issue #10419: Fix build_scripts command of distutils to handle correctly
+ non-ASCII scripts. Open and write the script in binary mode, but ensure that
+ the shebang is decodable from UTF-8 and from the encoding of the script.
-- Issue #19795: Improved markup of True/False constants.
+- Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional.
+- Issue #11164: Stop trying to use _xmlplus in the xml module.
-Whats' New in Python 2.7.6?
-===========================
+- Issue #11927: SMTP_SSL now uses port 465 by default as documented. Patch
+ by Kasun Herath.
-*Release date: 2013-11-10*
+- Issue #12002: ftplib's abort() method raises TypeError.
-Library
--------
+- Issue #11999: fixed sporadic sync failure mailbox.Maildir due to its trying to
+ detect mtime changes by comparing to the system clock instead of to the
+ previous value of the mtime.
-- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler.
+- Issue #10684: shutil.move used to delete a folder on case insensitive
+ filesystems when the source and destination name where the same except
+ for the case.
-IDLE
-----
+- Issue #11277: mmap.mmap() calls fcntl(fd, F_FULLFSYNC) on Mac OS X to get
+ around a mmap bug with sparse files. Patch written by Steffen Daode Nurpmeso.
-- Issue #19426: Fixed the opening of Python source file with specified encoding.
+- Issue #11763: don't use difflib in TestCase.assertMultiLineEqual if the
+ strings are too long.
-Tests
------
+- Issue #11236: getpass.getpass responds to ctrl-c or ctrl-z on terminal.
-- Issue #19457: Fixed xmlcharrefreplace tests on wide build when tests are
- loaded from .py[co] files.
+- Issue #11768: The signal handler of the signal module only calls
+ Py_AddPendingCall() for the first signal to fix a deadlock on reentrant or
+ parallel calls. PyErr_SetInterrupt() writes also into the wake up file.
-Build
------
+- Issue #11467: Fix urlparse behavior when handling urls which contains scheme
+ specific part only digits. Patch by Santoso Wijaya.
-- Issue #15663: Revert OS X installer built-in Tcl/Tk support for 2.7.6.
- Some third-party projects, such as Matplotlib and PIL/Pillow,
- depended on being able to build with Tcl and Tk frameworks in
- /Library/Frameworks.
+- Issue #11875: collections.OrderedDict's __reduce__ was temporarily
+ mutating the object instead of just working on a copy.
+- collections.Counter().copy() now works correctly for subclasses.
-What's New in Python 2.7.6 release candidate 1?
-===============================================
+- Issue #11474: Fix the bug with url2pathname() handling of '/C|/' on Windows.
+ Patch by Santoso Wijaya.
-*Release date: 2013-10-26*
+- Issue #9233: Fix json to work properly even when _json is not available.
-Core and Builtins
------------------
+- Issue #11703: urllib2.geturl() does not return correct url when the original
+ url contains #fragment.
-- Issue #18603: Ensure that PyOS_mystricmp and PyOS_mystrnicmp are in the
- Python executable and not removed by the linker's optimizer.
+- Issue #10019: Fixed regression in json module where an indent of 0 stopped
+ adding newlines and acted instead like 'None'.
-- Issue #19279: UTF-7 decoder no more produces illegal unicode strings.
+- Issue #5162: Treat services like frozen executables to allow child spawning
+ from multiprocessing.forking on Windows.
-- Issue #18739: Fix an inconsistency between math.log(n) and math.log(long(n));
- the results could be off from one another by a ulp or two.
+- Issue #10963: Ensure that subprocess.communicate() never raises EPIPE.
-- Issue #13461: Fix a crash in the "replace" error handler on 64-bit platforms.
- Patch by Yogesh Chaudhari.
+- Issue #11696: Fix ID generation in msilib.
-- Issue #15866: The xmlcharrefreplace error handler no more produces two XML
- entities for a non-BMP character on narrow build.
+- Issue #9696: Fix exception incorrectly raised by xdrlib.Packer.pack_int when
+ trying to pack a negative (in-range) integer.
-- Issue #18184: PyUnicode_FromFormat() and PyUnicode_FromFormatV() now raise
- OverflowError when an argument of %c format is out of range.
+- Issue #11675: multiprocessing.[Raw]Array objects created from an integer size
+ are now zeroed on creation. This matches the behaviour specified by the
+ documentation.
-- Issue #18137: Detect integer overflow on precision in float.__format__()
- and complex.__format__().
+- Issue #7639: Fix short file name generation in bdist_msi.
-- Issue #18038: SyntaxError raised during compilation sources with illegal
- encoding now always contains an encoding name.
+- Issue #11659: Fix ResourceWarning in test_subprocess introduced by #11459.
+ Patch by Ben Hayden.
-- Issue #18019: Fix crash in the repr of dictionaries containing their own
- views.
+- Issue #11662: Make urllib and urllib2 ignore redirections if the
+ scheme is not HTTP, HTTPS or FTP (CVE-2011-1521).
-- Issue #18427: str.replace could crash the interpreter with huge strings.
+- Issue #5537: Fix time2isoz() and time2netscape() functions of
+ httplib.cookiejar for expiration year greater than 2038 on 32-bit systems.
-Library
--------
+- Issue #11459: A ``bufsize`` value of 0 in subprocess.Popen() really creates
+ unbuffered pipes, such that select() works properly on them.
-- Issue #19393: Fix symtable.symtable function to not be confused when there are
- functions or classes named "top".
+- Issue #5421: Fix misleading error message when one of socket.sendto()'s
+ arguments has the wrong type. Patch by Nikita Vetoshkin.
-- Issue #19327: Fixed the working of regular expressions with too big charset.
+- Issue #11401: fix handling of headers with no value; this fixes a regression
+ relative to Python2 and the result is now the same as it was in Python2.
-- Issue #19350: Increasing the test coverage of macurl2path. Patch by Colin
- Williams.
+- Issue #9298: base64 bodies weren't being folded to line lengths less than 78,
+ which was a regression relative to Python2. Unlike Python2, the last line
+ of the folded body now ends with a carriage return.
-- Issue #19352: Fix unittest discovery when a module can be reached
- through several paths (e.g. under Debian/Ubuntu with virtualenv).
+- Issue #11569: use absolute path to the sysctl command in multiprocessing to
+ ensure that it will be found regardless of the shell PATH. This ensures
+ that multiprocessing.cpu_count works on default installs of MacOSX.
-- Issue #15207: Fix mimetypes to read from correct part of Windows registry
- Original patch by Dave Chambers
+- Issue #11501: disutils.archive_utils.make_zipfile no longer fails if zlib is
+ not installed. Instead, the zipfile.ZIP_STORED compression is used to create
+ the ZipFile. Patch by Natalia B. Bidart.
-- Issue #8964: fix platform._sys_version to handle IronPython 2.6+.
- Patch by Martin Matusiak.
+- Issue #11491: dbm.error is no longer raised when dbm.open is called with
+ the "n" as the flag argument and the file exists. The behavior matches
+ the documentation and general logic.
-- Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
- limiting the call to readline(). Original patch by Michał
- Jastrzębski and Giampaolo Rodola.
+- Issue #11131: Fix sign of zero in decimal.Decimal plus and minus
+ operations when the rounding mode is ROUND_FLOOR.
-- Issue #19276: Fixed the wave module on 64-bit big-endian platforms.
+- Issue #5622: Fix curses.wrapper to raise correct exception if curses
+ initialization fails.
-- Issue #18458: Prevent crashes with newer versions of libedit. Its readline
- emulation has changed from 0-based indexing to 1-based like gnu readline.
- Original patch by Ronald Oussoren.
+- Issue #11391: Writing to a mmap object created with
+ ``mmap.PROT_READ|mmap.PROT_EXEC`` would segfault instead of raising a
+ TypeError. Patch by Charles-François Natali.
-- Issue #18919: If the close() method of a writer in the sunau or wave module
- failed, second invocation of close() and destructor no more raise an
- exception. Second invocation of close() on sunau writer now has no effects.
- The aifc module now accepts lower case of names of the 'ulaw' and 'alaw'
- codecs.
+- Issue #11265: asyncore now correctly handles EPIPE, EBADF and EAGAIN errors
+ on accept(), send() and recv().
-- Issue #19131: The aifc module now correctly reads and writes sampwidth of
- compressed streams.
+- Issue #10276: Fix the results of zlib.crc32() and zlib.adler32() on buffers
+ larger than 4GB. Patch by Nadeem Vawda.
-- Issue #19158: a rare race in BoundedSemaphore could allow .release() too
- often.
+- Issue #4681: Allow mmap() to work on file sizes and offsets larger than
+ 4GB, even on 32-bit builds. Initial patch by Ross Lagerwall, adapted for
+ 32-bit Windows.
-- Issue #18037: 2to3 now escapes '\u' and '\U' in native strings.
+- email.header.Header was incorrectly encoding folding white space when
+ rfc2047-encoding header values with embedded newlines, leaving them
+ without folding whitespace. It now uses the continuation_ws, as it
+ does for continuation lines that it creates itself.
-- Issue #19137: The pprint module now correctly formats empty set and frozenset
- and instances of set and frozenset subclasses.
+- Issue #10360: In WeakSet, do not raise TypeErrors when testing for
+ membership of non-weakrefable objects.
-- Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to
- prevent readline() calls from consuming too much memory. Patch by Jyrki
- Pulliainen.
+- Issue #10549: Fix pydoc traceback when text-documenting certain classes.
-- Issue #12641: Avoid passing "-mno-cygwin" to the mingw32 compiler, except
- when necessary. Patch by Oscar Benjamin.
+- Issue #11110: Fix _sqlite to not deref a NULL when module creation fails.
-- Properly initialize all fields of a SSL object after allocation.
+- Issue #11089: Fix performance issue limiting the use of ConfigParser()
+ with large config files.
-- Issue #4366: Fix building extensions on all platforms when --enable-shared
- is used.
+- Issue #8275: Fix passing of callback arguments with ctypes under Win64.
+ Patch by Stan Mihai.
-- Issue #18950: Fix miscellaneous bugs in the sunau module.
- Au_read.readframes() now updates current file position and reads correct
- number of frames from multichannel stream. Au_write.writeframesraw() now
- correctly updates current file position. Au_read and Au_write now correctly
- work with file object if start file position is not a zero.
+- Issue #11053: Fix IDLE "Syntax Error" windows to behave as in 2.x,
+ preventing a confusing hung appearance on OS X with the windows
+ obscured.
-- Issue #18050: Fixed an incompatibility of the re module with Python 2.7.3
- and older binaries.
+- Issue #11052: Correct IDLE menu accelerators on Mac OS X for Save
+ commands.
-- Issue #19037: The mailbox module now makes all changes to maildir files
- before moving them into place, to avoid race conditions with other programs
- that may be accessing the maildir directory.
+- Issue #11020: Command-line pyclbr was broken because of missing 2-to-3
+ conversion.
-- Issue #14984: On POSIX systems, when netrc is called without a filename
- argument (and therefore is reading the user's $HOME/.netrc file), it now
- enforces the same security rules as typical ftp clients: the .netrc file must
- be owned by the user that owns the process and must not be readable by any
- other user.
+- Issue #10974: IDLE no longer crashes if its recent files list includes files
+ with non-ASCII characters in their path names.
-- Issue #17324: Fix http.server's request handling case on trailing '/'. Patch
- contributed by Vajrasky Kok.
+- Issue #10987: Fix the recursion limit handling in the _pickle module.
-- Issue #19018: The heapq.merge() function no longer suppresses IndexError
- in the underlying iterables.
+- Issue #10949: Improved robustness of rotating file handlers.
-- Issue #18784: The uuid module no more attempts to load libc via ctypes.CDLL,
- if all necessary functions are already found in libuuid.
- Patch by Evgeny Sologubov.
+- Issue #10955: Fix a potential crash when trying to mmap() a file past its
+ length. Initial patch by Ross Lagerwall.
-- Issue #14971: unittest test discovery no longer gets confused when a function
- has a different __name__ than its name in the TestCase class dictionary.
+- Issue #10898: Allow compiling the posix module when the C library defines
+ a symbol named FSTAT.
-- Issue #18672: Fixed format specifiers for Py_ssize_t in debugging output in
- the _sre module.
+- Issue #10916: mmap should not segfault when a file is mapped using 0 as
+ length and a non-zero offset, and an attempt to read past the end of file
+ is made (IndexError is raised instead). Patch by Ross Lagerwall.
-- Issue #18830: inspect.getclasstree() no more produces duplicated entries even
- when input list contains duplicates.
+- Issue #10899: No function type annotations in the standard library.
+ Removed function type annotations from _pyio.py.
-- Issue #18909: Fix _tkinter.tkapp.interpaddr() on Windows 64-bit, don't cast
- 64-bit pointer to long (32 bits).
+- Issue #10875: Update Regular Expression HOWTO; patch by 'SilentGhost'.
-- Issue #18876: The FileIO.mode attribute now better reflects the actual mode
- under which the file was opened. Patch by Erik Bray.
+- Issue #10869: Fixed bug where ast.increment_lineno modified the root
+ node twice.
-- Issue #18851: Avoid a double close of subprocess pipes when the child
- process fails starting.
+- Issue #5871: email.header.Header.encode now raises an error if any
+ continuation line in the formatted value has no leading white space
+ and looks like a header. Since Generator uses Header to format all
+ headers, this check is made for all headers in any serialized message
+ at serialization time. This provides protection against header
+ injection attacks.
-- Issue #18418: After fork(), reinit all threads states, not only active ones.
- Patch by A. Jesse Jiryu Davis.
+- Issue #7858: Raise an error properly when os.utime() fails under Windows
+ on an existing file.
-- Issue #11973: Fix a problem in kevent. The flags and fflags fields are now
- properly handled as unsigned.
+- Issue #3839: wsgiref should not override a Content-Length header set by
+ the application. Initial patch by Clovis Fabricio.
-- Issue #16809: Fixed some tkinter incompabilities with Tcl/Tk 8.6.
+- Issue #10790: email.header.Header.append's charset logic now works correctly
+ for charsets whose output codec is different from its input codec.
-- Issue #16809: Tkinter's splitlist() and split() methods now accept Tcl_Obj
- argument.
+- Issue #6643: Reinitialize locks held within the threading module after fork
+ to avoid a potential rare deadlock or crash on some platforms.
-- Issue #17119: Fixed integer overflows when processing large Unicode strings
- and tuples in the tkinter module.
+- Issue #10806, issue #9905: Fix subprocess pipes when some of the standard
+ file descriptors (0, 1, 2) are closed in the parent process. Initial
+ patch by Ross Lagerwall.
-- Issue #15233: Python now guarantees that callables registered with the atexit
- module will be called in a deterministic order.
+- Issue #10753 - Characters ';', '=' and ',' in the PATH_INFO environment
+ variable won't be quoted when the URI is constructed by the wsgiref.util's
+ request_uri method. According to RFC 3986, these characters can be a part of
+ params in PATH component of URI and need not be quoted.
-- Issue #18747: Re-seed OpenSSL's pseudo-random number generator after fork.
- A pthread_atfork() parent handler is used to seed the PRNG with pid, time
- and some stack data.
+- Issue #10738: Fix webbrowser.Opera.raise_opts
-- Issue #8865: Concurrent invocation of select.poll.poll() now raises a
- RuntimeError exception. Patch by Christian Schubert.
+- Issue #9824: SimpleCookie now encodes , and ; in values to cater to how
+ browsers actually parse cookies.
-- Issue #13461: Fix a crash in the TextIOWrapper.tell method on 64-bit
- platforms. Patch by Yogesh Chaudhari.
+- Issue #5258/#10642: if site.py encounters a .pth file that generates an error,
+ it now prints the filename, line number, and traceback to stderr and skips
+ the rest of that individual file, instead of stopping processing entirely.
-- Issue #18777: The ssl module now uses the new CRYPTO_THREADID API of
- OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.
+- Issue #4871: The zipfile module now gives a more useful error message if
+ an attempt is made to use a string to specify the archive password.
-- Issue #18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok.
+- Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only.
-- Issue #18178: Fix ctypes on BSD. dlmalloc.c was compiled twice which broke
- malloc weak symbols.
+- Issue #6791: Limit header line length (to 65535 bytes) in http.client
+ and http.server, to avoid denial of services from the other party.
-- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
- inside subjectAltName correctly. Formerly the module has used OpenSSL's
- GENERAL_NAME_print() function to get the string represention of ASN.1
- strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and
- ``uniformResourceIdentifier`` (URI).
+- Issue #10404: Use ctl-button-1 on OSX for the context menu in Idle.
-- Issue #18756: Improve error reporting in os.urandom() when the failure
- is due to something else than /dev/urandom not existing (for example,
- exhausting the file descriptor limit).
+- Issue #4188: Avoid creating dummy thread objects when logging operations
+ from the threading module (with the internal verbose flag activated).
-- Fix tkinter regression introduced by the security fix in issue #16248.
+- Issue #9721: Fix the behavior of urljoin when the relative url starts with a
+ ';' character. Patch by Wes Chow.
-- Issue #18676: Change 'positive' to 'non-negative' in queue.py put and get
- docstrings and ValueError messages. Patch by Zhongyue Luo
+- Issue #10714: Limit length of incoming request in http.server to 65536 bytes
+ for security reasons. Initial patch by Ross Lagerwall.
-- Issue #17998: Fix an internal error in regular expression engine.
+- Issue #9558: Fix distutils.command.build_ext with VS 8.0.
-- Issue #17557: Fix os.getgroups() to work with the modified behavior of
- getgroups(2) on OS X 10.8. Original patch by Mateusz Lenik.
+- Issue #10695: passing the port as a string value to telnetlib no longer
+ causes debug mode to fail.
-- Issue #18455: multiprocessing should not retry connect() with same socket.
+- Issue #1078919: add_header now automatically RFC2231 encodes parameters
+ that contain non-ascii values.
-- Issue #18513: Fix behaviour of cmath.rect w.r.t. signed zeros on OS X 10.8 +
- gcc.
+- Issue #10107: Warn about unsaved files in IDLE on OSX.
-- Issue #18101: Tcl.split() now process Unicode strings nested in a tuple as it
- do with byte strings.
+- Issue #7904: Changes to urllib.parse.urlsplit to handle schemes as defined by
+ RFC3986. Anything before :// is considered a scheme and is followed by an
+ authority (or netloc) and by '/' led path, which is optional.
-- Issue #18347: ElementTree's html serializer now preserves the case of
- closing tags.
+- Issue #10478: Reentrant calls inside buffered IO objects (for example by
+ way of a signal handler) now raise a RuntimeError instead of freezing the
+ current process.
-- Issue #17261: Ensure multiprocessing's proxies use proper address.
+- Issue #10464: netrc now correctly handles lines with embedded '#' characters.
-- Issue #17097: Make multiprocessing ignore EINTR.
+- Issue #1731717: Fixed the problem where subprocess.wait() could cause an
+ OSError exception when The OS had been told to ignore SIGCLD in our process
+ or otherwise not wait for exiting child processes.
-- Issue #18155: The csv module now correctly handles csv files that use
- a delimiter character that has a special meaning in regexes, instead of
- throwing an exception.
+- Issue #11500: Fixed a bug in the os x proxy bypass code for fully qualified
+ IP addresses in the proxy exception list.
-- Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if the input
- string in longer than 2 gigabytes. The ssl module does not support partial
- write.
+Extension Modules
+-----------------
-- Issue #18167: cgi.FieldStorage no longer fails to handle multipart/form-data
- when \r\n appears at end of 65535 bytes without other newlines.
+- Issue #12051: Fix segfault in json.dumps() while encoding highly-nested
+ objects using the C accelerations.
-- Issue #17403: urllib.parse.robotparser normalizes the urls before adding to
- ruleline. This helps in handling certain types invalid urls in a conservative
- manner. Patch contributed by Mher Movsisyan.
+- Issue #12017: Fix segfault in json.loads() while decoding highly-nested
+ objects using the C accelerations.
-- Implement inequality on weakref.WeakSet.
+- Issue #1838: Prevent segfault in ctypes, when _as_parameter_ on a class is set
+ to an instance of the class.
-- Issue #17981: Closed socket on error in SysLogHandler.
+- Issue #678250: Make mmap flush a noop on ACCESS_READ and ACCESS_COPY.
-- Issue #18015: Fix unpickling of 2.7.3 and 2.7.4 namedtuples.
+Build
+-----
-- Issue #17754: Make ctypes.util.find_library() independent of the locale.
+- Issue #11411: Fix 'make DESTDIR=' with a relative destination.
-- Fix typos in the multiprocessing module.
+- Issue #11184: Fix large-file support on AIX.
-- Issue #17269: Workaround for socket.getaddrinfo crash on MacOS X
- with port None or "0" and flags AI_NUMERICSERV.
+- Issue #941346: Fix broken shared library build on AIX.
-- Issue #18080: When building a C extension module on OS X, if the compiler
- is overriden with the CC environment variable, use the new compiler as
- the default for linking if LDSHARED is not also overriden. This restores
- Distutils behavior introduced in 2.7.3 and inadvertently dropped in 2.7.4.
+- Issue #7716: Under Solaris, don't assume existence of /usr/xpg4/bin/grep in
+ the configure script but use $GREP instead. Patch by Fabian Groffen.
-- Issue #18071: C extension module builds on OS X could fail with TypeError
- if the Xcode command line tools were not installed.
+- Issue #10475: Don't hardcode compilers for LDSHARED/LDCXXSHARED on NetBSD
+ and DragonFly BSD. Patch by Nicolas Joly.
-- Issue #18113: Fixed a refcount leak in the curses.panel module's
- set_userptr() method. Reported by Atsuo Ishimoto.
+- Issue #10655: Fix the build on PowerPC on Linux with GCC when building with
+ timestamp profiling (--with-tsc): the preprocessor test for the PowerPC
+ support now looks for "__powerpc__" as well as "__ppc__": the latter seems to
+ only be present on OS X; the former is the correct one for Linux with GCC.
-- Issue #18849: Fixed a Windows-specific tempfile bug where collision with an
- existing directory caused mkstemp and related APIs to fail instead of
- retrying. Report and fix by Vlad Shcherbina.
-
-- Issue #19400: Prevent extension module build failures with Xcode 5 on OS X
- 10.8+ when using a universal Python that included a PPC architecture,
- such as with a python.org 32-bit-only binary installer.
-
-Tools/Demos
------------
-
-- Issue #18873: 2to3 and the findnocoding.py script now detect Python source
- code encoding only in comment lines.
-
-- Issue #18817: Fix a resource warning in Lib/aifc.py demo.
-
-- Issue #18439: Make patchcheck work on Windows for ACKS, NEWS.
-
-- Issue #18448: Fix a typo in Demo/newmetaclasses/Eiffel.py.
-
-- Issue #12990: The "Python Launcher" on OSX could not launch python scripts
- that have paths that include wide characters.
-
-Build
------
-
-- Issue #16067: Add description into MSI file to replace installer's temporary name.
-
-- Issue #18256: Compilation fix for recent AIX releases. Patch by
- David Edelsohn.
-
-- Issue #18098: The deprecated OS X Build Applet.app fails to build on
- OS X 10.8 systems because the Apple-deprecated QuickDraw headers have
- been removed from Xcode 4. Skip building it in this case.
-
-- Issue #1584: Provide options to override default search paths for
- Tcl and Tk when building _tkinter.
-
-- Issue #15663: Tcl/Tk 8.5.15 is now included with the OS X 10.6+
- 64-bit/32-bit installer for 10.6+. It is no longer necessary
- to install a third-party version of Tcl/Tk 8.5 to work around the
- problems in the Apple-supplied Tcl/Tk 8.5 shipped in OS X 10.6
- and later releases.
-
-- Issue #19019: Change the OS X installer build script to use CFLAGS instead
- of OPT for special build options. By setting OPT, some compiler-specific
- options like -fwrapv were overridden and thus not used, which could result
- in broken interpreters when building with clang.
-
-IDLE
-----
-
-- Issue #18873: IDLE now detects Python source code encoding only in comment
- lines.
-
-- Issue #18988: The "Tab" key now works when a word is already autocompleted.
-
-- Issue #18489: Add tests for SearchEngine. Original patch by Phil Webster.
-
-- Issue #18429: Format / Format Paragraph, now works when comment blocks
- are selected. As with text blocks, this works best when the selection
- only includes complete lines.
-
-- Issue #18226: Add docstrings and unittests for FormatParagraph.py.
- Original patches by Todd Rovito and Phil Webster.
-
-- Issue #18279: Format - Strip trailing whitespace no longer marks a file as
- changed when it has not been changed. This fix followed the addition of a
- test file originally written by Phil Webster (the issue's main goal).
-
-- Issue #18539: Calltips now work for float default arguments.
-
-- Issue #7136: In the Idle File menu, "New Window" is renamed "New File".
- Patch by Tal Einat, Roget Serwy, and Todd Rovito.
-
-- Issue #8515: Set __file__ when run file in IDLE.
- Initial patch by Bruce Frederiksen.
-
-- Issue #5492: Avoid traceback when exiting IDLE caused by a race condition.
-
-- Issue #17511: Keep IDLE find dialog open after clicking "Find Next".
- Original patch by Sarah K.
-
-- Issue #15392: Create a unittest framework for IDLE.
- Preliminary patch by Rajagopalasarma Jayakrishnan
- See Lib/idlelib/idle_test/README.txt for how to run Idle tests.
-
-- Issue #14146: Highlight source line while debugging on Windows.
-
-- Issue #17532: Always include Options menu for IDLE on OS X.
- Patch by Guilherme Simões.
+- Issue #1099: Fix the build on MacOSX when building a framework with pydebug
+ using GCC 4.0.
Tests
-----
projects / thirdparty / Python / cpython.git / commitdiff
