From: R David Murray <rdmurray@bitdance.com>
Date: Wed, 7 Sep 2016 21:46:55 +0000 (-0400)
Subject: Merge: #22233: Only split headers on \r and/or \n, per email RFCs.
X-Git-Tag: v3.6.0b1~327
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1badd2816361354f5e69d234b4ff3315f5f590cc;p=thirdparty%2FPython%2Fcpython.git

Merge: #22233: Only split headers on \r and/or \n, per email RFCs.
---

1badd2816361354f5e69d234b4ff3315f5f590cc
diff --cc Misc/NEWS
index 56d8434d810c,9437b86f30de..71598b7c473e
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@@ -91,21 -41,33 +91,25 @@@ Core and Builtin
  Library
  -------
  
+ - Issue #22233: Break email header lines *only* on the RFC specified CR and LF
+   characters, not on arbitrary unicode line breaks.  This also fixes a bug in
+   HTTP header parsing.
+ 
 +- Issue 27331: The email.mime classes now all accept an optional policy keyword.
 +
  - Issue 27988: Fix email iter_attachments incorrect mutation of payload list.
  
 +- Issue #16113: Add SHA-3 and SHAKE support to hashlib module.
 +
 +- Eliminate a tautological-pointer-compare warning in _scproxy.c.
 +
 +- Issue #27776: The :func:`os.urandom` function does now block on Linux 3.17
 +  and newer until the system urandom entropy pool is initialized to increase
 +  the security. This change is part of the :pep:`524`.
 +
 +- Issue #27778: Expose the Linux ``getrandom()`` syscall as a new
 +  :func:`os.getrandom` function. This change is part of the :pep:`524`.
 +
  - Issue #27691: Fix ssl module's parsing of GEN_RID subject alternative name
    fields in X.509 certs.