From: Łukasz Langa <lukasz@langa.pl>
Date: Tue, 3 Jun 2025 18:33:38 +0000 (+0200)
Subject: Reword 3.9.23 notable changes to reflect status of backports
X-Git-Tag: v3.9.23~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=920a1c30dd547548c79744994164c48557cc0688;p=thirdparty%2FPython%2Fcpython.git

Reword 3.9.23 notable changes to reflect status of backports
---

diff --git a/Doc/whatsnew/3.9.rst b/Doc/whatsnew/3.9.rst
index 8196f76f1e29..18bdf386085e 100644
--- a/Doc/whatsnew/3.9.rst
+++ b/Doc/whatsnew/3.9.rst
@@ -1670,9 +1670,10 @@ Notable changes in 3.9.23
 os.path
 -------
 
-* The *strict* parameter to :func:`os.path.realpath` accepts a new value,
-  :data:`os.path.ALLOW_MISSING`.
-  If used, errors other than :exc:`FileNotFoundError` will be re-raised;
+* The *strict* parameter was backported to :func:`os.path.realpath` to
+  allow for ``tarfile`` to use it for security vulnerability mitigation.
+  In particular, when *strict* is set to :data:`os.path.ALLOW_MISSING`,
+  errors other than :exc:`FileNotFoundError` will be re-raised;
   the resulting path can be missing but it will be free of symlinks.
   (Contributed by Petr Viktorin for CVE 2025-4517.)