mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-09-30 04:15:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

[3.9] bpo-43285: Add a What's New entry for 3.9.3. (GH-24888)

Browse source 
Covers the ftplib security fix.
This commit is contained in:
Gregory P. Smith 2021-03-15 21:37:58 -07:00 committed by GitHub
parent 7dcb4baa4f
commit d0312cece9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Doc/whatsnew/3.9.rst
View file

@ -1529,3 +1529,12 @@ separator key, with ``&`` as the default. This change also affects
functions internally. For more details, please see their respective functions internally. For more details, please see their respective
documentation. documentation.
(Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.) (Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.)
Notable changes in Python 3.9.3
===============================
A security fix alters the :class:`ftplib.FTP` behavior to not trust the
IPv4 address sent from the remote server when setting up a passive data
channel. We reuse the ftp server IP address instead. For unusual code
requiring the old behavior, set a ``trust_server_pasv_ipv4_address``
attribute on your FTP instance to ``True``. (See :issue:`43285`)