........
r87890 | georg.brandl | 2011-01-09 10:04:08 +0100 (So, 09 Jan 2011) | 1 line
Wrap some long examples and signatures.
........
r87891 | georg.brandl | 2011-01-09 10:31:01 +0100 (So, 09 Jan 2011) | 1 line
#10871: "file" does not exist anymore in Python 3. Also adapt the reprs of opened file objects.
........
svn+ssh://svn.python.org/python/branches/py3k
........
r87789 | georg.brandl | 2011-01-06 10:23:56 +0100 (Do, 06 Jan 2011) | 1 line
Fix various issues (mostly Python 2 relics) found by Jacques Ducasse.
........
r87790 | georg.brandl | 2011-01-06 10:25:27 +0100 (Do, 06 Jan 2011) | 1 line
Add acks where acks are due.
........
svn+ssh://svn.python.org/python/branches/py3k
........
r87791 | georg.brandl | 2011-01-06 11:05:26 +0100 (Do, 06 Jan 2011) | 1 line
#10844: update copyright years in Mac plists.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
........
r87873 | r.david.murray | 2011-01-08 21:35:24 -0500 (Sat, 08 Jan 2011) | 12 lines
#5871: protect against header injection attacks.
This makes Header.encode throw a HeaderParseError if it winds up
formatting a header such that a continuation line has no leading
whitespace and looks like a header. Since Header accepts values
containing newlines and preserves them (and this is by design), without
this fix any program that took user input (say, a subject in a web form)
and passed it to the email package as a header was vulnerable to header
injection attacks. (As far as we know this has never been exploited.)
Thanks to Jakub Wilk for reporting this vulnerability.
........
This makes Header.encode throw a HeaderParseError if it winds up
formatting a header such that a continuation line has no leading
whitespace and looks like a header. Since Header accepts values
containing newlines and preserves them (and this is by design), without
this fix any program that took user input (say, a subject in a web form)
and passed it to the email package as a header was vulnerable to header
injection attacks. (As far as we know this has never been exploited.)
Thanks to Jakub Wilk for reporting this vulnerability.
........
r87840 | r.david.murray | 2011-01-07 18:25:30 -0500 (Fri, 07 Jan 2011) | 6 lines
#10686: recode non-ASCII headers to 'unknown-8bit' instead of ?s.
This applies only when generating strings from non-RFC compliant binary
input; it makes the existing recoding behavior more consistent (ie:
now no data is lost when recoding).
........
This applies only when generating strings from non-RFC compliant binary
input; it makes the existing recoding behavior more consistent (ie:
now no data is lost when recoding).
Before this patch if a value being encoded had an embedded newline,
the line following the newline would have no leading whitespace,
and the whitespace it did have was encoded into the word. Now
the existing whitespace gets turned into a blank, the way it does
in other header reformatting, and the _continuation_ws gets added
at the beginning of the encoded line.
svn+ssh://pythondev@svn.python.org/python/branches/py3k
........
r87834 | antoine.pitrou | 2011-01-07 22:43:59 +0100 (ven., 07 janv. 2011) | 5 lines
Issue #8020: Avoid a crash where the small objects allocator would read
non-Python managed memory while it is being modified by another thread.
Patch by Matt Bandy.
........
