CVE-2021-3426: Remove the "getfile" feature of the pydoc module which
could be abused to read arbitrary files on the disk (directory
traversal vulnerability). Moreover, even source code of Python
modules can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
(cherry picked from commit 9b999479c0)
Co-authored-by: Victor Stinner <vstinner@python.org>
It doesn't actually affect whether match_hostname() is called (it
never is in this context any longer), but whether hostname
verification occurs in the first place.
(cherry picked from commit 9798cef92b)
Co-authored-by: Ville Skyttä <ville.skytta@iki.fi>
- removed ambiguous reference to os.sep from os.path.join() doc
(cherry picked from commit 21a2cabb37)
Co-authored-by: Jared Sutton <jpsutton@gmail.com>
OpenSSL copies the internal message callback from SSL_CTX->msg_callback to
SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback
to use the callback value of the new context.
PySSL_set_context() now resets the callback and _PySSL_msg_callback()
resets thread state in error path.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 77cde5042a)
Co-authored-by: Christian Heimes <christian@python.org>
Should fix some CI failures on buildbots that test an installed version of Python.
(cherry picked from commit 66c8adfa27)
Co-authored-by: Antoine Pitrou <antoine@python.org>
Python no longer fails at startup with a fatal error if a command
line argument contains an invalid Unicode character.
The Py_DecodeLocale() function now escapes byte sequences which would
be decoded as Unicode characters outside the [U+0000; U+10ffff]
range.
Use MAX_UNICODE constant in unicodeobject.c.
(cherry picked from commit 9976834f80)
Co-authored-by: Victor Stinner <vstinner@python.org>
Fix warning:
Objects\exceptions.c(2324,56): warning C4098:
'MemoryError_dealloc': 'void' function returning a value
(cherry picked from commit bbeb223e9a)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <vstinner@python.org>
bpo-43285: Make ftplib not trust the PASV response.
The IPv4 address value returned from the server in response to the PASV command
should not be trusted. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the client network.
Instead of using the returned address, we use the IP address we're
already connected to. This is the strategy other ftp clients adopted,
and matches the only strategy available for the modern IPv6 EPSV command
where the server response must return a port number and nothing else.
For the rare user who _wants_ this ugly behavior, set a `trust_server_pasv_ipv4_address`
attribute on your `ftplib.FTP` instance to True.
(cherry picked from commit 0ab152c6b5)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Answer "Why is there no goto?" in the Design and History FAQ.
(cherry picked from commit 5e29021a5e)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
* [3.9] bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836).
(cherry picked from commit 9c376bc1c4)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* Update gcmodule.c
* Update gcmodule.c
* Update gcmodule.c
* Update link to Django's Context class.
* Update link to get-pip.py.
(cherry picked from commit d0a445490e)
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
* Fix auth_login logic (bpo-27820)
* Also fix a longstanding bug in the SimSMTPChannel.found_terminator() method that causes inability to test
SMTP AUTH with initial_response_ok=False.
(cherry picked from commit 7591d9455e)
Co-authored-by: Pandu E POLUAN <pepoluan@gmail.com>
Check to make sure stdout and stderr are not empty before selecting an item from them in Windows subprocess._communicate.
Co-authored-by: Gregory P. Smith <greg@krypto.org>
(cherry picked from commit b4fc44bb2d)
Co-authored-by: Chris Griffith <chris@cdgriffith.com>
Fix a race condition of test_stress_modifying_handlers() of
test_signal: only raise signals while we are in the
catch_unraisable_exception() context manager.
Moreover, don't check if we received at least one
signal if at least one signal got ignored.
(cherry picked from commit 1fa17e8cc6)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <vstinner@python.org>
We now buffer the CONNECT request + tunnel HTTP headers into a single
send call. This prevents the OS from generating multiple network
packets for connection setup when not necessary, improving efficiency.
(cherry picked from commit c25910a135)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
We can receive signals (at the C level, in `trip_signal()` in signalmodule.c) while `signal.signal` is being called to modify the corresponding handler. Later when `PyErr_CheckSignals()` is called to handle the given signal, the handler may be a non-callable object and would raise a cryptic asynchronous exception.
(cherry picked from commit 68245b7a10)
Co-authored-by: Antoine Pitrou <antoine@python.org>
Previous wording implied that only the result of call N and N+1 could be
meaningfully compared, whereas comparing call N and N+M is fine.
(cherry picked from commit ff5f05934d)
Co-authored-by: Alex Willmer <alex@moreati.org.uk>
This reverts commit aca67da4fe.
(cherry picked from commit b5711c940f)
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
Automerge-Triggered-By: GH:jaraco
