Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
(cherry picked from commit 72fcd14a82)
Co-authored-by: Erik Soma <stillusingirc@gmail.com>
1. Bad IP masquerade rules can prevent startup.
2. X cannot handle some complex colored chars.
(cherry picked from commit 1b4a9c7956)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Signed-off-by: Christian Heimes <christian@python.org>
Automerge-Triggered-By: GH:tiran.
(cherry picked from commit a54fc683f2)
Co-authored-by: Christian Heimes <christian@python.org>
This test checks result code of the connection directly, so it never raises an exception that can be suppressed by `support.transient_internet`. Directly support skipping the test in case of unreachable network.
(cherry picked from commit 29c451c698)
Co-authored-by: Carl Meyer <carl@oddbird.net>
Co-authored-by: Carl Meyer <carl@oddbird.net>
curses.update_lines_cols() is only defined when the curses library
provides either resizeterm() or resize_term() functions which are optional
and are not provided on AIX.
(cherry picked from commit c8b5738810)
Co-authored-by: Michael Felt <aixtools@users.noreply.github.com>
CVE-2021-3426: Remove the "getfile" feature of the pydoc module which
could be abused to read arbitrary files on the disk (directory
traversal vulnerability). Moreover, even source code of Python
modules can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
(cherry picked from commit 9b999479c0)
Co-authored-by: Victor Stinner <vstinner@python.org>
It doesn't actually affect whether match_hostname() is called (it
never is in this context any longer), but whether hostname
verification occurs in the first place.
(cherry picked from commit 9798cef92b)
Co-authored-by: Ville Skyttä <ville.skytta@iki.fi>
- removed ambiguous reference to os.sep from os.path.join() doc
(cherry picked from commit 21a2cabb37)
Co-authored-by: Jared Sutton <jpsutton@gmail.com>
OpenSSL copies the internal message callback from SSL_CTX->msg_callback to
SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback
to use the callback value of the new context.
PySSL_set_context() now resets the callback and _PySSL_msg_callback()
resets thread state in error path.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 77cde5042a)
Co-authored-by: Christian Heimes <christian@python.org>
Should fix some CI failures on buildbots that test an installed version of Python.
(cherry picked from commit 66c8adfa27)
Co-authored-by: Antoine Pitrou <antoine@python.org>
Python no longer fails at startup with a fatal error if a command
line argument contains an invalid Unicode character.
The Py_DecodeLocale() function now escapes byte sequences which would
be decoded as Unicode characters outside the [U+0000; U+10ffff]
range.
Use MAX_UNICODE constant in unicodeobject.c.
(cherry picked from commit 9976834f80)
Co-authored-by: Victor Stinner <vstinner@python.org>
Fix warning:
Objects\exceptions.c(2324,56): warning C4098:
'MemoryError_dealloc': 'void' function returning a value
(cherry picked from commit bbeb223e9a)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <vstinner@python.org>
bpo-43285: Make ftplib not trust the PASV response.
The IPv4 address value returned from the server in response to the PASV command
should not be trusted. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the client network.
Instead of using the returned address, we use the IP address we're
already connected to. This is the strategy other ftp clients adopted,
and matches the only strategy available for the modern IPv6 EPSV command
where the server response must return a port number and nothing else.
For the rare user who _wants_ this ugly behavior, set a `trust_server_pasv_ipv4_address`
attribute on your `ftplib.FTP` instance to True.
(cherry picked from commit 0ab152c6b5)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Answer "Why is there no goto?" in the Design and History FAQ.
(cherry picked from commit 5e29021a5e)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
* [3.9] bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836).
(cherry picked from commit 9c376bc1c4)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* Update gcmodule.c
* Update gcmodule.c
* Update gcmodule.c
