mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-23 09:19:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
cpython/Lib
History
Petr Viktorin 4d069d5b11
[3.8] [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (GH-111116) (#123770) 
Detect email address parsing errors and return empty tuple to
indicate the parsing error (old API). Add an optional 'strict'
parameter to getaddresses() and parseaddr() functions. Patch by
Thomas Dwyer.

(cherry picked from commit 4a153a1d3b)

Co-authored-by: Victor Stinner <vstinner@python.org>
Co-Authored-By: Thomas Dwyer <github@tomd.tel>
2024-09-06 13:14:09 +02:00
..
asyncio [3.8] gh-121957: Emit audit events for python -i and python -m asyncio (GH-122121) 2024-07-22 17:08:28 +02:00
collections bpo-39674: Fix collections ABC deprecation notice (GH-25281) 2021-04-09 01:29:19 +02:00
concurrent bpo-35930: Raising an exception raised in a "future" instance will create reference cycles (GH-24995) (#25071) 2021-03-29 19:53:14 +02:00
ctypes bpo-32745: Fix a regression in the handling of ctypes' c_wchar_p type (GH-8721) (#25811) 2021-05-02 13:03:23 +02:00
curses
dbm
distutils [3.8] bpo-41100: Support macOS 11 Big Sur and Apple Silicon Macs (#25806) 2021-05-02 11:18:58 +02:00
email [3.8] [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (GH-111116) (#123770) 2024-09-06 13:14:09 +02:00
encodings [3.8] gh-98433: Fix quadratic time idna decoding. (GH-99092) (GH-99222) (GH-99231) 2022-11-10 16:55:43 +01:00
ensurepip [3.8] gh-101997: Remove stale pip-22.0.4-py3-none-any.whl from the 3.8 branch (#108998) 2023-09-06 17:00:32 +02:00
html bpo-41748: Handles unquoted attributes with commas (GH-24072) 2021-02-01 12:52:52 -08:00
http [3.8] gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075) (#123108) 2024-09-04 17:40:38 +02:00
idlelib [3.8] gh-97032: avoid test_squeezer crash on macOS buildbots (GH-115508) (GH-115656) 2024-02-21 12:21:53 +01:00
importlib [3.8] bpo-46474: Avoid REDoS in EntryPoint.pattern (sync with importlib_metadata 4.10.1) (GH-30803). (#30829) 2022-02-14 18:56:03 +01:00
json [3.8] bpo-39828: Fix json.tool to catch BrokenPipeError (GH-18779). (GH-18894) 2020-03-10 01:14:08 -07:00
lib2to3 bpo-36541: Add lib2to3 grammar PEP-570 pos-only arg parsing (GH-23759) 2020-12-14 09:29:57 -08:00
logging bpo-43353: Document that logging.getLevelName() accepts string representation of logging level. (GH-24693) (#24825) 2021-03-17 08:15:59 -04:00
msilib
multiprocessing bpo-41344: Raise ValueError when creating shared memory of size 0 (GH-21556) (GH-22019) 2020-08-30 20:42:27 +01:00
pydoc_data Python 3.8.15 2022-10-11 17:42:49 +02:00
site-packages
sqlite3 [3.8] gh-80254: Disallow recursive usage of cursors in sqlite3 converters (#92333) 2022-05-16 17:39:17 +02:00
test [3.8] [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (GH-111116) (#123770) 2024-09-06 13:14:09 +02:00
tkinter bpo-45436: Fix tkinter tests with Tcl/Tk 8.6.11+ (GH-29077) (GH-29093) 2021-10-20 16:08:43 +02:00
turtledemo Fix typo in turtledemo.two_canvases. (GH-25194) 2021-04-05 10:37:24 -07:00
unittest bpo-39101: Fixes BaseException hang in IsolatedAsyncioTestCase. (GH-22654) 2020-12-16 09:57:23 -08:00
urllib [3.8] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) (#119028) 2024-09-04 17:44:22 +02:00
venv [3.8] venv: Update Aspen URL in 'activate' script comment (GH-21797) 2020-08-19 12:34:50 -07:00
wsgiref
xml [3.8] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (GH-116275) 2024-03-07 00:03:44 +01:00
xmlrpc
__future__.py bpo-41314: fixed annotations __future__ version (GH-21616) 2020-07-25 15:00:17 -07:00
__phello__.foo.py
_bootlocale.py
_collections_abc.py
_compat_pickle.py
_compression.py
_dummy_thread.py
_markupbase.py
_osx_support.py [3.8] bpo-41100: Support macOS 11 Big Sur and Apple Silicon Macs (#25806) 2021-05-02 11:18:58 +02:00
_py_abc.py
_pydecimal.py [3.8] bpo-39794: Add --without-decimal-contextvar (GH-18702) 2020-02-29 22:16:32 +01:00
_pyio.py
_sitebuiltins.py
_strptime.py
_threading_local.py
_weakrefset.py
abc.py
aifc.py
antigravity.py
argparse.py [3.8] bpo-39546: argparse: Honor allow_abbrev=False for specified prefix_chars (GH-18337) (GH-18543) 2020-02-18 03:14:07 -08:00
ast.py [3.8] bpo-39524: Fixed doc-string in ast._pad_whitespace (GH-18340) (GH-22857) 2020-10-21 09:20:56 -07:00
asynchat.py
asyncore.py
base64.py [3.8] bpo-39068: Fix race condition in base64 (GH-17627) (GH-24022) 2021-01-01 19:41:49 +02:00
bdb.py bpo-39649: Remove obsolete check for __args__ in bdb.Bdb.format_stack_entry (GH-18531) 2020-02-23 19:33:07 -08:00
binhex.py [3.8] bpo-29566: binhex.binhex now consitently writes MacOS 9 line endings. (GH-23059) (GH-23070) 2020-11-01 01:39:16 -08:00
bisect.py
bz2.py
calendar.py
cgi.py [3.8] bpo-42967: only use '&' as a query string separator (GH-24297) (#24529) 2021-02-15 19:15:02 +01:00
cgitb.py
chunk.py
cmd.py
code.py Fix documentation in code.py (GH-17988) 2020-01-14 12:13:59 -08:00
codecs.py bpo-38971: Open file in codecs.open() closes if exception raised. (GH-17666) 2020-03-02 00:03:08 -08:00
codeop.py [3.9] bpo-41520: Fix second codeop regression (GH-21848) 2020-08-13 11:38:55 -07:00
colorsys.py
compileall.py bpo-39769: Fix compileall ddir for subpkgs. (GH-18676) (GH-18718) 2020-03-01 10:42:56 -08:00
configparser.py
contextlib.py
contextvars.py
copy.py bpo-38293: Allow shallow and deep copying of property objects (GH-16438) 2020-01-12 10:04:18 -08:00
copyreg.py
cProfile.py [3.8] gh-103935: Use io.open_code() when executing code in trace and profile modules (GH-103947) (#103954) 2023-05-22 12:40:02 +02:00
crypt.py
csv.py
dataclasses.py Fix typo in a dataclasses comment. (GH-25454) 2021-04-17 07:11:16 -07:00
datetime.py Fix typo (GH-23019) 2021-02-03 13:46:23 -08:00
decimal.py
difflib.py
dis.py bpo-41497: Fix potential UnicodeDecodeError in dis CLI (GH-21757) 2020-08-07 20:21:33 -07:00
doctest.py bpo-1812: Fix newline conversion when doctest.testfile loads from a package whose loader has a get_data method (GH-17385) 2020-03-26 09:18:52 -07:00
dummy_threading.py
enum.py [3.8] bpo-42248: [Enum] ensure exceptions raised in `_missing_` are released (GH-25350). (GH-25369) 2021-04-12 12:16:46 -07:00
filecmp.py
fileinput.py
fnmatch.py bpo-36769: Document that fnmatch.filter supports any kind of iterable (GH-13039) 2021-01-20 02:43:22 -08:00
formatter.py
fractions.py bpo-39274: Ensure Fraction.__bool__() returns a bool (GH-18017) 2020-02-06 07:13:38 -08:00
ftplib.py [3.8] bpo-43285 Make ftplib not trust the PASV response. (GH-24838) (GH-24881) 2021-03-15 12:04:49 -07:00
functools.py [3.8] bpo-39815: add cached_property to all (GH-18726) (GH-18728) 2020-03-02 00:08:29 +00:00
genericpath.py
getopt.py
getpass.py
gettext.py
glob.py bpo-38149: Call sys.audit() only once per call for glob.glob(). (GH-18360) 2020-02-06 00:45:18 -08:00
gzip.py bpo-43316: gzip: Fix sys.exit() usage. (GH-24652) 2021-02-25 18:36:49 -08:00
hashlib.py
heapq.py
hmac.py
imaplib.py
imghdr.py [3.8] bpo-41043: Escape literal part of the path for glob(). (GH-20994). (GH-21277) 2020-07-02 10:05:35 +03:00
imp.py
inspect.py bpo-17735: inspect.findsource now raises OSError when co_lineno is out of range (GH-23633) 2020-12-04 13:44:53 -08:00
io.py
ipaddress.py [3.8] gh-113171: gh-65056: Fix "private" (non-global) IP address ranges (GH-113179) (GH-113186) (GH-118177) (GH-118479) 2024-05-07 11:58:20 +02:00
keyword.py
linecache.py [3.8] bpo-25872: Fix KeyError in linecache when multithreaded (GH-18007) (GH-20092) 2020-05-29 04:59:44 -07:00
locale.py
lzma.py
mailbox.py
mailcap.py [3.8] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993) (#98192) 2022-10-11 23:58:03 +02:00
mimetypes.py bpo-41048: mimetypes should read the rule file using UTF-8, not the locale encoding (GH-20998) 2020-06-29 05:07:41 -07:00
modulefinder.py bpo-40260: Remove unnecessary newline in compile() call (GH-19641) 2020-04-22 12:05:10 -07:00
netrc.py
nntplib.py bpo-39242: Updated the Gmane domain into news.gmane.io (GH-17903) 2020-01-08 07:48:33 -08:00
ntpath.py
nturl2path.py bpo-43607: Fix urllib handling of Windows paths with \\?\ prefix (GH-25539) 2021-04-23 19:21:45 +01:00
numbers.py
opcode.py
operator.py
optparse.py
os.py [3.8] bpo-38878: Fix os.PathLike __subclasshook__ (GH-17336) (GH-17684) 2019-12-23 18:31:00 +00:00
pathlib.py bpo-35306: Avoid raising OSError from pathlib.Path.exists when passed an invalid filename (GH-25529) 2021-04-22 13:25:08 -07:00
pdb.py [3.9] bpo-26053: Fix args echoed by pdb run command (GH-25149) 2021-04-02 04:33:31 -07:00
pickle.py bpo-42406: Fix whichmodule() with multiprocessing (GH-23403) 2020-11-29 10:43:36 -08:00
pickletools.py
pipes.py
pkgutil.py [3.8] bpo-44061: Fix pkgutil.iter_modules regression when passed a pathlib.Path object (GH-25964). (GH-26056) 2021-05-12 12:18:07 +02:00
platform.py bpo-43284: Update platform.win32_ver to use _syscmd_ver instead of sys.getwindowsversion() (GH-25500) 2021-04-22 10:03:36 -07:00
plistlib.py bpo-42249: Fix writing binary Plist files larger than 4 GiB. (GH-23121) 2020-11-03 07:01:56 -08:00
poplib.py
posixpath.py
pprint.py
profile.py [3.8] gh-103935: Use io.open_code() when executing code in trace and profile modules (GH-103947) (#103954) 2023-05-22 12:40:02 +02:00
pstats.py bpo-41811: create SortKey members using first given value (GH-22316) (GH-22326) 2020-09-19 12:56:30 -07:00
pty.py bpo-39184: Add audit events to command execution functions in os and pty modules (GH-17824) 2020-02-04 16:32:32 -08:00
py_compile.py bpo-38731: Fix NameError in command-line interface of py_compile (GH-21617) 2020-07-26 00:03:50 +03:00
pyclbr.py
pydoc.py bpo-42278: Use tempfile.TemporaryDirectory rather than tempfile.mktemp in pydoc (GH-23200) (GH-28026) 2021-08-29 14:57:05 +02:00
queue.py
quopri.py
random.py
re.py bpo-40016: re docstring: Clarify relationship of inline and argument flags (GH-19078) 2020-03-25 12:01:31 -07:00
reprlib.py
rlcompleter.py
runpy.py bpo-39517: Allow runpy.run_path() to accept path-like objects (GH-18699) 2020-03-08 13:59:59 -07:00
sched.py
secrets.py
selectors.py
shelve.py
shlex.py
shutil.py [3.8] gh-102950: Implement PEP 706 – Filter for tarfile.extractall (GH-102953) (#104548) 2023-05-17 14:23:56 +02:00
signal.py
site.py [3.8] gh-113659: Skip hidden .pth files (GH-113660) (GH-114147) 2024-01-17 14:42:31 +01:00
smtpd.py
smtplib.py [3.8] bpo-43124: Fix smtplib multiple CRLF injection (GH-25987) (GH-28036) 2021-08-29 17:04:17 +02:00
sndhdr.py [3.8] bpo-41043: Escape literal part of the path for glob(). (GH-20994). (GH-21277) 2020-07-02 10:05:35 +03:00
socket.py [3.8] gh-122133: Rework pure Python socketpair tests to avoid use of importlib.reload. (GH-122493) (GH-122509) 2024-08-02 15:11:22 +02:00
socketserver.py [3.8] bpo-37193: Remove thread objects which finished process its request (GH-23127) (GH-24749) 2021-03-04 08:55:24 -08:00
sre_compile.py
sre_constants.py
sre_parse.py
ssl.py [3.8] gh-108342: Break ref cycle in SSLSocket._create() exc (GH-108344) (#108352) 2023-08-23 12:10:56 +02:00
stat.py
statistics.py bpo-40855: Fix ignored mu and xbar parameters (GH-20835) (GH-20863) 2020-06-13 16:57:17 -07:00
string.py
stringprep.py
struct.py
subprocess.py [3.8] gh-101283: Improved fallback logic for subprocess with shell=True on Windows (GH-101286) (#101710) 2023-02-09 11:00:51 +01:00
sunau.py
symbol.py
symtable.py [3.8] bpo-41840: Report module-level globals as both local and global in the symtable module (GH-22391). (GH-22529) 2020-10-03 22:50:00 +01:00
sysconfig.py [3.8] bpo-41100: Support macOS 11 Big Sur and Apple Silicon Macs (#25806) 2021-05-02 11:18:58 +02:00
tabnanny.py
tarfile.py [3.8] gh-121285: Remove backtracking when parsing tarfile headers (GH-121286) (#123642) 2024-09-04 17:41:42 +02:00
telnetlib.py
tempfile.py [3.8] gh-91133: tempfile.TemporaryDirectory: fix symlink bug in cleanup (GH-99930) (GH-112843) 2024-01-17 14:44:32 +01:00
textwrap.py
this.py
threading.py bpo-40089: Fix threading._after_fork() (GH-19191) (GH-19194) 2020-04-07 23:35:52 +02:00
timeit.py bpo-40419: timeit CLI docs now mention 1,2,5,10,... trials instead of powers of 10 (GH-19752) 2020-05-02 09:29:51 -07:00
token.py
tokenize.py
trace.py [3.8] gh-103935: Use io.open_code() when executing code in trace and profile modules (GH-103947) (#103954) 2023-05-22 12:40:02 +02:00
traceback.py [3.8] bpo-34463: Make python tracebacks identical to C tracebacks for (#23899) 2021-04-26 21:42:40 +02:00
tracemalloc.py
tty.py
turtle.py bpo-43935: Fix typo in Turtle.back() docstring (GH-25581) 2021-04-30 18:35:45 -04:00
types.py
typing.py [3.8] Fix typo in typing.py (GH-22121) (GH-22158) 2020-09-08 16:28:02 -07:00
uu.py [3.8] gh-99889: Fix directory traversal security flaw in uu.decode() (GH-104096) (#104332) 2023-05-22 12:39:26 +02:00
uuid.py bpo-41364: Reduce import overhead of uuid module (GH-21586) 2020-07-22 12:26:37 +01:00
warnings.py bpo-39056: Fix handling invalid warning category in the -W option. (GH-17618) 2020-01-05 04:33:08 -08:00
wave.py
weakref.py
webbrowser.py bpo-41754: Ignore NotADirectoryError in invocation of xdg-settings (GH-23075) (GH-23198) 2020-11-08 13:06:17 +01:00
xdrlib.py
zipapp.py
zipfile.py [3.8] gh-123270: Replaced SanitizedNames with a more surgical fix. (GH-123354) (#123433) 2024-09-04 17:40:56 +02:00
zipimport.py [3.8] bpo-39033: Fix NameError in zipimport during hash validation (GH-17588) (GH-17642) 2020-01-14 03:39:19 -08:00