Opened 9 years ago
Closed 9 years ago
#7224 closed enhancement (fixed)
Python-3.5.1 (Python3-3.5.1)
Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
---|---|---|---|
Priority: | high | Milestone: | 7.9 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
Vulnerability Fixed
- Issue #25530: Disable the vulnerable SSLv3 protocol by default when creating ssl.SSLContext.
https://www.python.org/ftp/python/3.5.1/Python-3.5.1.tar.xz
https://www.python.org/ftp/python/3.5.1/Python-3.5.1.tar.xz.asc
https://docs.python.org/3/archives/python-3.5.1-docs-html.tar.bz2
https://www.python.org/downloads/release/python-351/
Python-3.5.1.tar.xz MD5 Sum e9ea6f2623fffcdd871b7b19113fde80
Full Changelog
https://docs.python.org/3.5/whatsnew/changelog.html#python-3.5.1-final
Python 3.5.1 final Release date: 2015-12-06 Core and Builtins Library Windows • Issue #25715: Python 3.5.1 installer shows wrong upgrade path and incorrect logic for launcher detection. Python 3.5.1 release candidate 1 Release date: 2015-11-22 Core and Builtins • Issue #25630: Fix a possible segfault during argument parsing in functions that accept filesystem paths. • Issue #23564: Fixed a partially broken sanity check in the _posixsubprocess internals regarding how fds_to_pass were passed to the child. The bug had no actual impact as subprocess.py already avoided it. • Issue #25388: Fixed tokenizer crash when processing undecodable source code with a null byte. • Issue #25462: The hash of the key now is calculated only once in most operations in C implementation of OrderedDict. • Issue #22995: Default implementation of __reduce__ and __reduce_ex__ now rejects builtin types with not defined __new__. • Issue #25555: Fix parser and AST: fill lineno and col_offset of “arg” node when compiling AST from Python objects. • Issue #24802: Avoid buffer overreads when int(), float(), compile(), exec() and eval() are passed bytes-like objects. These objects are not necessarily terminated by a null byte, but the functions assumed they were. • Issue #24726: Fixed a crash and leaking NULL in repr() of OrderedDict that was mutated by direct calls of dict methods. • Issue #25449: Iterating OrderedDict with keys with unstable hash now raises KeyError in C implementations as well as in Python implementation. • Issue #25395: Fixed crash when highly nested OrderedDict structures were garbage collected. • Issue #25274: sys.setrecursionlimit() now raises a RecursionError if the new recursion limit is too low depending at the current recursion depth. Modify also the “lower-water mark” formula to make it monotonic. This mark is used to decide when the overflowed flag of the thread state is reset. • Issue #24402: Fix input() to prompt to the redirected stdout when sys.stdout.fileno() fails. • Issue #24806: Prevent builtin types that are not allowed to be subclassed from being subclassed through multiple inheritance. • Issue #24848: Fixed a number of bugs in UTF-7 decoding of misformed data. • Issue #25280: Import trace messages emitted in verbose (-v) mode are no longer formatted twice. • Issue #25003: On Solaris 11.3 or newer, os.urandom() now uses the getrandom() function instead of the getentropy() function. The getentropy() function is blocking to generate very good quality entropy, os.urandom() doesn’t need such high-quality entropy. • Issue #25182: The stdprinter (used as sys.stderr before the io module is imported at startup) now uses the backslashreplace error handler. • Issue #25131: Make the line number and column offset of set/dict literals and comprehensions correspond to the opening brace. • Issue #25150: Hide the private _Py_atomic_xxx symbols from the public Python.h header to fix a compilation error with OpenMP. PyThreadState_GET() becomes an alias to PyThreadState_Get() to avoid ABI incompatibilies. Library • Issue #25626: Change three zlib functions to accept sizes that fit in Py_ssize_t, but internally cap those sizes to UINT_MAX. This resolves a regression in 3.5 where GzipFile.read() failed to read chunks larger than 2 or 4 GiB. The change affects the zlib.Decompress.decompress() max_length parameter, the zlib.decompress() bufsize parameter, and the zlib.Decompress.flush() length parameter. • Issue #25583: Avoid incorrect errors raised by os.makedirs(exist_ok=True) when the OS gives priority to errors such as EACCES over EEXIST. • Issue #25593: Change semantics of EventLoop.stop() in asyncio. • Issue #6973: When we know a subprocess.Popen process has died, do not allow the send_signal(), terminate(), or kill() methods to do anything as they could potentially signal a different process. • Issue #25590: In the Readline completer, only call getattr() once per attribute. • Issue #25498: Fix a crash when garbage-collecting ctypes objects created by wrapping a memoryview. This was a regression made in 3.5a1. Based on patch by Eryksun. • Issue #25584: Added “escape” to the __all__ list in the glob module. • Issue #25584: Fixed recursive glob() with patterns starting with ‘**’. • Issue #25446: Fix regression in smtplib’s AUTH LOGIN support. • Issue #18010: Fix the pydoc web server’s module search function to handle exceptions from importing packages. • Issue #25554: Got rid of circular references in regular expression parsing. • Issue #25510: fileinput.FileInput.readline() now returns b’’ instead of ‘’ at the end if the FileInput was opened with binary mode. Patch by Ryosuke Ito. • Issue #25503: Fixed inspect.getdoc() for inherited docstrings of properties. Original patch by John Mark Vandenberg. • Issue #25515: Always use os.urandom as a source of randomness in uuid.uuid4. • Issue #21827: Fixed textwrap.dedent() for the case when largest common whitespace is a substring of smallest leading whitespace. Based on patch by Robert Li. • Issue #25447: The lru_cache() wrapper objects now can be copied and pickled (by returning the original object unchanged). • Issue #25390: typing: Don’t crash on Union[str, Pattern]. • Issue #25441: asyncio: Raise error from drain() when socket is closed. • Issue #25410: Cleaned up and fixed minor bugs in C implementation of OrderedDict. • Issue #25411: Improved Unicode support in SMTPHandler through better use of the email package. Thanks to user simon04 for the patch. • Issue #25407: Remove mentions of the formatter module being removed in Python 3.6. • Issue #25406: Fixed a bug in C implementation of OrderedDict.move_to_end() that caused segmentation fault or hang in iterating after moving several items to the start of ordered dict. • Issue #25364: zipfile now works in threads disabled builds. • Issue #25328: smtpd’s SMTPChannel now correctly raises a ValueError if both decode_data and enable_SMTPUTF8 are set to true. • Issue #25316: distutils raises OSError instead of DistutilsPlatformError when MSVC is not installed. • Issue #25380: Fixed protocol for the STACK_GLOBAL opcode in pickletools.opcodes. • Issue #23972: Updates asyncio datagram create method allowing reuseport and reuseaddr socket options to be set prior to binding the socket. Mirroring the existing asyncio create_server method the reuseaddr option for datagram sockets defaults to True if the O/S is ‘posix’ (except if the platform is Cygwin). Patch by Chris Laws. • Issue #25304: Add asyncio.run_coroutine_threadsafe(). This lets you submit a coroutine to a loop from another thread, returning a concurrent.futures.Future. By Vincent Michel. • Issue #25232: Fix CGIRequestHandler to split the query from the URL at the first question mark (?) rather than the last. Patch from Xiang Zhang. • Issue #24657: Prevent CGIRequestHandler from collapsing slashes in the query part of the URL as if it were a path. Patch from Xiang Zhang. • Issue #24483: C implementation of functools.lru_cache() now calculates key’s hash only once. • Issue #22958: Constructor and update method of weakref.WeakValueDictionary now accept the self and the dict keyword arguments. • Issue #22609: Constructor of collections.UserDict now accepts the self keyword argument. • Issue #25111: Fixed comparison of traceback.FrameSummary. • Issue #25262. Added support for BINBYTES8 opcode in Python implementation of unpickler. Highest 32 bits of 64-bit size for BINUNICODE8 and BINBYTES8 opcodes no longer silently ignored on 32-bit platforms in C implementation. • Issue #25034: Fix string.Formatter problem with auto-numbering and nested format_specs. Patch by Anthon van der Neut. • Issue #25233: Rewrite the guts of asyncio.Queue and asyncio.Semaphore to be more understandable and correct. • Issue #25203: Failed readline.set_completer_delims() no longer left the module in inconsistent state. • Issue #23600: Default implementation of tzinfo.fromutc() was returning wrong results in some cases. • Issue #23329: Allow the ssl module to be built with older versions of LibreSSL. • Prevent overflow in _Unpickler_Read. • Issue #25047: The XML encoding declaration written by Element Tree now respects the letter case given by the user. This restores the ability to write encoding names in uppercase like “UTF-8”, which worked in Python 2. • Issue #25135: Make deque_clear() safer by emptying the deque before clearing. This helps avoid possible reentrancy issues. • Issue #19143: platform module now reads Windows version from kernel32.dll to avoid compatibility shims. • Issue #25092: Fix datetime.strftime() failure when errno was already set to EINVAL. • Issue #23517: Fix rounding in fromtimestamp() and utcfromtimestamp() methods of datetime.datetime: microseconds are now rounded to nearest with ties going to nearest even integer (ROUND_HALF_EVEN), instead of being rounding towards minus infinity (ROUND_FLOOR). It’s important that these methods use the same rounding mode than datetime.timedelta to keep the property: (datetime(1970,1,1) + timedelta(seconds=t)) == datetime.utcfromtimestamp(t). It also the rounding mode used by round(float) for example. • Issue #25155: Fix datetime.datetime.now() and datetime.datetime.utcnow() on Windows to support date after year 2038. It was a regression introduced in Python 3.5.0. • Issue #25108: Omitted internal frames in traceback functions print_stack(), format_stack(), and extract_stack() called without arguments. • Issue #25118: Fix a regression of Python 3.5.0 in os.waitpid() on Windows. • Issue #24684: socket.socket.getaddrinfo() now calls PyUnicode_AsEncodedString() instead of calling the encode() method of the host, to handle correctly custom string with an encode() method which doesn’t return a byte string. The encoder of the IDNA codec is now called directly instead of calling the encode() method of the string. • Issue #25060: Correctly compute stack usage of the BUILD_MAP opcode. • Issue #24857: Comparing call_args to a long sequence now correctly returns a boolean result instead of raising an exception. Patch by A Kaptur. • Issue #23144: Make sure that HTMLParser.feed() returns all the data, even when convert_charrefs is True. • Issue #24982: shutil.make_archive() with the “zip” format now adds entries for directories (including empty directories) in ZIP file. • Issue #25019: Fixed a crash caused by setting non-string key of expat parser. Based on patch by John Leitch. • Issue #16180: Exit pdb if file has syntax error, instead of trapping user in an infinite loop. Patch by Xavier de Gaye. • Issue #24891: Fix a race condition at Python startup if the file descriptor of stdin (0), stdout (1) or stderr (2) is closed while Python is creating sys.stdin, sys.stdout and sys.stderr objects. These attributes are now set to None if the creation of the object failed, instead of raising an OSError exception. Initial patch written by Marco Paolini. • Issue #24992: Fix error handling and a race condition (related to garbage collection) in collections.OrderedDict constructor. • Issue #24881: Fixed setting binary mode in Python implementation of FileIO on Windows and Cygwin. Patch from Akira Li. • Issue #25578: Fix (another) memory leak in SSLSocket.getpeercer(). • Issue #25530: Disable the vulnerable SSLv3 protocol by default when creating ssl.SSLContext. • Issue #25569: Fix memory leak in SSLSocket.getpeercert(). • Issue #25471: Sockets returned from accept() shouldn’t appear to be nonblocking. • Issue #25319: When threading.Event is reinitialized, the underlying condition should use a regular lock rather than a recursive lock. • Issue #21112: Fix regression in unittest.expectedFailure on subclasses. Patch from Berker Peksag. • Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length header in part headers. Patch written by Peter Landry and reviewed by Pierre Quentel. • Issue #24913: Fix overrun error in deque.index(). Found by John Leitch and Bryce Darling. • Issue #24774: Fix docstring in http.server.test. Patch from Chiu-Hsiang Hsu. • Issue #21159: Improve message in configparser.InterpolationMissingOptionError. Patch from Łukasz Langa. • Issue #20362: Honour TestCase.longMessage correctly in assertRegex. Patch from Ilia Kurenkov. • Issue #23572: Fixed functools.singledispatch on classes with falsy metaclasses. Patch by Ethan Furman. • asyncio: ensure_future() now accepts awaitable objects. IDLE • Issue 15348: Stop the debugger engine (normally in a user process) before closing the debugger window (running in the IDLE process). This prevents the RuntimeErrors that were being caught and ignored. • Issue #24455: Prevent IDLE from hanging when a) closing the shell while the debugger is active (15347); b) closing the debugger with the [X] button (15348); and c) activating the debugger when already active (24455). The patch by Mark Roseman does this by making two changes. 1. Suspend and resume the gui.interaction method with the tcl vwait mechanism intended for this purpose (instead of root.mainloop & .quit). 2. In gui.run, allow any existing interaction to terminate first. • Change ‘The program’ to ‘Your program’ in an IDLE ‘kill program?’ message to make it clearer that the program referred to is the currently running user program, not IDLE itself. • Issue #24750: Improve the appearance of the IDLE editor window status bar. Patch by Mark Roseman. • Issue #25313: Change the handling of new built-in text color themes to better address the compatibility problem introduced by the addition of IDLE Dark. Consistently use the revised idleConf.CurrentTheme everywhere in idlelib. • Issue #24782: Extension configuration is now a tab in the IDLE Preferences dialog rather than a separate dialog. The former tabs are now a sorted list. Patch by Mark Roseman. • Issue #22726: Re-activate the config dialog help button with some content about the other buttons and the new IDLE Dark theme. • Issue #24820: IDLE now has an ‘IDLE Dark’ built-in text color theme. It is more or less IDLE Classic inverted, with a cobalt blue background. Strings, comments, keywords, ... are still green, red, orange, ... . To use it with IDLEs released before November 2015, hit the ‘Save as New Custom Theme’ button and enter a new name, such as ‘Custom Dark’. The custom theme will work with any IDLE release, and can be modified. • Issue #25224: README.txt is now an idlelib index for IDLE developers and curious users. The previous user content is now in the IDLE doc chapter. ‘IDLE’ now means ‘Integrated Development and Learning Environment’. • Issue #24820: Users can now set breakpoint colors in Settings -> Custom Highlighting. Original patch by Mark Roseman. • Issue #24972: Inactive selection background now matches active selection background, as configured by users, on all systems. Found items are now always highlighted on Windows. Initial patch by Mark Roseman. • Issue #24570: Idle: make calltip and completion boxes appear on Macs affected by a tk regression. Initial patch by Mark Roseman. • Issue #24988: Idle ScrolledList context menus (used in debugger) now work on Mac Aqua. Patch by Mark Roseman. • Issue #24801: Make right-click for context menu work on Mac Aqua. Patch by Mark Roseman. • Issue #25173: Associate tkinter messageboxes with a specific widget. For Mac OSX, make them a ‘sheet’. Patch by Mark Roseman. • Issue #25198: Enhance the initial html viewer now used for Idle Help. * Properly indent fixed-pitch text (patch by Mark Roseman). * Give code snippet a very Sphinx-like light blueish-gray background. * Re-use initial width and height set by users for shell and editor. * When the Table of Contents (TOC) menu is used, put the section header at the top of the screen. • Issue #25225: Condense and rewrite Idle doc section on text colors. • Issue #21995: Explain some differences between IDLE and console Python. • Issue #22820: Explain need for print when running file from Idle editor. • Issue #25224: Doc: augment Idle feature list and no-subprocess section. • Issue #25219: Update doc for Idle command line options. Some were missing and notes were not correct. • Issue #24861: Most of idlelib is private and subject to change. Use idleib.idle.* to start Idle. See idlelib.__init__.__doc__. • Issue #25199: Idle: add synchronization comments for future maintainers. • Issue #16893: Replace help.txt with help.html for Idle doc display. The new idlelib/help.html is rstripped Doc/build/html/library/idle.html. It looks better than help.txt and will better document Idle as released. The tkinter html viewer that works for this file was written by Mark Roseman. The now unused EditorWindow.HelpDialog class and helt.txt file are deprecated. • Issue #24199: Deprecate unused idlelib.idlever with possible removal in 3.6. • Issue #24790: Remove extraneous code (which also create 2 & 3 conflicts). Documentation • Issue #12067: Rewrite Comparisons section in the Expressions chapter of the language reference. Some of the details of comparing mixed types were incorrect or ambiguous. NotImplemented is only relevant at a lower level than the Expressions chapter. Added details of comparing range() objects, and default behaviour and consistency suggestions for user-defined classes. Patch from Andy Maier. • Issue #24952: Clarify the default size argument of stack_size() in the “threading” and “_thread” modules. Patch from Mattip. • Issue #23725: Overhaul tempfile docs. Note deprecated status of mktemp. Patch from Zbigniew Jędrzejewski-Szmek. • Issue #24808: Update the types of some PyTypeObject fields. Patch by Joseph Weston. • Issue #22812: Fix unittest discovery examples. Patch from Pam McA’Nulty. Tests • Issue #25449: Added tests for OrderedDict subclasses. • Issue #25099: Make test_compileall not fail when an entry on sys.path cannot be written to (commonly seen in administrative installs on Windows). • Issue #23919: Prevents assert dialogs appearing in the test suite. • PCbuild\rt.bat now accepts an unlimited number of arguments to pass along to regrtest.py. Previously there was a limit of 9. Build • Issue #24915: Add LLVM support for PGO builds and use the test suite to generate the profile data. Initial patch by Alecsandru Patrascu of Intel. • Issue #24910: Windows MSIs now have unique display names. • Issue #24986: It is now possible to build Python on Windows without errors when external libraries are not available. Windows • Issue #25450: Updates shortcuts to start Python in installation directory. • Issue #25164: Changes default all-users install directory to match per-user directory. • Issue #25143: Improves installer error messages for unsupported platforms. • Issue #25163: Display correct directory in installer when using non-default settings. • Issue #25361: Disables use of SSE2 instructions in Windows 32-bit build • Issue #25089: Adds logging to installer for case where launcher is not selected on upgrade. • Issue #25165: Windows uninstallation should not remove launcher if other versions remain • Issue #25112: py.exe launcher is missing icons • Issue #25102: Windows installer does not precompile for -O or -OO. • Issue #25081: Makes Back button in installer go back to upgrade page when upgrading. • Issue #25091: Increases font size of the installer. • Issue #25126: Clarifies that the non-web installer will download some components. • Issue #25213: Restores requestedExecutionLevel to manifest to disable UAC virtualization. • Issue #25022: Removed very outdated PC/example_nt/ directory. Tools/Demos • Issue #25440: Fix output of python-config –extension-suffix.
Change History (2)
comment:1 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r16714.