Opened 5 months ago

Closed 5 months ago

Last modified 5 months ago

#4916 closed enhancement (fixed)

Python3-3.9.7

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: high Milestone: 11.1
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 5 months ago

Owner: changed from lfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 5 months ago

Resolution: fixed
Status: assignedclosed

Fixed at commit 06e7b3611839ab0051fb09e6ae1abc3dfad1ca4e

Package updates.
    
    Ensure tcl documentation install instructions are present.
    Update to Python3-3.9.7.
    Update to linux-5.14.3.
    Update to libcap-2.57.
    Update to iproute2-5.14.0.
    Update to inetutils-2.2.
    Update to gzip-1.11.
    Update to gdbm-1.21.
    Update to bison-3.8.1.
    Update to bc-5.0.2.

comment:3 by Douglas R. Reno, 5 months ago

Priority: normalhigh
Python 3.9.7 final

Release date: 2021-08-30
Security

    bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition.

    bpo-41180: Add auditing events to the marshal module, and stop raising code.__init__ events for every unmarshalled code object. Directly instantiated code objects will continue to raise an event, and audit event handlers should inspect or collect the raw marshal data. This reduces a significant performance overhead when loading from .pyc files.

    bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 “Billion Laughs” vulnerability. This copy is most used on Windows and macOS.

    bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection.

Core and Builtins

    bpo-45018: Fixed pickling of range iterators that iterated for over 2**32 times.

    bpo-44962: Fix a race in WeakKeyDictionary, WeakValueDictionary and WeakSet when two threads attempt to commit the last pending removal. This fixes asyncio.create_task and fixes a data loss in asyncio.run where shutdown_asyncgens is not run

    bpo-44954: Fixed a corner case bug where the result of float.fromhex('0x.8p-1074') was rounded the wrong way.

    bpo-44947: Refine the syntax error for trailing commas in import statements. Patch by Pablo Galindo.

    bpo-44698: Restore behaviour of complex exponentiation with integer-valued exponent of type float or complex.

    bpo-44885: Correct the ast locations of f-strings with format specs and repeated expressions. Patch by Pablo Galindo

    bpo-44872: Use new trashcan macros (Py_TRASHCAN_BEGIN/END) in frameobject.c instead of the old ones (Py_TRASHCAN_SAFE_BEGIN/END).

    bpo-33930: Fix segmentation fault with deep recursion when cleaning method objects. Patch by Augusto Goulart and Pablo Galindo.

    bpo-25782: Fix bug where PyErr_SetObject hangs when the current exception has a cycle in its context chain.

    bpo-44856: Fix reference leaks in the error paths of update_bases() and __build_class__. Patch by Pablo Galindo.

    bpo-44698: Fix undefined behaviour in complex object exponentiation.

    bpo-44562: Remove uses of PyObject_GC_Del() in error path when initializing types.GenericAlias.

    bpo-44523: Remove the pass-through for hash() of weakref.proxy objects to prevent unintended consequences when the original referred object dies while the proxy is part of a hashable object. Patch by Pablo Galindo.

    bpo-44472: Fix ltrace functionality when exceptions are raised. Patch by Pablo Galindo

    bpo-44184: Fix a crash at Python exit when a deallocator function removes the last strong reference to a heap type. Patch by Victor Stinner.

    bpo-39091: Fix crash when using passing a non-exception to a generator’s throw() method. Patch by Noah Oxer

Library

    bpo-41620: run() now always return a TestResult instance. Previously it returned None if the test class or method was decorated with a skipping decorator.

    bpo-43913: Fix bugs in cleaning up classes and modules in unittest:

        Functions registered with addModuleCleanup() were not called unless the user defines tearDownModule() in their test module.

        Functions registered with addClassCleanup() were not called if tearDownClass is set to None.

        Buffering in TestResult did not work with functions registered with addClassCleanup() and addModuleCleanup().

        Errors in functions registered with addClassCleanup() and addModuleCleanup() were not handled correctly in buffered and debug modes.

        Errors in setUpModule() and functions registered with addModuleCleanup() were reported in wrong order.

        And several lesser bugs.

    bpo-45001: Made email date parsing more robust against malformed input, namely a whitespace-only Date: header. Patch by Wouter Bolsterlee.

    bpo-44449: Fix a crash in the signal handler of the faulthandler module: no longer modify the reference count of frame objects. Patch by Victor Stinner.

    bpo-44955: Method stopTestRun() is now always called in pair with method startTestRun() for TestResult objects implicitly created in run(). Previously it was not called for test methods and classes decorated with a skipping decorator.

    bpo-38956: argparse.BooleanOptionalAction’s default value is no longer printed twice when used with argparse.ArgumentDefaultsHelpFormatter.

    bpo-44581: Upgrade bundled pip to 21.2.3 and setuptools to 57.4.0

    bpo-44849: Fix the os.set_inheritable() function on FreeBSD 14 for file descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), fallback on the fcntl() implementation. Patch by Victor Stinner.

    bpo-44605: The @functools.total_ordering() decorator now works with metaclasses.

    bpo-44822: sqlite3 user-defined functions and aggregators returning strings with embedded NUL characters are no longer truncated. Patch by Erlend E. Aasland.

    bpo-44815: Always show loop= arg deprecations in asyncio.gather() and asyncio.sleep()

    bpo-44806: Non-protocol subclasses of typing.Protocol ignore now the __init__ method inherited from protocol base classes.

    bpo-44667: The tokenize.tokenize() doesn’t incorrectly generate a NEWLINE token if the source doesn’t end with a new line character but the last line is a comment, as the function is already generating a NL token. Patch by Pablo Galindo

    bpo-42853: Fix http.client.HTTPSConnection fails to download >2GiB data.

    bpo-44752: rcompleter does not call getattr() on property objects to avoid the side-effect of evaluating the corresponding method.

    bpo-44720: weakref.proxy objects referencing non-iterators now raise TypeError rather than dereferencing the null tp_iternext slot and crashing.

    bpo-44704: The implementation of collections.abc.Set._hash() now matches that of frozenset.__hash__().

    bpo-44666: Fixed issue in compileall.compile_file() when sys.stdout is redirected. Patch by Stefan Hölzl.

    bpo-40897: Give priority to using the current class constructor in inspect.signature(). Patch by Weipeng Hong.

    bpo-44608: Fix memory leak in _tkinter._flatten() if it is called with a sequence or set, but not list or tuple.

    bpo-41928: Update shutil.copyfile() to raise FileNotFoundError instead of confusing IsADirectoryError when a path ending with a os.path.sep does not exist; shutil.copy() and shutil.copy2() are also affected.

    bpo-44566: handle StopIteration subclass raised from @contextlib.contextmanager generator

    bpo-44558: Make the implementation consistency of indexOf() between C and Python versions. Patch by Dong-hee Na.

    bpo-41249: Fixes TypedDict to work with typing.get_type_hints() and postponed evaluation of annotations across modules.

    bpo-44461: Fix bug with pdb’s handling of import error due to a package which does not have a __main__ module

    bpo-42892: Fixed an exception thrown while parsing a malformed multipart email by email.message.EmailMessage.

    bpo-27827: pathlib.PureWindowsPath.is_reserved() now identifies a greater range of reserved filenames, including those with trailing spaces or colons.

    bpo-34266: Handle exceptions from parsing the arg of pdb’s run/restart command.

    bpo-27334: The sqlite3 context manager now performs a rollback (thus releasing the database lock) if commit failed. Patch by Luca Citi and Erlend E. Aasland.

    bpo-43853: Improved string handling for sqlite3 user-defined functions and aggregates:

        It is now possible to pass strings with embedded null characters to UDFs

        Conversion failures now correctly raise MemoryError

    Patch by Erlend E. Aasland.

    bpo-43048: Handle RecursionError in TracebackException’s constructor, so that long exceptions chains are truncated instead of causing traceback formatting to fail.

    bpo-41402: Fix email.message.EmailMessage.set_content() when called with binary data and 7bit content transfer encoding.

    bpo-32695: The compresslevel and preset keyword arguments of tarfile.open() are now both documented and tested.

    bpo-34990: Fixed a Y2k38 bug in the compileall module where it would fail to compile files with a modification time after the year 2038.

    bpo-38840: Fix test___all__ on platforms lacking a shared memory implementation.

    bpo-30256: Pass multiprocessing BaseProxy argument manager_owned through AutoProxy.

    bpo-27513: email.utils.getaddresses() now accepts email.header.Header objects along with string values. Patch by Zackery Spytz.

    bpo-33349: lib2to3 now recognizes async generators everywhere.

    bpo-29298: Fix TypeError when required subparsers without dest do not receive arguments. Patch by Anthony Sottile.

Documentation

    bpo-44903: Removed the othergui.rst file, any references to it, and the list of GUI frameworks in the FAQ. In their place I’ve added links to the Python Wiki page on GUI frameworks.

    bpo-44693: Update the definition of __future__ in the glossary by replacing the confusing word “pseudo-module” with a more accurate description.

    bpo-35183: Add typical examples to os.path.splitext docs

    bpo-30511: Clarify that shutil.make_archive() is not thread-safe due to reliance on changing the current working directory.

    bpo-44561: Update of three expired hyperlinks in Doc/distributing/index.rst: “Project structure”, “Building and packaging the project”, and “Uploading the project to the Python Packaging Index”.

    bpo-42958: Updated the docstring and docs of filecmp.cmp() to be more accurate and less confusing especially in respect to shallow arg.

    bpo-44558: Match the docstring and python implementation of countOf() to the behavior of its c implementation.

    bpo-44544: List all kwargs for textwrap.wrap(), textwrap.fill(), and textwrap.shorten(). Now, there are nav links to attributes of TextWrap, which makes navigation much easier while minimizing duplication in the documentation.

    bpo-38062: Clarify that atexit uses equality comparisons internally.

    bpo-43066: Added a warning to zipfile docs: filename arg with a leading slash may cause archive to be un-openable on Windows systems.

    bpo-27752: Documentation of csv.Dialect is more descriptive.

    bpo-44453: Fix documentation for the return type of sysconfig.get_path().

    bpo-39498: Add a “Security Considerations” index which links to standard library modules that have explicitly documented security considerations.

    bpo-33479: Remove the unqualified claim that tkinter is threadsafe. It has not been true for several years and likely never was. An explanation of what is true may be added later, after more discussion, and possibly after patching _tkinter.c,

Tests

    bpo-25130: Add calls of gc.collect() in tests to support PyPy.

    bpo-45011: Made tests relying on the _asyncio C extension module optional to allow running on alternative Python implementations. Patch by Serhiy Storchaka.

    bpo-44949: Fix auto history tests of test_readline: sometimes, the newline character is not written at the end, so don’t expect it in the output.

    bpo-44852: Add ability to wholesale silence DeprecationWarnings while running the regression test suite.

    bpo-40928: Notify users running test_decimal regression tests on macOS of potential harmless “malloc can’t allocate region” messages spewed by test_decimal.

    bpo-44734: Fixed floating point precision issue in turtle tests.

    bpo-44708: Regression tests, when run with -w, are now re-running only the affected test methods instead of re-running the entire test file.

    bpo-30256: Add test for nested queues when using multiprocessing shared objects AutoProxy[Queue] inside ListProxy and DictProxy

Build

    bpo-44535: Enable building using a Visual Studio 2022 install on Windows.

    bpo-43298: Improved error message when building without a Windows SDK installed.
Note: See TracTickets for help on using tickets.