Matej Cepl
101efeb9ac
- Tests - gh-112769: The tests now correctly compare zlib version when :const:`zlib.ZLIB_RUNTIME_VERSION` contains non-integer suffixes. For example zlib-ng defines the version as ``1.3.0.zlib-ng``. - gh-117187: Fix XML tests for vanilla Expat <2.6.0. - Security - gh-123678: Upgrade libexpat to 2.6.3 - gh-121957: Fixed missing audit events around interactive use of Python, now also properly firing for ``python -i``, as well as for ``python -m asyncio``. The event in question is ``cpython.run_stdin``. - gh-122133: Authenticate the socket connection for the ``socket.socketpair()`` fallback on platforms where ``AF_UNIX`` is not available like Windows. Patch by Gregory P. Smith <greg@krypto.org> and Seth Larson <seth@python.org>. Reported by Ellie <el@horse64.org> - gh-121285: Remove backtracking from tarfile header parsing for ``hdrcharset``, PAX, and GNU sparse headers (bsc#1230227, CVE-2024-6232). - gh-118486: :func:`os.mkdir` on Windows now accepts *mode* of ``0o700`` to restrict the new directory to the current user. This fixes CVE-2024-4030 affecting :func:`tempfile.mkdtemp` in scenarios where the base temporary directory is more permissive than the default. - gh-114572: :meth:`ssl.SSLContext.cert_store_stats` and :meth:`ssl.SSLContext.get_ca_certs` now correctly lock access to the certificate store, when the :class:`ssl.SSLContext` is shared across multiple threads (bsc#1226447, CVE-2024-0397). - gh-116741: Update bundled libexpat to 2.6.2 - Library - gh-123270: Applied a more surgical fix for malformed payloads in OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=171
17 lines
833 B
Plaintext
17 lines
833 B
Plaintext
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQIzBAABCAAdFiEE4/8oOcBIslwITevpsmmV4xAlBWgFAmbcKdUACgkQsmmV4xAl
|
|
BWhI0Q/+MWwQirWSn5ZApMU4EmKrZ0x8fuAeMHam6Dg1FaATYxJxgkf8ep5TN7Xp
|
|
VQpNVa40PqXbAf93x4KSavv/QS464Whv1PX5FsBkJBwzPPR3xY8CAfisPXchrOQV
|
|
12OKmhXnT7nebqaax56SLJsnen8EZB35X7d8RzDVqdNu+Xl7ICOY7d3LkPW14SGk
|
|
/pHgF2YgfClQSAh4MLRR0EYhUVlzKENJkGnMTdU9VicOnjJ5LtkGbHhVYPAEqALf
|
|
r6hrn2gyorPF8gtY+uN8d2/UKh9Xih/tRPhM3GGbX6Q9EBNpivvNK7829jEAkw1P
|
|
NZKtAOfiQGJU4I1PQkiYDMcbtc/fhDaj96nA+X3LxKih7dzLCXVGwDLsBYN6PJp4
|
|
ogR+nL7d5ZcikGrzHHaxZjncj2nPrbk5+aNoIZWHq29RiuZ0c74GRl9ILYYijk/E
|
|
vXsiBtuzwbA2UCF+gRVrZA3a9G4dMkLvftmbDemnUw5xGTWNEEInKD5Sv3fDhvMx
|
|
vdRI72RglYy1VNrgcG5mcH7bviXFy+voExUUjvsHOGkqHvyK+tVV0T+EMfEtRp6k
|
|
rCVdswN0LFIkmerVfr6XXHFty1mlKRvX+hyeiRXIhdFZieDQHdVH+3rvaft31LcQ
|
|
S2Mv+EGDeUP9llrF80Slbw7XPFfclkOBtzOOKwcTN+2NlpvczOw=
|
|
=9/j+
|
|
-----END PGP SIGNATURE-----
|