Python 3.9.3

2026-05-12 23:49:15 -04:00 · 2021-04-02 11:51:53 +02:00
parent a217e0ab98
commit e723086bc3
37 changed files with 355 additions and 89 deletions
@@ -18,12 +18,12 @@
 /*--start constants--*/
 #define PY_MAJOR_VERSION        3
 #define PY_MINOR_VERSION        9
-#define PY_MICRO_VERSION        2
+#define PY_MICRO_VERSION        3
 #define PY_RELEASE_LEVEL        PY_RELEASE_LEVEL_FINAL
 #define PY_RELEASE_SERIAL       0

 /* Version as a string */
-#define PY_VERSION              "3.9.2+"
+#define PY_VERSION              "3.9.3"
 /*--end constants--*/

 /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Autogenerated by Sphinx on Fri Feb 19 13:29:38 2021
+# Autogenerated by Sphinx on Fri Apr  2 11:48:03 2021
 topics = {'assert': 'The "assert" statement\n'
           '**********************\n'
           '\n'
@@ -5019,9 +5019,11 @@ topics = {'assert': 'The "assert" statement\n'
                  '"Formatter",\n'
                  'subclasses can define their own format string syntax).  The '
                  'syntax is\n'
-                  'related to that of formatted string literals, but there '
-                  'are\n'
-                  'differences.\n'
+                  'related to that of formatted string literals, but it is '
+                  'less\n'
+                  'sophisticated and, in particular, does not support '
+                  'arbitrary\n'
+                  'expressions.\n'
                  '\n'
                  'Format strings contain “replacement fields” surrounded by '
                  'curly braces\n'
@@ -0,0 +1,346 @@
+.. bpo: 42988
+.. date: 2021-03-24-14-16-56
+.. nonce: P2aNco
+.. release date: 2021-04-02
+.. section: Security
+
+CVE-2021-3426: Remove the ``getfile`` feature of the :mod:`pydoc` module
+which could be abused to read arbitrary files on the disk (directory
+traversal vulnerability). Moreover, even source code of Python modules can
+contain sensitive data like passwords. Vulnerability reported by David
+Schwörer.
+
+..
+
+.. bpo: 43285
+.. date: 2021-03-13-03-48-14
+.. nonce: g-Hah3
+.. section: Security
+
+:mod:`ftplib` no longer trusts the IP address value returned from the server
+in response to the PASV command by default.  This prevents a malicious FTP
+server from using the response to probe IPv4 address and port combinations
+on the client network.
+
+Code that requires the former vulnerable behavior may set a
+``trust_server_pasv_ipv4_address`` attribute on their :class:`ftplib.FTP`
+instances to ``True`` to re-enable it.
+
+..
+
+.. bpo: 43439
+.. date: 2021-03-08-23-06-07
+.. nonce: 5U3lXm
+.. section: Security
+
+Add audit hooks for :func:`gc.get_objects`, :func:`gc.get_referrers` and
+:func:`gc.get_referents`. Patch by Pablo Galindo.
+
+..
+
+.. bpo: 43660
+.. date: 2021-03-29-19-50-34
+.. nonce: scTgag
+.. section: Core and Builtins
+
+Fix crash that happens when replacing ``sys.stderr`` with a callable that
+can remove the object while an exception is being printed. Patch by Pablo
+Galindo.
+
+..
+
+.. bpo: 43555
+.. date: 2021-03-19-22-49-40
+.. nonce: ZmhYSA
+.. section: Core and Builtins
+
+Report the column offset for :exc:`SyntaxError` for invalid line
+continuation characters. Patch by Pablo Galindo.
+
+..
+
+.. bpo: 43517
+.. date: 2021-03-16-17-12-54
+.. nonce: zAo6Ws
+.. section: Core and Builtins
+
+Fix misdetection of circular imports when using ``from pkg.mod import
+attr``, which caused false positives in non-trivial multi-threaded code.
+
+..
+
+.. bpo: 35883
+.. date: 2021-03-13-13-57-21
+.. nonce: UyGpdG
+.. section: Core and Builtins
+
+Python no longer fails at startup with a fatal error if a command line
+argument contains an invalid Unicode character. The
+:c:func:`Py_DecodeLocale` function now escapes byte sequences which would be
+decoded as Unicode characters outside the [U+0000; U+10ffff] range.
+
+..
+
+.. bpo: 43406
+.. date: 2021-03-04-22-53-10
+.. nonce: Na_VpA
+.. section: Core and Builtins
+
+Fix a possible race condition where ``PyErr_CheckSignals`` tries to execute
+a non-Python signal handler.
+
+..
+
+.. bpo: 42500
+.. date: 2020-11-30-14-27-29
+.. nonce: excVKU
+.. section: Core and Builtins
+
+Improve handling of exceptions near recursion limit. Converts a number of
+Fatal Errors in RecursionErrors.
+
+..
+
+.. bpo: 43433
+.. date: 2021-03-28-23-50-20
+.. nonce: so9j5G
+.. section: Library
+
+:class:`xmlrpc.client.ServerProxy` no longer ignores query and fragment in
+the URL of the server.
+
+..
+
+.. bpo: 35930
+.. date: 2021-03-23-17-18-56
+.. nonce: RZ51pM
+.. section: Library
+
+Raising an exception raised in a "future" instance will create reference
+cycles.
+
+..
+
+.. bpo: 43577
+.. date: 2021-03-21-10-13-17
+.. nonce: m7JnAV
+.. section: Library
+
+Fix deadlock when using :class:`ssl.SSLContext` debug callback with
+:meth:`ssl.SSLContext.sni_callback`.
+
+..
+
+.. bpo: 43521
+.. date: 2021-03-16-16-05-02
+.. nonce: mRT6fh
+.. section: Library
+
+``ast.unparse`` can now render NaNs and empty sets.
+
+..
+
+.. bpo: 43423
+.. date: 2021-03-11-15-44-18
+.. nonce: rRomRD
+.. section: Library
+
+:func:`subprocess.communicate` no longer raises an IndexError when there is
+an empty stdout or stderr IO buffer during a timeout on Windows.
+
+..
+
+.. bpo: 27820
+.. date: 2021-03-10-14-07-44
+.. nonce: Wwdy-r
+.. section: Library
+
+Fixed long-standing bug of smtplib.SMTP where doing AUTH LOGIN with
+initial_response_ok=False will fail.
+
+The cause is that SMTP.auth_login _always_ returns a password if provided
+with a challenge string, thus non-compliant with the standard for AUTH
+LOGIN.
+
+Also fixes bug with the test for smtpd.
+
+..
+
+.. bpo: 43332
+.. date: 2021-03-07-11-23-20
+.. nonce: weatsh
+.. section: Library
+
+Improves the networking efficiency of :mod:`http.client` when using a proxy
+via :meth:`~HTTPConnection.set_tunnel`.  Fewer small send calls are made
+during connection setup.
+
+..
+
+.. bpo: 43399
+.. date: 2021-03-04-17-53-46
+.. nonce: Wn95u-
+.. section: Library
+
+Fix ``ElementTree.extend`` not working on iterators when using the Python
+implementation
+
+..
+
+.. bpo: 43316
+.. date: 2021-02-25-09-44-36
+.. nonce: k9Gyqn
+.. section: Library
+
+The ``python -m gzip`` command line application now properly fails when
+detecting an unsupported extension. It exits with a non-zero exit code and
+prints an error message to stderr.
+
+..
+
+.. bpo: 43260
+.. date: 2021-02-20-12-15-29
+.. nonce: 6znAas
+.. section: Library
+
+Fix TextIOWrapper can not flush internal buffer forever after very large
+text is written.
+
+..
+
+.. bpo: 42782
+.. date: 2020-12-29-13-46-57
+.. nonce: 3r0HFY
+.. section: Library
+
+Fail fast in :func:`shutil.move()` to avoid creating destination directories
+on failure.
+
+..
+
+.. bpo: 37193
+.. date: 2020-06-12-21-23-20
+.. nonce: wJximU
+.. section: Library
+
+Fixed memory leak in ``socketserver.ThreadingMixIn`` introduced in Python
+3.7.
+
+..
+
+.. bpo: 43199
+.. date: 2021-03-13-18-43-54
+.. nonce: ZWA6KX
+.. section: Documentation
+
+Answer "Why is there no goto?" in the Design and History FAQ.
+
+..
+
+.. bpo: 43407
+.. date: 2021-03-04-22-53-03
+.. nonce: x570l5
+.. section: Documentation
+
+Clarified that a result from :func:`time.monotonic`,
+:func:`time.perf_counter`, :func:`time.process_time`, or
+:func:`time.thread_time` can be compared with the result from any following
+call to the same function - not just the next immediate call.
+
+..
+
+.. bpo: 27646
+.. date: 2021-02-20-00-09-13
+.. nonce: HRsmo-
+.. section: Documentation
+
+Clarify that 'yield from <expr>' works with any iterable, not just
+iterators.
+
+..
+
+.. bpo: 36346
+.. date: 2020-06-15-10-45-45
+.. nonce: H0sS_i
+.. section: Documentation
+
+Update some deprecated unicode APIs which are documented as "will be removed
+in 4.0" to "3.12". See :pep:`623` for detail.
+
+..
+
+.. bpo: 37945
+.. date: 2021-03-31-11-38-42
+.. nonce: HTUYhv
+.. section: Tests
+
+Fix test_getsetlocale_issue1813() of test_locale: skip the test if
+``setlocale()`` fails. Patch by Victor Stinner.
+
+..
+
+.. bpo: 41561
+.. date: 2021-03-18-10-34-42
+.. nonce: pDg4w-
+.. section: Tests
+
+Add workaround for Ubuntu's custom OpenSSL security level policy.
+
+..
+
+.. bpo: 43288
+.. date: 2021-02-21-11-11-53
+.. nonce: LfTvL-
+.. section: Tests
+
+Fix test_importlib to correctly skip Unicode file tests if the fileystem
+does not support them.
+
+..
+
+.. bpo: 43631
+.. date: 2021-03-26-09-16-34
+.. nonce: msJyPi
+.. section: Build
+
+Update macOS, Windows, and CI to OpenSSL 1.1.1k.
+
+..
+
+.. bpo: 43617
+.. date: 2021-03-24-16-55-55
+.. nonce: d69KAv
+.. section: Build
+
+Improve configure.ac: Check for presence of autoconf-archive package and
+remove our copies of M4 macros.
+
+..
+
+.. bpo: 41837
+.. date: 2021-02-28-22-49-46
+.. nonce: 9fqyXC
+.. section: macOS
+
+Update macOS installer build to use OpenSSL 1.1.1j.
+
+..
+
+.. bpo: 42225
+.. date: 2021-03-29-16-22-27
+.. nonce: iIeiLg
+.. section: IDLE
+
+Document that IDLE can fail on Unix either from misconfigured IP masquerage
+rules or failure displaying complex colored (non-ascii) characters.
+
+..
+
+.. bpo: 43283
+.. date: 2021-02-21-16-30-10
+.. nonce: DLBwYn
+.. section: IDLE
+
+Document why printing to IDLE's Shell is often slower than printing to a
+system terminal and that it can be made faster by pre-formatting a single
+string before printing.
@@ -1,2 +0,0 @@
-Improve configure.ac: Check for presence of autoconf-archive package and
-remove our copies of M4 macros.
@@ -1 +0,0 @@
-Update macOS, Windows, and CI to OpenSSL 1.1.1k.
@@ -1,2 +0,0 @@
-Improve handling of exceptions near recursion limit. Converts a number of
-Fatal Errors in RecursionErrors.
@@ -1,2 +0,0 @@
-Fix a possible race condition where ``PyErr_CheckSignals`` tries to execute a
-non-Python signal handler.
@@ -1,4 +0,0 @@
-Python no longer fails at startup with a fatal error if a command line
-argument contains an invalid Unicode character. The
-:c:func:`Py_DecodeLocale` function now escapes byte sequences which would be
-decoded as Unicode characters outside the [U+0000; U+10ffff] range.
@@ -1,2 +0,0 @@
-Fix misdetection of circular imports when using ``from pkg.mod import
-attr``, which caused false positives in non-trivial multi-threaded code.
@@ -1,2 +0,0 @@
-Report the column offset for :exc:`SyntaxError` for invalid line
-continuation characters. Patch by Pablo Galindo.
@@ -1,3 +0,0 @@
-Fix crash that happens when replacing ``sys.stderr`` with a callable that
-can remove the object while an exception is being printed. Patch by Pablo
-Galindo.
@@ -1,2 +0,0 @@
-Update some deprecated unicode APIs which are documented as "will be removed
-in 4.0" to "3.12". See :pep:`623` for detail.
@@ -1,2 +0,0 @@
-Clarify that 'yield from <expr>' works with any iterable, not just
-iterators.
@@ -1,4 +0,0 @@
-Clarified that a result from :func:`time.monotonic`,
-:func:`time.perf_counter`, :func:`time.process_time`, or
-:func:`time.thread_time` can be compared with the result from any following
-call to the same function - not just the next immediate call.
@@ -1 +0,0 @@
-Answer "Why is there no goto?" in the Design and History FAQ.
@@ -1,3 +0,0 @@
-Document why printing to IDLE's Shell is often slower than printing to a
-system terminal and that it can be made faster by pre-formatting a single
-string before printing.
@@ -1,2 +0,0 @@
-Document that IDLE can fail on Unix either from misconfigured IP masquerage
-rules or failure displaying complex colored (non-ascii) characters.
@@ -1,2 +0,0 @@
-Fixed memory leak in ``socketserver.ThreadingMixIn`` introduced in Python
-3.7.
@@ -1,2 +0,0 @@
-Fail fast in :func:`shutil.move()` to avoid creating destination directories on
-failure.
@@ -1,2 +0,0 @@
-Fix TextIOWrapper can not flush internal buffer forever after very large
-text is written.
@@ -1,3 +0,0 @@
-The ``python -m gzip`` command line application now properly fails when
-detecting an unsupported extension. It exits with a non-zero exit code and
-prints an error message to stderr.
@@ -1,2 +0,0 @@
-Fix ``ElementTree.extend`` not working on iterators when using the
-Python implementation
@@ -1,3 +0,0 @@
-Improves the networking efficiency of :mod:`http.client` when using a proxy
-via :meth:`~HTTPConnection.set_tunnel`.  Fewer small send calls are made
-during connection setup.
@@ -1,8 +0,0 @@
-Fixed long-standing bug of smtplib.SMTP where doing AUTH LOGIN with
-initial_response_ok=False will fail.
-
-The cause is that SMTP.auth_login _always_ returns a password if provided
-with a challenge string, thus non-compliant with the standard for AUTH
-LOGIN.
-
-Also fixes bug with the test for smtpd.
@@ -1,2 +0,0 @@
-:func:`subprocess.communicate` no longer raises an IndexError when there is an
-empty stdout or stderr IO buffer during a timeout on Windows.
@@ -1 +0,0 @@
-``ast.unparse`` can now render NaNs and empty sets.
@@ -1 +0,0 @@
-Fix deadlock when using :class:`ssl.SSLContext` debug callback with :meth:`ssl.SSLContext.sni_callback`.
@@ -1,2 +0,0 @@
-Raising an exception raised in a "future" instance will create reference
-cycles.
@@ -1,2 +0,0 @@
-:class:`xmlrpc.client.ServerProxy` no longer ignores query and fragment in
-the URL of the server.
@@ -1,2 +0,0 @@
-Add audit hooks for :func:`gc.get_objects`, :func:`gc.get_referrers` and
-:func:`gc.get_referents`. Patch by Pablo Galindo.
@@ -1,8 +0,0 @@
-:mod:`ftplib` no longer trusts the IP address value returned from the server
-in response to the PASV command by default.  This prevents a malicious FTP
-server from using the response to probe IPv4 address and port combinations
-on the client network.
-
-Code that requires the former vulnerable behavior may set a
-``trust_server_pasv_ipv4_address`` attribute on their
-:class:`ftplib.FTP` instances to ``True`` to re-enable it.
@@ -1,4 +0,0 @@
-CVE-2021-3426: Remove the ``getfile`` feature of the :mod:`pydoc` module which
-could be abused to read arbitrary files on the disk (directory traversal
-vulnerability). Moreover, even source code of Python modules can contain
-sensitive data like passwords. Vulnerability reported by David Schwörer.
@@ -1,2 +0,0 @@
-Fix test_importlib to correctly skip Unicode file tests if the fileystem
-does not support them.
@@ -1 +0,0 @@
-Add workaround for Ubuntu's custom OpenSSL security level policy.
@@ -1,2 +0,0 @@
-Fix test_getsetlocale_issue1813() of test_locale: skip the test if
-``setlocale()`` fails. Patch by Victor Stinner.
@@ -1 +0,0 @@
-Update macOS installer build to use OpenSSL 1.1.1j.
@@ -1,4 +1,4 @@
-This is Python version 3.9.2
+This is Python version 3.9.3
 ============================

 .. image:: https://travis-ci.org/python/cpython.svg?branch=3.9
				`@@ -1 +0,0 @@`
				`Update macOS, Windows, and CI to OpenSSL 1.1.1k.`
				`@@ -1 +0,0 @@`
				`Answer "Why is there no goto?" in the Design and History FAQ.`
				`@@ -1 +0,0 @@`
				``ast.unparse`` can now render NaNs and empty sets.
				`@@ -1 +0,0 @@`
				Fix deadlock when using :class:`ssl.SSLContext` debug callback with :meth:`ssl.SSLContext.sni_callback`.
				`@@ -1 +0,0 @@`
				`Add workaround for Ubuntu's custom OpenSSL security level policy.`
				`@@ -1 +0,0 @@`
				`Update macOS installer build to use OpenSSL 1.1.1j.`