PublicArchive/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-05-17 18:08:50 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
41964de01b93feebc25035d4e6b5e802d157ae98
cpython/Lib
T
History
Miss Islington (bot) e2e8847bf5 gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879) 
Fix an open redirection vulnerability in the `http.server` module when
an URI path starts with `//` that could produce a 301 Location header
with a misleading target.  Vulnerability discovered, and logic fix
proposed, by Hamza Avvan (@hamzaavvan).

Test and comments authored by Gregory P. Smith [Google].
(cherry picked from commit 4abab6b603)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
2022-06-21 14:29:03 -07:00
..
__phello__
asyncio
gh-93297: Make asyncio task groups prevent child tasks from being GCed (GH-93299) (#93305)
2022-05-27 15:46:57 -07:00
collections
bpo-26579: Add object.__getstate__(). (GH-2821)
2022-04-06 20:00:14 +03:00
concurrent
gh-90622: Do not spawn ProcessPool workers on demand via fork method. (GH-91598) (#92495)
2022-05-08 10:14:14 -07:00
ctypes
gh-91265: Make old ctypes.macholib tests runned by python -m test (gh-32094)
2022-04-18 09:27:09 +02:00
curses
dbm
distutils
gh-90473: Skip get_config_h() tests on WASI (GH-93645)
2022-06-09 09:32:52 -07:00
email
gh-93010: InvalidHeaderError used but nonexistent (GH-93015)
2022-05-23 09:57:12 -07:00
encodings
bpo-46659: Fix the MBCS codec alias on Windows (GH-31218)
2022-02-22 22:04:07 +01:00
ensurepip
Revert "bpo-46986: Upgrade bundled setuptools to 60.9.3 (GH-31820)" (GH-31879)
2022-03-14 16:30:46 -04:00
html
Add source for character mappings (#92014)
2022-05-06 12:28:09 +02:00
http
gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879)
2022-06-21 14:29:03 -07:00
idlelib
Fix typo in Lib/idlelib/idle_test/test_parenmatch.py (GH-93332) (#93339)
2022-05-29 23:02:23 -04:00
importlib
gh-93353: Fix importlib.resources._tempfile() finalizer (GH-93377)
2022-06-13 10:49:48 -07:00
json
bpo-46565: del loop vars that are leaking into module namespaces (GH-30993)
2022-02-03 11:20:08 +02:00
lib2to3
gh-90473: Misc test fixes for WASI (GH-93218)
2022-05-25 07:24:32 -07:00
logging
Delete outdated comment in logging module (#31117)
2022-05-02 16:29:03 -06:00
msilib
gh-91217: deprecate msilib (GH-91515)
2022-04-14 12:50:11 -07:00
multiprocessing
GH-83658: make multiprocessing.Pool raise an exception if maxtasksperchild is not None or a positive int (GH-93364) (GH-93923)
2022-06-17 23:31:42 +01:00
pydoc_data
Python 3.11.0b3
2022-06-01 14:07:53 +01:00
re
gh-91404: Revert "bpo-23689: re module, fix memory leak when a match is terminated by a signal or allocation failure (GH-32283) (GH-93882)
2022-06-17 01:43:56 -07:00
site-packages
sqlite3
gh-79009: sqlite3.iterdump now correctly handles tables with autoincrement (GH-9621)
2022-06-19 16:25:13 -07:00
test
gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879)
2022-06-21 14:29:03 -07:00
tkinter
bpo-13553: Document tkinter.Tk args (GH-4786)
2022-05-09 21:17:57 -07:00
tomllib
bpo-40059: Add tomllib (PEP-680) (GH-31498)
2022-03-08 09:26:13 +01:00
turtledemo
unittest
bpo-45046: Support context managers in unittest (GH-28045)
2022-05-08 08:12:19 -07:00
urllib
bpo-42627: Fix incorrect parsing of Windows registry proxy settings (GH-26307)
2022-05-11 11:41:53 -07:00
venv
gh-92675: venv: Fix ensure_directories() to again accept a Path for env_dir (GH-92676)
2022-05-19 08:17:28 -07:00
wsgiref
gh-86178: wsgiref.types: Add missing TypeAlias annotations (GH-91608)
2022-04-16 13:37:02 -07:00
xml
[3.11] gh-91810: ElementTree: Use text file's encoding by default in XML declaration (GH-91903) (GH-92663)
2022-05-11 10:36:52 -07:00
xmlrpc
bpo-47126: Update to canonical PEP URLs specified by PEP 676 (GH-32124)
2022-03-30 12:00:27 +01:00
zoneinfo
bpo-46124: Update zoneinfo to rely on importlib.resources traversable API. (GH-30190)
2022-01-21 13:18:31 -08:00
__future__.py
__hello__.py
bpo-47084: Clear Unicode cached representations on finalization (GH-32032)
2022-03-22 13:53:51 +01:00
_aix_support.py
_bootsubprocess.py
_collections_abc.py
Minor code nit: Move an unrelated statement out of a try clause in Sequence.index (GH-32330)
2022-04-06 13:03:36 -05:00
_compat_pickle.py
bpo-46565: del loop vars that are leaking into module namespaces (GH-30993)
2022-02-03 11:20:08 +02:00
_compression.py
_markupbase.py
_osx_support.py
_py_abc.py
_pydecimal.py
gh-91291: Accept attributes as keyword arguments in decimal.localcontext (#32242)
2022-04-21 21:27:15 -07:00
_pyio.py
gh-93099: Fix _pyio to use locale module properly (gh-93136)
2022-05-23 18:03:37 -07:00
_sitebuiltins.py
_strptime.py
_threading_local.py
_weakrefset.py
bpo-26579: Add object.__getstate__(). (GH-2821)
2022-04-06 20:00:14 +03:00
abc.py
bpo-43827: Make arguments to abc.ABCMeta.__new__ pos-only (#25385)
2022-05-05 06:40:01 -07:00
aifc.py
gh-47061: Deprecate chunk (GH-91419)
2022-04-11 15:02:41 -07:00
antigravity.py
argparse.py
Allow translating argument error messages (#17169)
2022-05-05 00:32:49 -05:00
ast.py
gh-92671: Don't omit parentheses when unparsing empty tuples (GH-92673)
2022-05-16 06:01:34 -07:00
asynchat.py
bpo-47061: use warnings._deprecated() with asynchat, asyncore, and smtpd (GH-32350)
2022-04-06 11:22:39 -07:00
asyncore.py
bpo-47061: use warnings._deprecated() with asynchat, asyncore, and smtpd (GH-32350)
2022-04-06 11:22:39 -07:00
base64.py
bdb.py
bisect.py
bz2.py
bpo-45475: Revert __iter__ optimization for GzipFile, BZ2File, and LZMAFile. (GH-29016)
2021-10-19 11:51:48 +09:00
calendar.py
bpo-46659: Enhance LocaleTextCalendar for C locale (GH-31214)
2022-02-24 14:29:08 +01:00
cgi.py
bpo-47061: deprecate cgi and cgitb (GH-32410)
2022-04-08 17:15:35 -07:00
cgitb.py
bpo-47061: deprecate cgi and cgitb (GH-32410)
2022-04-08 17:15:35 -07:00
chunk.py
gh-47061: Deprecate chunk (GH-91419)
2022-04-11 15:02:41 -07:00
cmd.py
gh-67248: cmd: Sort miscellaneous help topics (#92254)
2022-05-03 21:36:52 -06:00
code.py
codecs.py
codeop.py
Remove trailing spaces (GH-31695)
2022-03-05 17:47:00 +02:00
colorsys.py
compileall.py
Fixed documentation typo in compileall.py (GH-29912)
2021-12-05 00:38:17 +09:00
configparser.py
bpo-46607: Add DeprecationWarning for LegacyInterpolation, deprecated in docs since 3.2 (GH-30927)
2022-04-05 08:15:11 -07:00
contextlib.py
gh-92118: fix traceback of exceptions propagated from inside a contextlib.contextmanager (GH-92202)
2022-05-04 19:40:47 +01:00
contextvars.py
copy.py
gh-90494: Reject 6th element of the __reduce__() tuple (GH-93609) (GH-93631)
2022-06-10 16:00:19 +02:00
copyreg.py
bpo-26579: Add object.__getstate__(). (GH-2821)
2022-04-06 20:00:14 +03:00
cProfile.py
bpo-34861: Make cumtime the default sorting key for cProfile (GH-31929)
2022-03-30 12:10:10 +01:00
crypt.py
gh-91217: deprecate crypt (GH-91459)
2022-04-11 17:02:19 -07:00
csv.py
dataclasses.py
gh-89828: Do not relay the __class__ attribute in GenericAlias (GH-93754)
2022-06-18 07:41:25 -07:00
datetime.py
Check result of utc_to_seconds and skip fold probe in pure Python (GH-91582)
2022-05-14 07:59:52 -07:00
decimal.py
difflib.py
Correct method name typo (#91970)
2022-04-27 15:28:56 -06:00
dis.py
GH-91389: Fix dis position information for CACHEs (GH-93663) (GH-93921)
2022-06-17 10:26:20 -07:00
doctest.py
bpo-28249: fix lineno location for empty DocTest instances (GH-30498) (GH-92978)
2022-05-19 20:03:06 +02:00
enum.py
gh-93847: Fix repr of enum of generic aliases (GH-93885)
2022-06-16 22:00:22 -07:00
filecmp.py
fileinput.py
fnmatch.py
gh-89973: Fix re.error in the fnmatch module. (GH-93072)
2022-06-05 02:39:11 -07:00
fractions.py
bpo-44547: Make Fractions objects instances of typing.SupportsInt (GH-27851)
2021-10-22 00:09:47 +02:00
ftplib.py
functools.py
gh-89828: Do not relay the __class__ attribute in GenericAlias (GH-93754)
2022-06-18 07:41:25 -07:00
genericpath.py
getopt.py
getpass.py
gettext.py
glob.py
bpo-37578: glob.glob -- added include_hidden parameter (GH-30153)
2021-12-18 06:23:34 -08:00
graphlib.py
bpo-45359: Support TopologicalSorter type subscript (GH-28714)
2021-12-08 20:52:57 +02:00
gzip.py
gh-90839: Forward gzip.compress() compresslevel to zlib (gh-31215)
2022-04-12 22:46:40 +09:00
hashlib.py
bpo-45150: Add hashlib.file_digest() for efficient file hashing (GH-31930)
2022-03-22 02:37:00 -07:00
heapq.py
Update: usage doc for heappushpop (GH-91451)
2022-04-17 23:12:33 -05:00
hmac.py
imaplib.py
imghdr.py
gh-91217: deprecate imghdr (#91461)
2022-04-13 10:47:41 -07:00
imp.py
inspect.py
gh-92062: inspect.Parameter checks whether name is a keyword (GH-92065)
2022-05-03 13:52:30 -07:00
io.py
bpo-46522: fix concurrent.futures and io AttributeError messages (GH-30887)
2022-02-23 02:25:00 +02:00
ipaddress.py
bpo-46415: Use f-string for ValueError in ipaddress.ip_{address,network,interface} helper functions (#30642)
2022-05-03 06:12:58 -06:00
keyword.py
linecache.py
locale.py
gh-90817: Deprecate explicitly locale.resetlocale() (GH-93196)
2022-05-25 13:29:58 -07:00
lzma.py
bpo-45475: Revert __iter__ optimization for GzipFile, BZ2File, and LZMAFile. (GH-29016)
2021-10-19 11:51:48 +09:00
mailbox.py
mailcap.py
[3.11] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993) (GH-93458)
2022-06-03 08:25:58 -07:00
mimetypes.py
bpo-45639: Add webp and avif image formats to mimetypes (#29259)
2022-05-03 15:17:57 -06:00
modulefinder.py
netrc.py
bpo-28806: Continue work: improve the netrc library (GH-26330)
2021-11-17 11:07:54 +02:00
nntplib.py
gh-91217: deprecate nntplib (GH-91543)
2022-04-15 12:32:56 -07:00
ntpath.py
bpo-42658: Use LCMapStringEx in ntpath.normcase to match OS behaviour for case-folding (GH-93591)
2022-06-10 11:14:25 +01:00
nturl2path.py
numbers.py
opcode.py
gh-90997: Show cached inline values in dis output (#92360)
2022-05-06 15:18:09 +01:00
operator.py
bpo-44019: Add operator.call() to __all__ for the operator module (GH-29110)
2021-10-21 19:05:36 +09:00
optparse.py
os.py
gh-87901: Remove the encoding argument from os.popen (GH-92836)
2022-05-18 20:12:47 -07:00
pathlib.py
gh-93156 - fix negative indexing into absolute pathlib.PurePath().parents (GH-93273)
2022-06-03 14:57:54 -07:00
pdb.py
bpo-46434: Handle missing docstrings in pdb help (GH-30705)
2022-01-21 17:00:48 +00:00
pickle.py
gh-90494: Reject 6th element of the __reduce__() tuple (GH-93609) (GH-93631)
2022-06-10 16:00:19 +02:00
pickletools.py
pipes.py
gh-91217: deprecate-pipes (GH-91779)
2022-04-21 19:28:34 -07:00
pkgutil.py
platform.py
gh-90473: Decrease recursion limit and skip tests on WASI (GH-92803)
2022-05-19 08:05:52 -07:00
plistlib.py
bpo-40066: [Enum] skip failing doc test (GH-30637)
2022-01-17 07:18:13 -08:00
poplib.py
posixpath.py
bpo-46933: Make pwd module optional (GH-31700)
2022-03-07 13:36:47 +01:00
pprint.py
bpo-45557: Fix underscore_numbers in pprint.pprint(). (GH-29129)
2021-10-21 16:42:55 -04:00
profile.py
pstats.py
pty.py
py_compile.py
pyclbr.py
pydoc.py
gh-89828: Do not relay the __class__ attribute in GenericAlias (GH-93754)
2022-06-18 07:41:25 -07:00
queue.py
gh-90879: Fix missing parameter for put_nowait() (GH-91514)
2022-04-14 17:23:57 +09:00
quopri.py
random.py
bpo-46737: Add default arguments to random.gauss and normalvariate (GH-31360)
2022-02-15 17:12:15 -06:00
reprlib.py
rlcompleter.py
gh-92345: Import rlcompleter before sys.path is extended (#92346)
2022-05-05 21:24:16 +02:00
runpy.py
bpo-26792: Improve docstrings of runpy module run_functions (#30729)
2022-04-29 12:22:46 -06:00
sched.py
secrets.py
bpo-47126: Update to canonical PEP URLs specified by PEP 676 (GH-32124)
2022-03-30 12:00:27 +01:00
selectors.py
bpo-46583: remove unused sys.version_info check from selectors (GH-31023)
2022-02-02 10:15:02 +02:00
shelve.py
shlex.py
shutil.py
gh-88513: clarify shutil.copytree's dirs_exist_ok arg (GH-91434)
2022-04-11 17:57:52 -07:00
signal.py
bpo-27718: Fix help for the signal module (GH-30063)
2021-12-13 11:21:55 +02:00
site.py
gh-90473: disable user site packages on WASI/Emscripten (GH-93633)
2022-06-09 09:12:51 -07:00
smtpd.py
bpo-47061: use warnings._deprecated() with asynchat, asyncore, and smtpd (GH-32350)
2022-04-06 11:22:39 -07:00
smtplib.py
sndhdr.py
gh-91217: deprecate-sndhdr (#91806)
2022-04-22 15:48:03 -07:00
socket.py
Grammar fix to socket error string (GH-93523) (GH-93560)
2022-06-07 10:10:24 +02:00
socketserver.py
bpo-40280: Disable AF_UNIX, AF_PACKET, SO_REUSE* on Emscripten (#31829)
2022-03-11 23:25:14 +01:00
sre_compile.py
bpo-47152: Convert the re module into a package (GH-32177)
2022-04-02 11:35:13 +03:00
sre_constants.py
bpo-47152: Convert the re module into a package (GH-32177)
2022-04-02 11:35:13 +03:00
sre_parse.py
bpo-47152: Convert the re module into a package (GH-32177)
2022-04-02 11:35:13 +03:00
ssl.py
bpo-46604: fix function name in ssl module docstring (#31064)
2022-05-03 09:56:24 -06:00
stat.py
statistics.py
Fix inconsistent return type for statistics median_grouped() gh-92531 (GH-92533) (#92656)
2022-05-10 23:45:17 -05:00
string.py
bpo-46307: Add string.Template.get_identifiers() method (GH-30493)
2022-01-11 11:15:42 -08:00
stringprep.py
struct.py
subprocess.py
gh-90473: Fail subprocess early on Emscripten/WASI (GH-92802)
2022-05-14 11:47:17 -07:00
sunau.py
gh-91217: deprecate sunau (GH-91866)
2022-04-25 16:26:43 -07:00
symtable.py
Change list to view object (GH-93661)
2022-06-11 04:20:52 -07:00
sysconfig.py
gh-90473: disable user site packages on WASI/Emscripten (GH-93633)
2022-06-09 09:12:51 -07:00
tabnanny.py
tarfile.py
gh-91387: Strip trailing slash from tarfile longname directories (GH-32423)
2022-06-21 11:09:07 -07:00
telnetlib.py
gh-91217: deprecate telnetlib (GH-91958)
2022-04-26 10:45:08 -07:00
tempfile.py
gh-70363: Implement io.IOBase interface for SpooledTemporaryFile (GH-29560)
2022-05-03 21:18:18 +09:00
textwrap.py
bpo-46544: Do not leak x and uspace in textwrap.TextWrapper (GH-30955)
2022-01-27 13:55:58 +02:00
this.py
threading.py
[3.11] gh-92530: Fix an issue that occurred after interrupting threading.Condition.notify (GH-92534) (GH-92829)
2022-05-17 09:45:40 -07:00
timeit.py
token.py
tokenize.py
bpo-46565: del loop vars that are leaking into module namespaces (GH-30993)
2022-02-03 11:20:08 +02:00
trace.py
traceback.py
gh-89770: Implement PEP-678 - Exception notes (GH-31317)
2022-04-16 19:59:52 +01:00
tracemalloc.py
tty.py
turtle.py
Fix typo in turtle deprecation warning and use warnings._deprecated (#91862)
2022-05-02 10:57:00 -06:00
types.py
gh-89828: Do not relay the __class__ attribute in GenericAlias (GH-93754)
2022-06-18 07:41:25 -07:00
typing.py
gh-89828: Do not relay the __class__ attribute in GenericAlias (GH-93754)
2022-06-18 07:41:25 -07:00
uu.py
gh-91217: deprecate uu (GH-92009)
2022-04-27 20:26:33 -07:00
uuid.py
warnings.py
gh-91230: Concise catch_warnings with simplefilter (#91435)
2022-04-23 17:55:22 -07:00
wave.py
gh-47061: Deprecate chunk (GH-91419)
2022-04-11 15:02:41 -07:00
weakref.py
Remove unnecessary registration of weakref.WeakSet to _collections_abc.Set (GH-32211)
2022-03-31 09:11:35 -05:00
webbrowser.py
bpo-43137: Revert "webbrowser: Don't run gvfs-open on GNOME" (GH-30417)
2022-01-05 11:53:23 +00:00
xdrlib.py
gh-91217: deprecate xdrlib (GH-92066)
2022-04-29 18:22:10 -07:00
zipapp.py
zipfile.py
[3.11] gh-83245: Raise BadZipFile instead of ValueError when reading a corrupt ZIP file (GH-32291) (GH-93141)
2022-05-25 00:57:36 -07:00
zipimport.py