diff --git a/Include/patchlevel.h b/Include/patchlevel.h index 3ffe89c4d59ece885c94eef3621250c497dc07ff..d823319e6e75979541fa5d3c64be8b382b77236c 100644 --- a/Include/patchlevel.h +++ b/Include/patchlevel.h @@ -18,12 +18,12 @@ /*--start constants--*/ #define PY_MAJOR_VERSION 3 #define PY_MINOR_VERSION 7 -#define PY_MICRO_VERSION 8 +#define PY_MICRO_VERSION 9 #define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL #define PY_RELEASE_SERIAL 0 /* Version as a string */ -#define PY_VERSION "3.7.8+" +#define PY_VERSION "3.7.9" /*--end constants--*/ /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2. diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py index 8340220bb80757acb5d6f05ddd2ee596e480f253..d42bb995f999ac8f7fb1a6d6f34bfe5c05624ce4 100644 --- a/Lib/pydoc_data/topics.py +++ b/Lib/pydoc_data/topics.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Autogenerated by Sphinx on Wed Jun 17 04:38:18 2020 +# Autogenerated by Sphinx on Sat Aug 15 01:12:49 2020 topics = {'assert': 'The "assert" statement\n' '**********************\n' '\n' diff --git a/Misc/NEWS.d/3.7.9.rst b/Misc/NEWS.d/3.7.9.rst new file mode 100644 index 0000000000000000000000000000000000000000..0be740447d8379a3bebb5e2d959236a0d4898867 --- /dev/null +++ b/Misc/NEWS.d/3.7.9.rst @@ -0,0 +1,90 @@ +.. bpo: 41304 +.. date: 2020-07-15-20-15-08 +.. nonce: vNEeYA +.. release date: 2020-08-15 +.. section: Security + +Fixes `python3x._pth` being ignored on Windows, caused by the fix for +:issue:`29778` (CVE-2020-15801). + +.. + +.. bpo: 29778 +.. date: 2020-07-03-17-21-37 +.. nonce: cR_fGS +.. section: Security + +Ensure :file:`python3.dll` is loaded from correct locations when Python is +embedded (CVE-2020-15523). + +.. + +.. bpo: 41004 +.. date: 2020-06-29-16-02-29 +.. nonce: ovF0KZ +.. section: Security + +CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and +ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and +128 respectively. This resulted in always causing hash collisions. The fix +uses hash() to generate hash values for the tuple of (address, mask length, +network address). + +.. + +.. bpo: 39603 +.. date: 2020-02-12-14-17-39 +.. nonce: Gt3RSg +.. section: Security + +Prevent http header injection by rejecting control characters in +http.client.putrequest(...). + +.. + +.. bpo: 33786 +.. date: 2018-06-06-23-24-40 +.. nonce: lBvT8z +.. section: Core and Builtins + +Fix asynchronous generators to handle GeneratorExit in athrow() correctly + +.. + +.. bpo: 41288 +.. date: 2020-07-13-15-06-35 +.. nonce: 8mn5P- +.. section: Library + +Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now +UnpicklingError instead of crashing. + +.. + +.. bpo: 39017 +.. date: 2020-07-12-22-16-58 +.. nonce: x3Cg-9 +.. section: Library + +Avoid infinite loop when reading specially crafted TAR files using the +tarfile module (CVE-2019-20907). + +.. + +.. bpo: 41235 +.. date: 2020-07-07-21-56-26 +.. nonce: H2csMU +.. section: Library + +Fix the error handling in :meth:`ssl.SSLContext.load_dh_params`. + +.. + +.. bpo: 41100 +.. date: 2020-08-15-00-33-27 +.. nonce: AksBg1 +.. section: macOS + +Additional fixes for testing on macOS 11 Big Sur Intel. Note: macOS 11 is +not yet released, this release of Python is not fully supported on 11.0, and +not all tests pass. diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-06-06-23-24-40.bpo-33786.lBvT8z.rst b/Misc/NEWS.d/next/Core and Builtins/2018-06-06-23-24-40.bpo-33786.lBvT8z.rst deleted file mode 100644 index 57deefe339b5c8679bf535a8dc0cc73a4ff1c4bd..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Core and Builtins/2018-06-06-23-24-40.bpo-33786.lBvT8z.rst +++ /dev/null @@ -1 +0,0 @@ -Fix asynchronous generators to handle GeneratorExit in athrow() correctly diff --git a/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst b/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst deleted file mode 100644 index c55275bb1c622b910d742ee1089a19d7e7b50c02..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst +++ /dev/null @@ -1 +0,0 @@ -Fix the error handling in :meth:`ssl.SSLContext.load_dh_params`. diff --git a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst deleted file mode 100644 index ad26676f8b85633d9586cef949da4f950a9d13ff..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst +++ /dev/null @@ -1 +0,0 @@ -Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907). diff --git a/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst b/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst deleted file mode 100644 index 3c3adbabf16ff18d506b0a89c8c7c6b89ffe54cc..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst +++ /dev/null @@ -1,2 +0,0 @@ -Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now -UnpicklingError instead of crashing. diff --git a/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst b/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst deleted file mode 100644 index 990affc3edd9d8ff819de49ea83f81608eec886c..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst +++ /dev/null @@ -1,2 +0,0 @@ -Prevent http header injection by rejecting control characters in -http.client.putrequest(...). diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst deleted file mode 100644 index f5a9db52fff52bde11124177135e94e1394f37b6..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst +++ /dev/null @@ -1 +0,0 @@ -CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address). diff --git a/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst b/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst deleted file mode 100644 index 998ffb1ee666777fcb819d5830fe33910140bab5..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst +++ /dev/null @@ -1,2 +0,0 @@ -Ensure :file:`python3.dll` is loaded from correct locations when Python is -embedded (CVE-2020-15523). diff --git a/Misc/NEWS.d/next/Security/2020-07-15-20-15-08.bpo-41304.vNEeYA.rst b/Misc/NEWS.d/next/Security/2020-07-15-20-15-08.bpo-41304.vNEeYA.rst deleted file mode 100644 index 8cc4bb8d280a72083940753439bd8625da4f0769..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/Security/2020-07-15-20-15-08.bpo-41304.vNEeYA.rst +++ /dev/null @@ -1 +0,0 @@ -Fixes `python3x._pth` being ignored on Windows, caused by the fix for :issue:`29778` (CVE-2020-15801). diff --git a/Misc/NEWS.d/next/macOS/2020-08-15-00-33-27.bpo-41100.AksBg1.rst b/Misc/NEWS.d/next/macOS/2020-08-15-00-33-27.bpo-41100.AksBg1.rst deleted file mode 100644 index b6e12dc340440cb24e9dfdaf833873e0669e5b5c..0000000000000000000000000000000000000000 --- a/Misc/NEWS.d/next/macOS/2020-08-15-00-33-27.bpo-41100.AksBg1.rst +++ /dev/null @@ -1,3 +0,0 @@ -Additional fixes for testing on macOS 11 Big Sur Intel. Note: macOS 11 is -not yet released, this release of Python is not fully supported on 11.0, and -not all tests pass. diff --git a/README.rst b/README.rst index 0a6f509a31fc76129672efccf0f1512b062a3d76..d1d66a85e96720a84df9ce8ad9eb69f88ad93035 100644 --- a/README.rst +++ b/README.rst @@ -1,5 +1,5 @@ -This is Python version 3.7.8+ -============================= +This is Python version 3.7.9 +============================ .. image:: https://travis-ci.org/python/cpython.svg?branch=3.7 :alt: CPython build status on Travis CI