Log Message:
python37: updated to 3.7.3

Python 3.7.3:
Security
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains \ 
characters that decompose under IDNA encoding (NFKC-normalization) into \ 
characters that affect how the URL is parsed.
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert \ 
parser did not handle CRL distribution points with empty DP or URI correctly. A \ 
malicious or buggy certificate can result into segfault. Vulnerability \ 
(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.
bpo-35121: Don’t send cookies of domain A without Domain attribute to domain B \ 
when domain A is a suffix match of domain B while using a cookiejar with \ 
http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan.

Core and Builtins
bpo-35942: The error message emitted when returning invalid types from \ 
__fspath__ in interfaces that allow passing PathLike objects has been improved \ 
and now it does explain the origin of the error.
bpo-35992: Fix __class_getitem__() not being called on a class with a custom \ 
non-subscriptable metaclass.
bpo-35991: Fix a potential double free in Modules/_randommodule.c.
bpo-35961: Fix a crash in slice_richcompare(): use strong references rather than \ 
stolen references for the two temporary internal tuples.
bpo-31506: Clarify the errors reported when object.__new__ and object.__init__ \ 
receive more than one argument. Contributed by Sanyam Khurana.
bpo-35720: Fixed a minor memory leak in pymain_parse_cmdline_impl function in \ 
Modules/main.c
bpo-35623: Fix a crash when sorting very long lists. Patch by Stephan Hohe.
bpo-35214: clang Memory Sanitizer build instrumentation was added to work around \ 
false positives from posix, socket, time, test_io, and test_faulthandler.
bpo-35560: Fix an assertion error in format() in debug build for floating point \ 
formatting with “n” format, zero padding and small width. Release build is \ 
not impacted. Patch by Karthikeyan Singaravelan.
bpo-35552: Format characters %s and %V in PyUnicode_FromFormat() and %s in \ 
PyBytes_FromFormat() no longer read memory past the limit if precision is \ 
specified.
bpo-35504: Fix segfaults and SystemErrors when deleting certain attributes. \ 
Patch by Zackery Spytz.
bpo-33989: Fix a possible crash in list.sort() when sorting objects with \ 
ob_type->tp_richcompare == NULL. Patch by Zackery Spytz.

Library
bpo-35931: The pdb debug command now gracefully handles all exceptions.
bpo-36251: Fix format strings used for stderrprinter and re.Match reprs. Patch \ 
by Stephan Hohe.
bpo-35807: Update ensurepip to install pip 19.0.3 and setuptools 40.8.0.
bpo-36179: Fix two unlikely reference leaks in _hashopenssl. The leaks only \ 
occur in out-of-memory cases.
bpo-35178: Ensure custom warnings.formatwarning() function can receive line as \ 
positional argument. Based on patch by Tashrif Billah.
bpo-36106: Resolve potential name clash with libm’s sinpi(). Patch by Dmitrii \ 
Pasechnik.
bpo-35512: unittest.mock.patch.dict() used as a decorator with string target \ 
resolves the target during function call instead of during decorator \ 
construction. Patch by Karthikeyan Singaravelan.
bpo-36091: Clean up reference to async generator in Lib/types. Patch by Henry Chen.
bpo-35899: Enum has been fixed to correctly handle empty strings and strings \ 
with non-Latin characters (ie. ‘α’, ‘א’) without crashing. Original \ 
patch contributed by Maxwell. Assisted by Stéphane Wirtel.
bpo-35918: Removed broken has_key method from \ 
multiprocessing.managers.SyncManager.dict. Contributed by Rémi Lapeyre.
bpo-35960: Fix dataclasses.field() throwing away empty mapping objects passed as \ 
metadata.
bpo-35847: RISC-V needed the CTYPES_PASS_BY_REF_HACK. Fixes ctypes Structure \ 
test_pass_by_value.
bpo-35780: Fix lru_cache() errors arising in recursive, reentrant, or \ 
multi-threaded code. These errors could result in orphan links and in the cache \ 
being trapped in a state with fewer than the specified maximum number of links. \ 
Fix handling of negative maxsize which should have been treated as zero. Fix \ 
errors in toggling the “full” status flag. Fix misordering of links when \ 
errors are encountered. Sync-up the C code and pure Python code for the space \ 
saving path in functions with a single positional argument. In this common case, \ 
the space overhead of an lru cache entry is reduced by almost half. Fix counting \ 
of cache misses. In error cases, the miss count was out of sync with the actual \ 
number of times the underlying user function was called.
bpo-23846: asyncio.ProactorEventLoop now catches and logs send errors when the \ 
self-pipe is full.
bpo-34323: asyncio: Enhance IocpProactor.close() log: wait 1 second before the \ 
first log, then log every second. Log also the number of seconds since close() \ 
was called.
bpo-34294: re module, fix wrong capturing groups in rare cases. re.search(), \ 
re.findall(), re.sub() and other functions that scan through string looking for \ 
a match, should reset capturing groups between two match attempts. Patch by Ma \ 
Lin.
bpo-35717: Fix KeyError exception raised when using enums and compile. Patch \ 
contributed by Rémi Lapeyre.
bpo-35699: Fixed detection of Visual Studio Build Tools 2017 in distutils
bpo-32710: Fix memory leaks in asyncio ProactorEventLoop on overlapped operation \ 
failure.
bpo-32710: Fix a memory leak in asyncio in the ProactorEventLoop when ReadFile() \ 
or WSASend() overlapped operation fail immediately: release the internal buffer.
bpo-35682: Fix asyncio.ProactorEventLoop.sendfile(): don’t attempt to set the \ 
result of an internal future if it’s already done.
bpo-35283: Add a pending deprecated warning for the threading.Thread.isAlive() \ 
method. Patch by Dong-hee Na.
bpo-35643: Fixed a SyntaxWarning: invalid escape sequence in \ 
Modules/_sha3/cleanup.py. Patch by Mickaël Schoentgen.
bpo-35615: weakref: Fix a RuntimeError when copying a WeakKeyDictionary or a \ 
WeakValueDictionary, due to some keys or values disappearing while iterating.
bpo-28503: The crypt module now internally uses the crypt_r() library function \ 
instead of crypt() when available.
bpo-35121: Don’t set cookie for a request when the request path is a prefix \ 
match of the cookie’s path attribute but doesn’t end with “/”. Patch by \ 
Karthikeyan Singaravelan.
bpo-35585: Speed-up building enums by value, e.g. http.HTTPStatus(200).
bpo-21478: Calls to a child function created with \ 
unittest.mock.create_autospec() should propagate to the parent. Patch by \ 
Karthikeyan Singaravelan.
bpo-35513: TextTestRunner of unittest.runner now uses time.perf_counter() rather \ 
than time.time() to measure the execution time of a test: time.time() can go \ 
backwards, whereas time.perf_counter() is monotonic.
bpo-35502: Fixed reference leaks in xml.etree.ElementTree.TreeBuilder in case of \ 
unfinished building of the tree (in particular when an error was raised during \ 
parsing XML).
bpo-31446: Copy command line that was passed to CreateProcessW since this \ 
function can change the content of the input buffer.
bpo-20239: Allow repeated assignment deletion of unittest.mock.Mock attributes. \ 
Patch by Pablo Galindo.
bpo-17185: Set __signature__ on mock for inspect to get signature. Patch by \ 
Karthikeyan Singaravelan.
bpo-10496: check_environ() of distutils.utils now catches KeyError on calling \ 
pwd.getpwuid(): don’t create the HOME environment variable in this case.
bpo-35066: Previously, calling the strftime() method on a datetime object with a \ 
trailing ‘%’ in the format string would result in an exception. However, \ 
this only occured when the datetime C module was being used; the python \ 
implementation did not match this behavior. Datetime is now PEP-399 compliant, \ 
and will not throw an exception on a trailing ‘%’.
bpo-24746: Avoid stripping trailing whitespace in doctest fancy diff. Orignial \ 
patch by R. David Murray & Jairo Trad. Enhanced by Sanyam Khurana.
bpo-35198: Fix C++ extension compilation on AIX
bpo-28441: On Cygwin and MinGW, ensure that sys.executable always includes the \ 
full filename in the path, including the .exe suffix (unless it is a symbolic \ 
link).
bpo-34572: Fix C implementation of pickle.loads to use importlib’s locking \ 
mechanisms, and thereby avoid using partially-loaded modules. Patch by Tim \ 
Burgess.
bpo-33687: Fix the call to os.chmod() for uu.decode() if a mode is given or \ 
decoded. Patch by Timo Furrer.
bpo-32146: Document the interaction between frozen executables and the spawn and \ 
forkserver start methods in multiprocessing.