./lang/py38-html-docs, HTML Documentation for Python 3.8

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.8.15, Package name: py38-html-docs-3.8.15, Maintainer: leot

HTML Documentation for Python 3.8


Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 6538.11 KB

Version history: (Expand)


CVS history: (Expand)


   2022-10-12 10:37:53 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
python38 py38-html-docs: updated to 3.8.15

Python 3.8.15

Security

gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer \ 
overflow when the new allocated length is close to the maximum size. Issue \ 
reported by Jordan Limor. Patch by Victor Stinner.
gh-97612: Fix a shell code injection vulnerability in the \ 
get-remote-certificate.py example script. The script no longer uses a shell to \ 
run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by \ 
Victor Stinner.

Core and Builtins

gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no \ 
value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a \ 
valid limit. Patch by Victor Stinner.
gh-95778: When ValueError is raised if an integer is larger than the limit, \ 
mention the sys.set_int_max_str_digits() function in the error message. Patch by \ 
Victor Stinner.

Library

gh-97005: Update bundled libexpat to 2.4.9

Windows

gh-96577: Fixes a potential buffer overrun in msilib.
   2022-09-07 17:32:34 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
python38 py38-html-docs: updated to 3.8.14

Python 3.8.14

Security
gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 \ 
(octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a \ 
ValueError if the number of digits in string form is above a limit to avoid \ 
potential denial of service attacks due to the algorithmic complexity. This is a \ 
mitigation for CVE-2020-10735.

This new limit can be configured or disabled by environment variable, command \ 
line flag, or sys APIs. See the integer string conversion length limitation \ 
documentation. The default limit is 4300 digits in string form.

Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback \ 
from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson.
gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server \ 
when an URI path starts with //. Vulnerability discovered, and initial fix \ 
proposed, by Hamza Avvan.

Core and Builtins
gh-93065: Fix contextvars HAMT implementation to handle iteration over deep trees.

The bug was discovered and fixed by Eli Libman. See MagicStack/immutables#84 for \ 
more details.

Library
bpo-46197: Fix ensurepip environment isolation for subprocess running pip.
bpo-36073: Raise ProgrammingError instead of segfaulting on recursive usage of \ 
cursors in sqlite3 converters. Patch by Sergey Fedoseev.

Documentation
gh-91888: Add a new gh role to the documentation to link to GitHub issues.
bpo-47138: Pin Jinja to a version compatible with Sphinx version 2.4.4.

Tests
gh-94208: test_ssl is now checking for supported TLS version and protocols in \ 
more tests.
bpo-47016: Create a GitHub Actions workflow for verifying bundled pip and \ 
setuptools. Patch by Illia Volochii and Adam Turner.
bpo-46114: Fix test case for OpenSSL 3.0.1 version. OpenSSL 3.0 uses 0xMNN00PP0L.

Windows
bpo-47194: Update zlib to v1.2.12 to resolve CVE-2018-25032.
   2022-03-19 19:56:44 by Adam Ciarcinski | Files touched by this commit (7) | Package updated
Log message:
python38 py38-html-docs: updated to 3.8.13

Python 3.8.13 final

Core and Builtins

bpo-46794: Bump up the libexpat version into 2.4.6
Library
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46932: Update bundled libexpat to 2.4.7
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or \ 
statically linked libexpat in embedded Python.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and \ 
urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to \ 
bypass authorization. For example, access to URI example.org/foobar was allowed \ 
if the user was authorized for URI example.org/foo.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by \ 
limiting ambiguity in consecutive whitespace.
bpo-44849: Fix the os.set_inheritable() function on FreeBSD 14 for file \ 
descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), \ 
fallback on the fcntl() implementation. Patch by Victor Stinner.

Documentation

bpo-41028: Language and version switchers, previously maintained in every \ 
cpython branches, are now handled by docsbuild-script.

Tests

bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline character \ 
is not written at the end, so don’t expect it in the output. Patch by Victor \ 
Stinner.
bpo-44949: Fix auto history tests of test_readline: sometimes, the newline \ 
character is not written at the end, so don’t expect it in the output.

Build

bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n.
bpo-45405: Prevent internal configure error when running configure with recent \ 
versions of clang. Patch by David Bohman.
bpo-45220: Avoid building with the Windows 11 SDK previews automatically. This \ 
may be overridden by setting the DefaultWindowsSDKVersion environment variable \ 
before building.

Windows

bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and \ 
CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the \ 
Windows installer uses the correct path when being repaired.

macOS

bpo-44828: Avoid tkinter file dialog failure on macOS 12 Monterey when using the \ 
Tk 8.6.11 provided by python.org macOS installers. Patch by Marc Culler of the \ 
Tk project.
   2021-10-26 12:51:59 by Nia Alarie | Files touched by this commit (260)
Log message:
lang: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles could not be fetched (possibly fetched
conditionally?):

./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-linux-gnu.tar.gz
./lang/rust-bin/distinfo \ 
rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-linux-musl.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-netbsd.tar.gz
./lang/rust-bin/distinfo \ 
rust-bin-1.54.0/rust-1.54.0-armv7-unknown-netbsd-eabihf.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-i686-unknown-linux-gnu.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-powerpc-unknown-netbsd90.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-sparc64-unknown-netbsd.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-apple-darwin.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-freebsd.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-linux-gnu.tar.gz
./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-linux-musl.tar.gz
./lang/smlnj/distinfo smlnj-110.73/boot.ppc-unix.tgz
./lang/smlnj/distinfo smlnj-110.73/boot.sparc-unix.tgz
./lang/oracle-jre8/distinfo jce_policy-8.zip
./lang/oracle-jre8/distinfo jre-8u202-linux-i586.tar.gz
./lang/oracle-jre8/distinfo jre-8u202-linux-x64.tar.gz
./lang/oracle-jre8/distinfo jre-8u202-macosx-x64.tar.gz
./lang/oracle-jre8/distinfo jre-8u202-solaris-x64.tar.gz
./lang/oracle-jdk8/distinfo jdk-8u202-linux-i586.tar.gz
./lang/oracle-jdk8/distinfo jdk-8u202-linux-x64.tar.gz
./lang/oracle-jdk8/distinfo jdk-8u202-solaris-x64.tar.gz
./lang/ghc80/distinfo ghc-7.10.3-boot-x86_64-unknown-solaris2.tar.xz
./lang/ghc80/distinfo ghc-8.0.2-boot-i386-unknown-freebsd.tar.xz
./lang/ghc80/distinfo ghc-8.0.2-boot-x86_64-unknown-freebsd.tar.xz
./lang/gcc5-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2
./lang/gcc5-aux/distinfo ada-bootstrap.i386.freebsd.84.tar.bz2
./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.dragonfly.41.tar.bz2
./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2
./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2
./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2
./lang/rust/distinfo rust-1.53.0-aarch64-apple-darwin.tar.gz
./lang/rust/distinfo rust-1.53.0-aarch64-unknown-linux-gnu.tar.gz
./lang/rust/distinfo rust-1.53.0-aarch64-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-1.53.0-aarch64_be-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-1.53.0-arm-unknown-linux-gnueabihf.tar.gz
./lang/rust/distinfo rust-1.53.0-armv7-unknown-linux-gnueabihf.tar.gz
./lang/rust/distinfo rust-1.53.0-i686-unknown-linux-gnu.tar.gz
./lang/rust/distinfo rust-1.53.0-powerpc-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-1.53.0-powerpc-unknown-netbsd90.tar.gz
./lang/rust/distinfo rust-1.53.0-sparc64-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-1.53.0-x86_64-apple-darwin.tar.gz
./lang/rust/distinfo rust-1.53.0-x86_64-unknown-freebsd.tar.gz
./lang/rust/distinfo rust-1.53.0-x86_64-unknown-illumos.tar.gz
./lang/rust/distinfo rust-1.53.0-x86_64-unknown-linux-gnu.tar.gz
./lang/rust/distinfo rust-std-1.53.0-aarch64-apple-darwin.tar.gz
./lang/rust/distinfo rust-std-1.53.0-aarch64-unknown-linux-gnu.tar.gz
./lang/rust/distinfo rust-std-1.53.0-aarch64-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-std-1.53.0-aarch64_be-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-std-1.53.0-arm-unknown-linux-gnueabihf.tar.gz
./lang/rust/distinfo rust-std-1.53.0-armv7-unknown-linux-gnueabihf.tar.gz
./lang/rust/distinfo rust-std-1.53.0-i686-unknown-linux-gnu.tar.gz
./lang/rust/distinfo rust-std-1.53.0-powerpc-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-std-1.53.0-powerpc-unknown-netbsd90.tar.gz
./lang/rust/distinfo rust-std-1.53.0-sparc64-unknown-netbsd.tar.gz
./lang/rust/distinfo rust-std-1.53.0-x86_64-apple-darwin.tar.gz
./lang/rust/distinfo rust-std-1.53.0-x86_64-unknown-freebsd.tar.gz
./lang/rust/distinfo rust-std-1.53.0-x86_64-unknown-linux-gnu.tar.gz
./lang/smlnj11072/distinfo smlnj-110.72/boot.ppc-unix.tgz
./lang/smlnj11072/distinfo smlnj-110.72/boot.sparc-unix.tgz
./lang/ghc84/distinfo ghc-8.0.2-boot-x86_64-unknown-solaris2.tar.xz
./lang/ghc84/distinfo ghc-8.4.4-boot-i386-unknown-freebsd.tar.xz
./lang/ghc84/distinfo ghc-8.4.4-boot-x86_64-apple-darwin.tar.xz
./lang/ghc84/distinfo ghc-8.4.4-boot-x86_64-unknown-freebsd.tar.xz
./lang/ghc7/distinfo ghc-7.10.3-boot-i386-unknown-freebsd.tar.xz
./lang/ghc7/distinfo ghc-7.6.3-boot-i386-unknown-solaris2.tar.xz
./lang/ghc7/distinfo ghc-7.6.3-boot-powerpc-apple-darwin.tar.xz
./lang/ghc7/distinfo ghc-7.6.3-boot-x86_64-unknown-solaris2.tar.xz
./lang/ghc90/distinfo ghc-8.10.4-boot-x86_64-unknown-solaris2.tar.xz
./lang/ghc90/distinfo ghc-9.0.1-boot-aarch64-unknown-netbsd.tar.xz
./lang/ghc90/distinfo ghc-9.0.1-boot-i386-unknown-freebsd.tar.xz
./lang/ghc90/distinfo ghc-9.0.1-boot-x86_64-apple-darwin.tar.xz
./lang/ghc90/distinfo ghc-9.0.1-boot-x86_64-unknown-freebsd.tar.xz
./lang/openjdk8/distinfo \ 
openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz
./lang/openjdk8/distinfo \ 
openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz
./lang/openjdk8/distinfo \ 
openjdk7/bootstrap-jdk-1.8.181-netbsd-8-aarch64-20180917.tar.xz
./lang/openjdk8/distinfo \ 
openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.6-amd64-20140719.tar.bz2
./lang/openjdk8/distinfo \ 
openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2
./lang/go-bin/distinfo go1.14.2.darwin-amd64.tar.gz
./lang/go-bin/distinfo go1.14.2.linux-386.tar.gz
./lang/go-bin/distinfo go1.14.2.linux-amd64.tar.gz
./lang/go-bin/distinfo go1.14.2.linux-arm64.tar.gz
./lang/go-bin/distinfo go1.14.2.linux-armv6l.tar.gz
./lang/go-bin/distinfo go1.14.2.netbsd-arm64.tar.gz
./lang/go-bin/distinfo go1.16beta1.darwin-arm64.tar.gz
./lang/gcc6-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2
./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.dragonfly.41.tar.bz2
./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2
./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2
./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2
./lang/ghc810/distinfo ghc-8.8.4-boot-x86_64-unknown-solaris2.tar.xz
./lang/sun-jre7/distinfo UnlimitedJCEPolicyJDK7.zip
./lang/sun-jre7/distinfo jre-7u80-linux-x64.tar.gz
./lang/sun-jre7/distinfo jre-7u80-solaris-i586.tar.gz
./lang/sun-jre7/distinfo jre-7u80-solaris-x64.tar.gz
./lang/ghc88/distinfo ghc-8.4.4-boot-i386-unknown-freebsd.tar.xz
./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-apple-darwin.tar.xz
./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-unknown-freebsd.tar.xz
./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-unknown-solaris2.tar.xz
./lang/gcc-aux/distinfo ada-bootstrap.i386.dragonfly.36A.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.i386.freebsd.84.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.x86_64.dragonfly.36A.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2
./lang/gcc-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2
./lang/gcc6/distinfo ecj-4.5.jar
./lang/openjdk11/distinfo bootstrap-jdk-1.11.0.7.10-netbsd-9-aarch64-20200509.tar.xz
./lang/sun-jdk7/distinfo jdk-7u80-linux-x64.tar.gz
./lang/sun-jdk7/distinfo jdk-7u80-solaris-i586.tar.gz
./lang/sun-jdk7/distinfo jdk-7u80-solaris-x64.tar.gz
   2021-10-07 16:21:17 by Nia Alarie | Files touched by this commit (282)
Log message:
lang: Remove SHA1 hashes for distfiles
   2021-06-29 14:41:07 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
python38: updated to 3.8.11

Python 3.8.11 final

Security

bpo-44022: mod:http.client now avoids infinitely reading potential HTTP headers \ 
after a 100 Continue status response from the server.
bpo-43882: The presence of newline or tab characters in parts of a URL could \ 
allow some forms of attacks.

Following the controlling specification for URLs defined by WHATWG \ 
urllib.parse() now removes ASCII newlines and tabs from URLs, preventing such \ 
attacks.
bpo-42800: Audit hooks are now fired for frame.f_code, traceback.tb_frame, and \ 
generator code/frame attribute access.

Core and Builtins

bpo-44070: No longer eagerly makes import filenames absolute, except for \ 
extension modules, which was introduced in 3.8.10.

Library

bpo-44061: Fix regression in previous release when calling \ 
pkgutil.iter_modules() with a list of pathlib.Path objects
   2021-05-04 07:16:07 by Adam Ciarcinski | Files touched by this commit (23) | Package updated
Log message:
python38: updated to 3.8.10

Python 3.8.10 final

Security
bpo-43434: Creating a sqlite3.Connection object now also produces a \ 
sqlite3.connect auditing event. Previously this event was only produced by \ 
sqlite3.connect() calls. Patch by Erlend E. Aasland.
bpo-43472: Ensures interpreter-level audit hooks receive the \ 
cpython.PyInterpreterState_New event when called through the _xxsubinterpreters \ 
module.
bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in \ 
urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has \ 
quadratic worst-case complexity and it allows cause a denial of service when \ 
identifying crafted invalid RFCs. This ReDoS issue is on the client side and \ 
needs remote attackers to control the HTTP server.

Core and Builtins
bpo-43105: Importlib now resolves relative paths when creating module spec \ 
objects from file locations.
bpo-42924: Fix bytearray repetition incorrectly copying data from the start of \ 
the buffer, even if the data is offset within the buffer (e.g. after reassigning \ 
a slice at the start of the bytearray to a shorter byte string).

Library
bpo-43993: Update bundled pip to 21.1.1.
bpo-43937: Fixed the turtle module working with non-default root window.
bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0
bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error \ 
message when cadata contains no valid certificate.
bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths.
bpo-43284: platform.win32_ver derives the windows version from \ 
sys.getwindowsversion().platform_version which in turn derives the version from \ 
kernel32.dll (which can be of a different version than Windows itself). \ 
Therefore change the platform.win32_ver to determine the version using the \ 
platform module’s _syscmd_ver private function to return an accurate version.
bpo-42248: [Enum] ensure exceptions raised in _missing__ are released
bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress \ 
deprecation warnings. Python requires OpenSSL 1.1.1 APIs.
bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0)
bpo-43789: OpenSSL 3.0.0: Don’t call the password callback function a second \ 
time when first call has signaled an error condition.
bpo-43788: The header files for ssl error codes are now OpenSSL \ 
version-specific. Exceptions will now show correct reason and library codes. The \ 
make_ssl_data.py script has been rewritten to use OpenSSL’s text file with \ 
error codes.
bpo-43655: tkinter dialog windows are now recognized as dialogs by window \ 
managers on macOS and X Window.
bpo-43534: turtle.textinput() and turtle.numinput() create now a transient \ 
window working on behalf of the canvas window.
bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy \ 
hostflags from struct SSL_CTX to struct SSL.
bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and \ 
urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a \ 
TypeError.
bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass \ 
with no fields. It is now correctly detected as an error.
bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting \ 
of SyntaxError with lineno not set (traceback was changed to match interpreter).
bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by \ 
Ma Lin.
bpo-26053: Fixed bug where the pdb interactive run command echoed the args from \ 
the shell command line, even if those have been overridden at the pdb prompt.
bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa.
bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit \ 
prefix IPv6Networks now returns a list containing the single Address instead of \ 
an empty list.
bpo-32745: Fix a regression in the handling of ctypes’ ctypes.c_wchar_p type: \ 
embedded null characters would cause a ValueError to be raised. Patch by Zackery \ 
Spytz.

Documentation
bpo-43959: The documentation on the PyContextVar C-API was clarified.
bpo-43938: Update dataclasses documentation to express that FrozenInstanceError \ 
is derived from AttributeError.
bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and \ 
initialize the pmodule variable to be of the right type.

Tests
bpo-43842: Fix a race condition in the SMTP test of test_logging. Don’t close \ 
a file descriptor (socket) from a different thread while asyncore.loop() is \ 
polling the file descriptor. Patch by Victor Stinner.
bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to \ 
speed up testing.
bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. \ 
Tests are failing with TLSV1_ALERT_INTERNAL_ERROR.

Windows
bpo-35306: Avoid raising errors from pathlib.Path.exists() when passed an \ 
invalid filename.
bpo-38822: Fixed os.stat() failing on inaccessible directories with a trailing \ 
slash, rather than falling back to the parent directory’s metadata. This \ 
implicitly affected os.path.exists() and os.path.isdir().
bpo-26227: Fixed decoding of host names in socket.gethostbyaddr() and \ 
socket.gethostbyname_ex().
bpo-43745: Actually updates Windows release to OpenSSL 1.1.1k. Earlier releases \ 
were mislabelled and actually included 1.1.1i again.
bpo-43492: Upgrade Windows installer to use SQLite 3.35.5.

macOS
bpo-44009: Provide “python3.x-intel64” executable to allow reliably forcing \ 
macOS universal2 framework builds to run under Rosetta 2 Intel-64 emulation on \ 
Apple Silicon Macs. This can be useful for testing or when universal2 wheels are \ 
not yet available.
bpo-41100: As of 3.8.10, Python now supports building and running on macOS 11 \ 
(Big Sur) and on Apple Silicon Macs (based on the ARM64 architecture). A new \ 
universal build variant, universal2, is also available to natively support both \ 
ARM64 and Intel 64 in one set of executables. This backport from Python 3.9 does \ 
not include support for “weaklinking”; to support a range of macOS versions, \ 
continue to target for and build on the oldest version in the range; for 3.8.x, \ 
the universal2 variant is only useful on macOS 11 or later.
bpo-43492: Update macOS installer to use SQLite 3.35.4.

IDLE
bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers \ 
on macOS and X Window.

C API
bpo-43962: _PyInterpreterState_IDIncref() now calls \ 
_PyInterpreterState_IDInitref() and always increments id_refcount. Previously, \ 
calling _xxsubinterpreters.get_current() could create an id_refcount \ 
inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. \ 
Patch by Victor Stinner.
   2021-04-03 08:22:06 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
python38: updated to 3.8.9

Python 3.8.9 final

Security

bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module which \ 
could be abused to read arbitrary files on the disk (directory traversal \ 
vulnerability). Moreover, even source code of Python modules can contain \ 
sensitive data like passwords. Vulnerability reported by David Schwörer.
bpo-43285: ftplib no longer trusts the IP address value returned from the server \ 
in response to the PASV command by default. This prevents a malicious FTP server \ 
from using the response to probe IPv4 address and port combinations on the \ 
client network.

Code that requires the former vulnerable behavior may set a \ 
trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to True \ 
to re-enable it.
bpo-43439: Add audit hooks for gc.get_objects(), gc.get_referrers() and \ 
gc.get_referents(). Patch by Pablo Galindo.

Core and Builtins
bpo-43660: Fix crash that happens when replacing sys.stderr with a callable that \ 
can remove the object while an exception is being printed. Patch by Pablo \ 
Galindo.
bpo-35883: Python no longer fails at startup with a fatal error if a command \ 
line argument contains an invalid Unicode character. The Py_DecodeLocale() \ 
function now escapes byte sequences which would be decoded as Unicode characters \ 
outside the [U+0000; U+10ffff] range.
bpo-43406: Fix a possible race condition where PyErr_CheckSignals tries to \ 
execute a non-Python signal handler.

Library
bpo-35930: Raising an exception raised in a “future” instance will create \ 
reference cycles.
bpo-43577: Fix deadlock when using ssl.SSLContext debug callback with \ 
ssl.SSLContext.sni_callback().
bpo-43423: subprocess.communicate() no longer raises an IndexError when there is \ 
an empty stdout or stderr IO buffer during a timeout on Windows.
bpo-27820: Fixed long-standing bug of smtplib.SMTP where doing AUTH LOGIN with \ 
initial_response_ok=False will fail.

The cause is that SMTP.auth_login _always_ returns a password if provided with a \ 
challenge string, thus non-compliant with the standard for AUTH LOGIN.

Also fixes bug with the test for smtpd.
bpo-43399: Fix ElementTree.extend not working on iterators when using the Python \ 
implementation
bpo-43316: The python -m gzip command line application now properly fails when \ 
detecting an unsupported extension. It exits with a non-zero exit code and \ 
prints an error message to stderr.
bpo-43260: Fix TextIOWrapper can not flush internal buffer forever after very \ 
large text is written.
bpo-42782: Fail fast in shutil.move() to avoid creating destination directories \ 
on failure.
bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn introduced in Python 3.7.

Documentation
bpo-43199: Answer “Why is there no goto?” in the Design and History FAQ.
bpo-43407: Clarified that a result from time.monotonic(), time.perf_counter(), \ 
time.process_time(), or time.thread_time() can be compared with the result from \ 
any following call to the same function - not just the next immediate call.
bpo-27646: Clarify that ‘yield from <expr>’ works with any iterable, \ 
not just iterators.
bpo-36346: Update some deprecated unicode APIs which are documented as “will \ 
be removed in 4.0” to “3.12”. See PEP 623 for detail.

Tests
bpo-37945: Fix test_getsetlocale_issue1813() of test_locale: skip the test if \ 
setlocale() fails. Patch by Victor Stinner.
bpo-41561: Add workaround for Ubuntu’s custom OpenSSL security level policy.

Build
bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
bpo-43617: Improve configure.ac: Check for presence of autoconf-archive package \ 
and remove our copies of M4 macros.

macOS
bpo-41837: Update macOS installer build to use OpenSSL 1.1.1j.

IDLE
bpo-42225: Document that IDLE can fail on Unix either from misconfigured IP \ 
masquerage rules or failure displaying complex colored (non-ascii) characters.
bpo-43283: Document why printing to IDLE’s Shell is often slower than printing \ 
to a system terminal and that it can be made faster by pre-formatting a single \ 
string before printing.