Log Message:
python311: updated to 3.11.4

Python 3.11.4

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to \ 
1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory \ 
traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes \ 
produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space \ 
characters following the specification for URLs defined by WHATWG in response to \ 
CVE-2023-24329. Patch by Illia Volochii.
Core and Builtins
gh-105164: Ensure annotations are set up correctly if the only annotation in a \ 
block is within a match block. Patch by Jelle Zijlstra.
gh-104615: Fix wrong ordering of assignments in code like a, a = x, y. \ 
Contributed by Carl Meyer.
gh-104482: Fix three error handling bugs in ast.c’s validation of pattern \ 
matching statements.
gh-102818: Do not add a frame to the traceback in the sys.setprofile and \ 
sys.settrace trampoline functions. This ensures that frames are not duplicated \ 
if an exception is raised in the callback function, and ensures that frames are \ 
not omitted if a C callback is used and that does not add the frame.
gh-104405: Fix an issue where some bytecode instructions could ignore PEP 523 \ 
when “inlining” calls.
gh-104018: Disallow the “z” format specifier in %-format of bytes objects.
gh-103971: Fix an issue where incorrect locations numbers could be assigned to \ 
code following case blocks.
gh-102310: Change the error range for invalid bytes literals.
gh-103590: Do not wrap a single exception raised from a try-except* construct in \ 
an ExceptionGroup.
gh-101517: Fix bug in line numbers of instructions emitted for except*.
gh-103242: Migrate set_ecdh_curve() method not to use deprecated OpenSSL APIs. \ 
Patch by Dong-hee Na.
gh-102700: Allow built-in modules to be submodules. This allows submodules to be \ 
statically linked into a CPython binary.
gh-101857: Fix xattr support detection on Linux systems by widening the check to \ 
linux, not just glibc. This fixes support for musl.
gh-99184: Bypass instance attribute access of __name__ in repr of weakref.ref.
gh-96670: The parser now raises SyntaxError when parsing source code containing \ 
null bytes. Backported from aab01e3. Patch by Pablo Galindo
bpo-31821: Fix pause_reading() to work when called from connection_made() in asyncio.

Library
gh-105080: Fixed inconsistent signature on derived classes for inspect.signature()
gh-104874: Document the __name__ and __supertype__ attributes of typing.NewType. \ 
Patch by Jelle Zijlstra.
gh-104340: When an asyncio pipe protocol loses its connection due to an error, \ 
and the caller doesn’t await wait_closed() on the corresponding StreamWriter, \ 
don’t log a warning about an exception that was never retrieved. After all, \ 
according to the StreamWriter.close() docs, the wait_closed() call is optional \ 
(“not mandatory”).
gh-104372: Refactored the _posixsubprocess internals to avoid Python C API usage \ 
between fork and exec when marking pass_fds= file descriptors inheritable.
gh-75367: Fix data descriptor detection in inspect.getattr_static().
gh-104536: Fix a race condition in the internal multiprocessing.process cleanup \ 
logic that could manifest as an unintended AttributeError when calling \ 
process.close().
gh-104399: Prepare the _tkinter module for building with Tcl 9.0 and future \ 
libtommath by replacing usage of deprecated functions mp_to_unsigned_bin_n() and \ 
mp_unsigned_bin_size() when necessary.
gh-104307: socket.getnameinfo() now releases the GIL while contacting the DNS server
gh-87695: Fix issue where pathlib.Path.glob() raised OSError when it encountered \ 
a symlink to an overly long path.
gh-104265: Prevent possible crash by disallowing instantiation of the \ 
_csv.Reader and _csv.Writer types. The regression was introduced in 3.10.0a4 \ 
with PR 23224 (bpo-14935). Patch by Radislav Chugunov.
gh-104035: Do not ignore user-defined __getstate__ and __setstate__ methods for \ 
slotted frozen dataclasses.
gh-103987: In mmap, fix several bugs that could lead to access to memory-mapped \ 
files after they have been invalidated.
gh-103935: Use io.open_code() for files to be executed instead of raw open()
gh-100370: Fix potential OverflowError in sqlite3.Connection.blobopen() for \ 
32-bit builds. Patch by Erlend E. Aasland.
gh-103848: Add checks to ensure that [ bracketed ] hosts found by \ 
urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
gh-103872: Update the bundled copy of pip to version 23.1.2.
gh-103861: Fix zipfile.Zipfile creating invalid zip files when force_zip64 was \ 
used to add files to them. Patch by Carey Metcalfe.
gh-103685: Prepare tkinter.Menu.index() for Tk 8.7 so that it does not raise \ 
TclError: expected integer but got "" when it should return None.
gh-81403: urllib.request.CacheFTPHandler no longer raises URLError if a cached \ 
FTP instance is reused. ftplib’s endtransfer method calls voidresp to drain \ 
the connection to handle FTP instance reuse properly.
gh-103578: Fixed a bug where pdb crashes when reading source file with different \ 
encoding by replacing io.open() with io.open_code(). The new method would also \ 
call into the hook set by PyFile_SetOpenCodeHook().
gh-103556: Now creating inspect.Signature objects with positional-only parameter \ 
with a default followed by a positional-or-keyword parameter without one is \ 
impossible.
gh-103559: Update the bundled copy of pip to version 23.1.1.
gh-103365: Set default Flag boundary to STRICT and fix bitwise operations.
gh-103472: Avoid a potential ResourceWarning in http.client.HTTPConnection by \ 
closing the proxy / tunnel’s CONNECT response explicitly.
gh-103449: Fix a bug in doc string generation in dataclasses.dataclass().
gh-103256: Fixed a bug that caused hmac to raise an exception when the requested \ 
hash algorithm was not available in OpenSSL despite being available separately \ 
as part of hashlib itself. It now falls back properly to the built-in. This \ 
could happen when, for example, your OpenSSL does not include SHA3 support and \ 
you want to compute hmac.digest(b'K', b'M', 'sha3_256').
gh-103225: Fix a bug in pdb when displaying line numbers of module-level source code.
gh-93910: Remove deprecation of enum memmber.member access.
gh-102978: Fixes unittest.mock.patch() not enforcing function signatures for \ 
methods decorated with @classmethod or @staticmethod when patch is called with \ 
autospec=True.
gh-103204: Fixes http.server accepting HTTP requests with HTTP version numbers \ 
preceded by ‘+’, or ‘-’, or with digit-separating ‘_’ characters. \ 
The length of the version numbers is also constrained.
gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have \ 
a new a filter argument that allows limiting tar features than may be surprising \ 
or dangerous, such as creating files outside the destination directory. See \ 
Extraction filters for details.
gh-101640: argparse.ArgumentParser now catches errors when writing messages, \ 
such as when sys.stderr is None. Patch by Oleg Iarygin.
gh-96522: Fix potential deadlock in pty.spawn()
gh-87474: Fix potential file descriptor leaks in subprocess.Popen.

Documentation
gh-89455: Add missing documentation for the max_group_depth and max_group_width \ 
parameters and the exceptions attribute of the traceback.TracebackException \ 
class.
gh-89412: Add missing documentation for the end_lineno and end_offset attributes \ 
of the traceback.TracebackException class.
gh-104943: Remove mentions of old Python versions in typing.NamedTuple.
gh-67056: Document that the effect of registering or unregistering an atexit \ 
cleanup function from within a registered cleanup function is undefined.
gh-48241: Clarifying documentation about the url parameter to \ 
urllib.request.urlopen and urllib.request.Requst needing to be encoded properly.

Tests
gh-104494: Update test_pack_configure_in and test_place_configure_in for changes \ 
to error message formatting in Tk 8.7.
gh-104461: Run test_configure_screen on X11 only, since the DISPLAY environment \ 
variable and -screen option for toplevels are not useful on Tk for Win32 or \ 
Aqua.
gh-103329: Regression tests for the behaviour of unittest.mock.PropertyMock were \ 
added.
gh-85984: Utilize new “winsize” functions from termios in pty tests.
gh-75729: Fix the os.spawn* tests failing on Windows when the working directory \ 
or interpreter path contains spaces.

Build
gh-90005: Fix a regression in configure where we could end up unintentionally \ 
linking with libbsd.
gh-104106: Add gcc fallback of mkfifoat/mknodat for macOS. Patch by Dong-hee Na.
gh-99069: Extended workaround defining static_assert when missing from the libc \ 
headers to all clang and gcc builds. In particular, this fixes building on macOS \ 
<= 10.10.

Windows
gh-105146: Updated the links at the end of the installer to point to Discourse \ 
rather than the mailing lists.
gh-104623: Update Windows installer to use SQLite 3.42.0.
gh-102997: Update Windows installer to use SQLite 3.41.2.
gh-88013: Fixed a bug where TypeError was raised when calling ntpath.realpath() \ 
with a bytes parameter in some cases.

macOS
gh-103142: Update macOS installer to use OpenSSL 1.1.1u.
gh-104623: Update macOS installer to SQLite 3.42.0.
gh-102997: Update macOS installer to SQLite 3.41.2.

IDLE
gh-104719: Remove IDLE’s modification of tokenize.tabsize and test other uses \ 
of tokenize data and methods.
gh-104499: Fix completions for Tk Aqua 8.7 (currently blank).
gh-104496: About prints both tcl and tk versions if different (expected someday).
gh-88496: Fix IDLE test hang on macOS.