[Python-checkins] cpython (3.3): fix reordering

benjamin.peterson python-checkins at python.org
Sat Dec 5 03:27:51 EST 2015 

https://hg.python.org/cpython/rev/39a709f1ca3a
changeset:   99456:39a709f1ca3a
branch:      3.3
parent:      99452:2932933afbe1
user:        Benjamin Peterson <benjamin at python.org>
date:        Sat Dec 05 00:27:11 2015 -0800
summary:
  fix reordering

files:
  Misc/NEWS |  144 +++++++++++++++++++++---------------------
  1 files changed, 72 insertions(+), 72 deletions(-)


diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -47,82 +47,82 @@
 - Issue #23365: Fixed possible integer overflow in
   itertools.combinations_with_replacement.
 
+C API
+-----
+
+- Issue #23998: PyImport_ReInitLock() now checks for lock allocation error
+
+
+What's New in Python 3.3.6?
+===========================
+
+*Release date: 11-Oct-2014*
+
+Core and Builtins
+-----------------
+
+- Issue #22643: Fix integer overflow in Unicode case operations (upper, lower,
+  title, swapcase, casefold).
+
+- Issue #22518: Fixed integer overflow issues in "backslashreplace",
+  "xmlcharrefreplace", and "surrogatepass" error handlers.
+
+- Issue #22520: Fix overflow checking when generating the repr of a unicode
+  object.
+
+- Issue #22519: Fix overflow checking in PyBytes_Repr.
+
+- Issue #22518: Fix integer overflow issues in latin-1 encoding.
+
+- Issue #23165: Perform overflow checks before allocating memory in the
+  _Py_char2wchar function.
+
+Library
+-------
+
+- Issue #16043: Add a default limit for the amount of data xmlrpclib.gzip_decode
+  will return. This resolves CVE-2013-1753.
+
+- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
+  weakrefs.
+
+- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
+  65536 bytes and send a 414 error code for higher lengths. Patch contributed
+  by Devin Cook.
+
+- Lax cookie parsing in http.cookies could be a security issue when combined
+  with non-standard cookie handling in some Web browsers.  Reported by
+  Sergey Bobrov.
+
+- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
+  before checking for a CGI script at that path.
+
+- Issue #20633: Replace relative import by absolute import.
+
+- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
+  changes behavior of makedirs when exist_ok=True.
+
+- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
+  Patch by Claudiu Popa.
+
+- Issue #11599: When an external command (e.g. compiler) fails, distutils now
+  prints out the whole command line (instead of just the command name) if the
+  environment variable DISTUTILS_DEBUG is set.
+
+- Issue #4931: distutils should not produce unhelpful "error: None" messages
+  anymore.  distutils.util.grok_environment_error is kept but doc-deprecated.
+
+- Issue #20283: RE pattern methods now accept the string keyword parameters
+  as documented.  The pattern and source keyword parameters are left as
+  deprecated aliases.
+
+- Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
+  broken by the fix for security issue #19435.  Patch by Zach Byrne.
+
 - Issue #21529 (CVE-2014-4616): Fix arbitrary memory access in
   JSONDecoder.raw_decode with a negative second parameter. Bug reported by Guido
   Vranken.
 
-C API
------
-
-- Issue #23998: PyImport_ReInitLock() now checks for lock allocation error
-
-
-What's New in Python 3.3.6?
-===========================
-
-*Release date: 11-Oct-2014*
-
-Core and Builtins
------------------
-
-- Issue #22643: Fix integer overflow in Unicode case operations (upper, lower,
-  title, swapcase, casefold).
-
-- Issue #22518: Fixed integer overflow issues in "backslashreplace",
-  "xmlcharrefreplace", and "surrogatepass" error handlers.
-
-- Issue #22520: Fix overflow checking when generating the repr of a unicode
-  object.
-
-- Issue #22519: Fix overflow checking in PyBytes_Repr.
-
-- Issue #22518: Fix integer overflow issues in latin-1 encoding.
-
-- Issue #23165: Perform overflow checks before allocating memory in the
-  _Py_char2wchar function.
-
-Library
--------
-
-- Issue #16043: Add a default limit for the amount of data xmlrpclib.gzip_decode
-  will return. This resolves CVE-2013-1753.
-
-- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
-  weakrefs.
-
-- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
-  65536 bytes and send a 414 error code for higher lengths. Patch contributed
-  by Devin Cook.
-
-- Lax cookie parsing in http.cookies could be a security issue when combined
-  with non-standard cookie handling in some Web browsers.  Reported by
-  Sergey Bobrov.
-
-- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
-  before checking for a CGI script at that path.
-
-- Issue #20633: Replace relative import by absolute import.
-
-- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
-  changes behavior of makedirs when exist_ok=True.
-
-- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
-  Patch by Claudiu Popa.
-
-- Issue #11599: When an external command (e.g. compiler) fails, distutils now
-  prints out the whole command line (instead of just the command name) if the
-  environment variable DISTUTILS_DEBUG is set.
-
-- Issue #4931: distutils should not produce unhelpful "error: None" messages
-  anymore.  distutils.util.grok_environment_error is kept but doc-deprecated.
-
-- Issue #20283: RE pattern methods now accept the string keyword parameters
-  as documented.  The pattern and source keyword parameters are left as
-  deprecated aliases.
-
-- Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
-  broken by the fix for security issue #19435.  Patch by Zach Byrne.
-
 Tests
 -----
 

-- 
Repository URL: https://hg.python.org/cpython

More information about the Python-checkins mailing list