summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorŁukasz Langa <lukasz@langa.pl>2023-08-24 19:51:41 +0200
committerŁukasz Langa <lukasz@langa.pl>2023-08-24 19:59:28 +0200
commit376d66eb5080cf8076d767b0916c103463343963 (patch)
tree1ff31a104de6f447c9795e3d52ae8fd01f2f5994
parentFix invalid string escape (diff)
downloadcpython-376d66eb5080cf8076d767b0916c103463343963.tar.gz
cpython-376d66eb5080cf8076d767b0916c103463343963.tar.bz2
cpython-376d66eb5080cf8076d767b0916c103463343963.zip
Python 3.9.18v3.9.18
-rw-r--r--Include/patchlevel.h4
-rw-r--r--Misc/NEWS.d/3.9.18.rst44
-rw-r--r--Misc/NEWS.d/next/C API/2022-11-20-09-52-50.gh-issue-99612.eBHksg.rst2
-rw-r--r--Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst3
-rw-r--r--Misc/NEWS.d/next/Security/2023-08-22-17-39-12.gh-issue-108310.fVM3sg.rst7
-rw-r--r--Misc/NEWS.d/next/Tools-Demos/2023-08-12-13-18-15.gh-issue-107565.Tv22Ne.rst2
-rw-r--r--README.rst2
7 files changed, 47 insertions, 17 deletions
diff --git a/Include/patchlevel.h b/Include/patchlevel.h
index 708d06aba55..041ba6eb173 100644
--- a/Include/patchlevel.h
+++ b/Include/patchlevel.h
@@ -18,12 +18,12 @@
/*--start constants--*/
#define PY_MAJOR_VERSION 3
#define PY_MINOR_VERSION 9
-#define PY_MICRO_VERSION 17
+#define PY_MICRO_VERSION 18
#define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL
#define PY_RELEASE_SERIAL 0
/* Version as a string */
-#define PY_VERSION "3.9.17+"
+#define PY_VERSION "3.9.18"
/*--end constants--*/
/* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
diff --git a/Misc/NEWS.d/3.9.18.rst b/Misc/NEWS.d/3.9.18.rst
new file mode 100644
index 00000000000..e7403220b8d
--- /dev/null
+++ b/Misc/NEWS.d/3.9.18.rst
@@ -0,0 +1,44 @@
+.. date: 2023-08-22-17-39-12
+.. gh-issue: 108310
+.. nonce: fVM3sg
+.. release date: 2023-08-24
+.. section: Security
+
+Fixed an issue where instances of :class:`ssl.SSLSocket` were vulnerable to
+a bypass of the TLS handshake and included protections (like certificate
+verification) and treating sent unencrypted data as if it were
+post-handshake TLS encrypted data. Security issue reported as
+`CVE-2023-40217
+<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217>`_ by Aapo
+Oksman. Patch by Gregory P. Smith.
+
+..
+
+.. date: 2023-08-10-17-36-22
+.. gh-issue: 107845
+.. nonce: dABiMJ
+.. section: Library
+
+:func:`tarfile.data_filter` now takes the location of symlinks into account
+when determining their target, so it will no longer reject some valid
+tarballs with ``LinkOutsideDestinationError``.
+
+..
+
+.. date: 2023-08-12-13-18-15
+.. gh-issue: 107565
+.. nonce: Tv22Ne
+.. section: Tools/Demos
+
+Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10,
+and 3.1.2.
+
+..
+
+.. date: 2022-11-20-09-52-50
+.. gh-issue: 99612
+.. nonce: eBHksg
+.. section: C API
+
+Fix :c:func:`PyUnicode_DecodeUTF8Stateful` for ASCII-only data:
+``*consumed`` was not set.
diff --git a/Misc/NEWS.d/next/C API/2022-11-20-09-52-50.gh-issue-99612.eBHksg.rst b/Misc/NEWS.d/next/C API/2022-11-20-09-52-50.gh-issue-99612.eBHksg.rst
deleted file mode 100644
index 40e3c8db540..00000000000
--- a/Misc/NEWS.d/next/C API/2022-11-20-09-52-50.gh-issue-99612.eBHksg.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix :c:func:`PyUnicode_DecodeUTF8Stateful` for ASCII-only data:
-``*consumed`` was not set.
diff --git a/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst b/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst
deleted file mode 100644
index 32c1fb93f4a..00000000000
--- a/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-:func:`tarfile.data_filter` now takes the location of symlinks into account
-when determining their target, so it will no longer reject some valid
-tarballs with ``LinkOutsideDestinationError``.
diff --git a/Misc/NEWS.d/next/Security/2023-08-22-17-39-12.gh-issue-108310.fVM3sg.rst b/Misc/NEWS.d/next/Security/2023-08-22-17-39-12.gh-issue-108310.fVM3sg.rst
deleted file mode 100644
index 403c77a9d48..00000000000
--- a/Misc/NEWS.d/next/Security/2023-08-22-17-39-12.gh-issue-108310.fVM3sg.rst
+++ /dev/null
@@ -1,7 +0,0 @@
-Fixed an issue where instances of :class:`ssl.SSLSocket` were vulnerable to
-a bypass of the TLS handshake and included protections (like certificate
-verification) and treating sent unencrypted data as if it were
-post-handshake TLS encrypted data. Security issue reported as
-`CVE-2023-40217
-<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217>`_ by
-Aapo Oksman. Patch by Gregory P. Smith.
diff --git a/Misc/NEWS.d/next/Tools-Demos/2023-08-12-13-18-15.gh-issue-107565.Tv22Ne.rst b/Misc/NEWS.d/next/Tools-Demos/2023-08-12-13-18-15.gh-issue-107565.Tv22Ne.rst
deleted file mode 100644
index c43ee680e81..00000000000
--- a/Misc/NEWS.d/next/Tools-Demos/2023-08-12-13-18-15.gh-issue-107565.Tv22Ne.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10,
-and 3.1.2.
diff --git a/README.rst b/README.rst
index d81e130615d..6ecc75d55b0 100644
--- a/README.rst
+++ b/README.rst
@@ -1,4 +1,4 @@
-This is Python version 3.9.17
+This is Python version 3.9.18
=============================
.. image:: https://travis-ci.org/python/cpython.svg?branch=3.9