summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Include/patchlevel.h4
-rw-r--r--Misc/NEWS.d/3.9.19.rst149
-rw-r--r--Misc/NEWS.d/next/Core and Builtins/2023-10-27-19-38-33.gh-issue-102388.vd5YUZ.rst1
-rw-r--r--Misc/NEWS.d/next/Documentation/2024-02-14-20-17-04.gh-issue-115399.fb9a0R.rst1
-rw-r--r--Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst2
-rw-r--r--Misc/NEWS.d/next/Library/2023-08-03-12-52-19.gh-issue-107077.-pzHD6.rst6
-rw-r--r--Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst3
-rw-r--r--Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst3
-rw-r--r--Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst2
-rw-r--r--Misc/NEWS.d/next/Library/2024-02-09-19-41-48.gh-issue-115197.20wkWH.rst2
-rw-r--r--Misc/NEWS.d/next/Security/2024-01-02-19-52-23.gh-issue-113659.DkmnQc.rst1
-rw-r--r--Misc/NEWS.d/next/Security/2024-02-13-15-14-39.gh-issue-115399.xT-scP.rst1
-rw-r--r--Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst8
-rw-r--r--Misc/NEWS.d/next/Tools-Demos/2023-09-27-23-31-54.gh-issue-109991.sUUYY8.rst2
-rw-r--r--Misc/NEWS.d/next/Windows/2023-09-29-10-35-29.gh-issue-109991.GmuzGZ.rst4
-rw-r--r--Misc/NEWS.d/next/Windows/2024-02-01-14-35-05.gh-issue-111239.SO7SUF.rst1
-rw-r--r--README.rst2
17 files changed, 152 insertions, 40 deletions
diff --git a/Include/patchlevel.h b/Include/patchlevel.h
index 1d1aa0e2e96..5b5ef557639 100644
--- a/Include/patchlevel.h
+++ b/Include/patchlevel.h
@@ -18,12 +18,12 @@
/*--start constants--*/
#define PY_MAJOR_VERSION 3
#define PY_MINOR_VERSION 9
-#define PY_MICRO_VERSION 18
+#define PY_MICRO_VERSION 19
#define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL
#define PY_RELEASE_SERIAL 0
/* Version as a string */
-#define PY_VERSION "3.9.18+"
+#define PY_VERSION "3.9.19"
/*--end constants--*/
/* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
diff --git a/Misc/NEWS.d/3.9.19.rst b/Misc/NEWS.d/3.9.19.rst
new file mode 100644
index 00000000000..26737f53cd7
--- /dev/null
+++ b/Misc/NEWS.d/3.9.19.rst
@@ -0,0 +1,149 @@
+.. date: 2024-02-18-03-14-40
+.. gh-issue: 115398
+.. nonce: tzvxH8
+.. release date: 2024-03-19
+.. section: Security
+
+Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding
+five new methods:
+
+* :meth:`xml.etree.ElementTree.XMLParser.flush`
+* :meth:`xml.etree.ElementTree.XMLPullParser.flush`
+* :meth:`xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
+* :meth:`xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
+* :meth:`xml.sax.expatreader.ExpatParser.flush`
+
+..
+
+.. date: 2024-02-13-15-14-39
+.. gh-issue: 115399
+.. nonce: xT-scP
+.. section: Security
+
+Update bundled libexpat to 2.6.0
+
+..
+
+.. date: 2024-01-02-19-52-23
+.. gh-issue: 113659
+.. nonce: DkmnQc
+.. section: Security
+
+Skip ``.pth`` files with names starting with a dot or hidden file attribute.
+
+..
+
+.. date: 2023-10-27-19-38-33
+.. gh-issue: 102388
+.. nonce: vd5YUZ
+.. section: Core and Builtins
+
+Fix a bug where ``iso2022_jp_3`` and ``iso2022_jp_2004`` codecs read out of
+bounds
+
+..
+
+.. date: 2024-02-09-19-41-48
+.. gh-issue: 115197
+.. nonce: 20wkWH
+.. section: Library
+
+``urllib.request`` no longer resolves the hostname before checking it
+against the system's proxy bypass list on macOS and Windows.
+
+..
+
+.. date: 2024-02-08-14-21-28
+.. gh-issue: 115133
+.. nonce: ycl4ko
+.. section: Library
+
+Fix tests for :class:`~xml.etree.ElementTree.XMLPullParser` with Expat
+2.6.0.
+
+..
+
+.. date: 2023-12-01-16-09-59
+.. gh-issue: 81194
+.. nonce: FFad1c
+.. section: Library
+
+Fix a crash in :func:`socket.if_indextoname` with specific value (UINT_MAX).
+Fix an integer overflow in :func:`socket.if_indextoname` on 64-bit
+non-Windows platforms.
+
+..
+
+.. date: 2023-09-28-13-15-51
+.. gh-issue: 109858
+.. nonce: 43e2dg
+.. section: Library
+
+Protect :mod:`zipfile` from "quoted-overlap" zipbomb. It now raises
+BadZipFile when try to read an entry that overlaps with other entry or
+central directory.
+
+..
+
+.. date: 2023-08-03-12-52-19
+.. gh-issue: 107077
+.. nonce: -pzHD6
+.. section: Library
+
+Seems that in some conditions, OpenSSL will return ``SSL_ERROR_SYSCALL``
+instead of ``SSL_ERROR_SSL`` when a certification verification has failed,
+but the error parameters will still contain ``ERR_LIB_SSL`` and
+``SSL_R_CERTIFICATE_VERIFY_FAILED``. We are now detecting this situation and
+raising the appropiate ``ssl.SSLCertVerificationError``. Patch by Pablo
+Galindo
+
+..
+
+.. date: 2022-12-01-16-57-44
+.. gh-issue: 91133
+.. nonce: LKMVCV
+.. section: Library
+
+Fix a bug in :class:`tempfile.TemporaryDirectory` cleanup, which now no
+longer dereferences symlinks when working around file system permission
+errors.
+
+..
+
+.. date: 2024-02-14-20-17-04
+.. gh-issue: 115399
+.. nonce: fb9a0R
+.. section: Documentation
+
+Document CVE-2023-52425 of Expat <2.6.0 under "XML vulnerabilities".
+
+..
+
+.. date: 2024-02-01-14-35-05
+.. gh-issue: 111239
+.. nonce: SO7SUF
+.. section: Windows
+
+Update Windows builds to use zlib v1.3.1.
+
+..
+
+.. date: 2023-09-29-10-35-29
+.. gh-issue: 109991
+.. nonce: GmuzGZ
+.. section: Windows
+
+Windows builds now use OpenSSL 1.1.1w. Note that OpenSSL 1.1 has reached its
+end of life and no future fixes will be made, and this version of Python is
+no longer receiving maintenance fixes and will not be updated to OpenSSL
+3.0.
+
+..
+
+.. date: 2023-09-27-23-31-54
+.. gh-issue: 109991
+.. nonce: sUUYY8
+.. section: Tools/Demos
+
+Update GitHub CI workflows to use OpenSSL 3.0.11 and multissltests to use
+1.1.1w and 3.0.11.
diff --git a/Misc/NEWS.d/next/Core and Builtins/2023-10-27-19-38-33.gh-issue-102388.vd5YUZ.rst b/Misc/NEWS.d/next/Core and Builtins/2023-10-27-19-38-33.gh-issue-102388.vd5YUZ.rst
deleted file mode 100644
index 268a3d310f2..00000000000
--- a/Misc/NEWS.d/next/Core and Builtins/2023-10-27-19-38-33.gh-issue-102388.vd5YUZ.rst
+++ /dev/null
@@ -1 +0,0 @@
-Fix a bug where ``iso2022_jp_3`` and ``iso2022_jp_2004`` codecs read out of bounds
diff --git a/Misc/NEWS.d/next/Documentation/2024-02-14-20-17-04.gh-issue-115399.fb9a0R.rst b/Misc/NEWS.d/next/Documentation/2024-02-14-20-17-04.gh-issue-115399.fb9a0R.rst
deleted file mode 100644
index 587aea80216..00000000000
--- a/Misc/NEWS.d/next/Documentation/2024-02-14-20-17-04.gh-issue-115399.fb9a0R.rst
+++ /dev/null
@@ -1 +0,0 @@
-Document CVE-2023-52425 of Expat <2.6.0 under "XML vulnerabilities".
diff --git a/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst b/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst
deleted file mode 100644
index 7991048fc48..00000000000
--- a/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix a bug in :class:`tempfile.TemporaryDirectory` cleanup, which now no longer
-dereferences symlinks when working around file system permission errors.
diff --git a/Misc/NEWS.d/next/Library/2023-08-03-12-52-19.gh-issue-107077.-pzHD6.rst b/Misc/NEWS.d/next/Library/2023-08-03-12-52-19.gh-issue-107077.-pzHD6.rst
deleted file mode 100644
index ecaf437a48e..00000000000
--- a/Misc/NEWS.d/next/Library/2023-08-03-12-52-19.gh-issue-107077.-pzHD6.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Seems that in some conditions, OpenSSL will return ``SSL_ERROR_SYSCALL``
-instead of ``SSL_ERROR_SSL`` when a certification verification has failed,
-but the error parameters will still contain ``ERR_LIB_SSL`` and
-``SSL_R_CERTIFICATE_VERIFY_FAILED``. We are now detecting this situation and
-raising the appropiate ``ssl.SSLCertVerificationError``. Patch by Pablo
-Galindo
diff --git a/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst b/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst
deleted file mode 100644
index be279caffc4..00000000000
--- a/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Protect :mod:`zipfile` from "quoted-overlap" zipbomb. It now raises
-BadZipFile when try to read an entry that overlaps with other entry or
-central directory.
diff --git a/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst b/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst
deleted file mode 100644
index feb7a8643b9..00000000000
--- a/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst
+++ /dev/null
@@ -1,3 +0,0 @@
-Fix a crash in :func:`socket.if_indextoname` with specific value (UINT_MAX).
-Fix an integer overflow in :func:`socket.if_indextoname` on 64-bit
-non-Windows platforms.
diff --git a/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst b/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
deleted file mode 100644
index 6f1015235cc..00000000000
--- a/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Fix tests for :class:`~xml.etree.ElementTree.XMLPullParser` with Expat
-2.6.0.
diff --git a/Misc/NEWS.d/next/Library/2024-02-09-19-41-48.gh-issue-115197.20wkWH.rst b/Misc/NEWS.d/next/Library/2024-02-09-19-41-48.gh-issue-115197.20wkWH.rst
deleted file mode 100644
index e6ca3cc525d..00000000000
--- a/Misc/NEWS.d/next/Library/2024-02-09-19-41-48.gh-issue-115197.20wkWH.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-``urllib.request`` no longer resolves the hostname before checking it
-against the system's proxy bypass list on macOS and Windows.
diff --git a/Misc/NEWS.d/next/Security/2024-01-02-19-52-23.gh-issue-113659.DkmnQc.rst b/Misc/NEWS.d/next/Security/2024-01-02-19-52-23.gh-issue-113659.DkmnQc.rst
deleted file mode 100644
index 744687e7232..00000000000
--- a/Misc/NEWS.d/next/Security/2024-01-02-19-52-23.gh-issue-113659.DkmnQc.rst
+++ /dev/null
@@ -1 +0,0 @@
-Skip ``.pth`` files with names starting with a dot or hidden file attribute.
diff --git a/Misc/NEWS.d/next/Security/2024-02-13-15-14-39.gh-issue-115399.xT-scP.rst b/Misc/NEWS.d/next/Security/2024-02-13-15-14-39.gh-issue-115399.xT-scP.rst
deleted file mode 100644
index e8163b6f29c..00000000000
--- a/Misc/NEWS.d/next/Security/2024-02-13-15-14-39.gh-issue-115399.xT-scP.rst
+++ /dev/null
@@ -1 +0,0 @@
-Update bundled libexpat to 2.6.0
diff --git a/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst b/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst
deleted file mode 100644
index a40fcd35ef9..00000000000
--- a/Misc/NEWS.d/next/Security/2024-02-18-03-14-40.gh-issue-115398.tzvxH8.rst
+++ /dev/null
@@ -1,8 +0,0 @@
-Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding
-five new methods:
-
-* :meth:`xml.etree.ElementTree.XMLParser.flush`
-* :meth:`xml.etree.ElementTree.XMLPullParser.flush`
-* :meth:`xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
-* :meth:`xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
-* :meth:`xml.sax.expatreader.ExpatParser.flush`
diff --git a/Misc/NEWS.d/next/Tools-Demos/2023-09-27-23-31-54.gh-issue-109991.sUUYY8.rst b/Misc/NEWS.d/next/Tools-Demos/2023-09-27-23-31-54.gh-issue-109991.sUUYY8.rst
deleted file mode 100644
index eb69e36df9e..00000000000
--- a/Misc/NEWS.d/next/Tools-Demos/2023-09-27-23-31-54.gh-issue-109991.sUUYY8.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Update GitHub CI workflows to use OpenSSL 3.0.11 and multissltests to use
-1.1.1w and 3.0.11.
diff --git a/Misc/NEWS.d/next/Windows/2023-09-29-10-35-29.gh-issue-109991.GmuzGZ.rst b/Misc/NEWS.d/next/Windows/2023-09-29-10-35-29.gh-issue-109991.GmuzGZ.rst
deleted file mode 100644
index e5b4b46630e..00000000000
--- a/Misc/NEWS.d/next/Windows/2023-09-29-10-35-29.gh-issue-109991.GmuzGZ.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-Windows builds now use OpenSSL 1.1.1w. Note that OpenSSL 1.1 has reached its
-end of life and no future fixes will be made, and this version of Python is
-no longer receiving maintenance fixes and will not be updated to OpenSSL
-3.0.
diff --git a/Misc/NEWS.d/next/Windows/2024-02-01-14-35-05.gh-issue-111239.SO7SUF.rst b/Misc/NEWS.d/next/Windows/2024-02-01-14-35-05.gh-issue-111239.SO7SUF.rst
deleted file mode 100644
index ea82c3b941f..00000000000
--- a/Misc/NEWS.d/next/Windows/2024-02-01-14-35-05.gh-issue-111239.SO7SUF.rst
+++ /dev/null
@@ -1 +0,0 @@
-Update Windows builds to use zlib v1.3.1.
diff --git a/README.rst b/README.rst
index 6ecc75d55b0..592b98880af 100644
--- a/README.rst
+++ b/README.rst
@@ -1,4 +1,4 @@
-This is Python version 3.9.18
+This is Python version 3.9.19
=============================
.. image:: https://travis-ci.org/python/cpython.svg?branch=3.9