diff --git a/Include/patchlevel.h b/Include/patchlevel.h index 175dd99837a91d..29ff32305efe5a 100644 --- a/Include/patchlevel.h +++ b/Include/patchlevel.h @@ -18,12 +18,12 @@ /*--start constants--*/ #define PY_MAJOR_VERSION 3 #define PY_MINOR_VERSION 10 -#define PY_MICRO_VERSION 11 +#define PY_MICRO_VERSION 12 #define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL #define PY_RELEASE_SERIAL 0 /* Version as a string */ -#define PY_VERSION "3.10.11+" +#define PY_VERSION "3.10.12" /*--end constants--*/ /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2. diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py index 1637f382cf8812..51af8931ab3ec0 100644 --- a/Lib/pydoc_data/topics.py +++ b/Lib/pydoc_data/topics.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Autogenerated by Sphinx on Tue Apr 4 22:56:51 2023 +# Autogenerated by Sphinx on Tue Jun 6 23:30:19 2023 topics = {'assert': 'The "assert" statement\n' '**********************\n' '\n' @@ -11729,7 +11729,7 @@ 'followed by\n' ' the string itself.\n' '\n' - 'str.rsplit(sep=None, maxsplit=-1)\n' + 'str.rsplit(sep=None, maxsplit=- 1)\n' '\n' ' Return a list of the words in the string, using *sep* ' 'as the\n' @@ -11770,7 +11770,7 @@ " >>> 'Monty Python'.removesuffix(' Python')\n" " 'Monty'\n" '\n' - 'str.split(sep=None, maxsplit=-1)\n' + 'str.split(sep=None, maxsplit=- 1)\n' '\n' ' Return a list of the words in the string, using *sep* ' 'as the\n' @@ -12802,7 +12802,7 @@ ' points. All the code points in the range "U+0000 - ' 'U+10FFFF"\n' ' can be represented in a string. Python doesn’t have a ' - 'char\n' + '"char"\n' ' type; instead, every code point in the string is ' 'represented\n' ' as a string object with length "1". The built-in ' diff --git a/Misc/NEWS.d/3.10.12.rst b/Misc/NEWS.d/3.10.12.rst new file mode 100644 index 00000000000000..b111fe0702bb22 --- /dev/null +++ b/Misc/NEWS.d/3.10.12.rst @@ -0,0 +1,80 @@ +.. date: 2023-06-01-03-24-58 +.. gh-issue: 103142 +.. nonce: GLWDMX +.. release date: 2023-06-06 +.. section: Security + +The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u +to address several CVEs. + +.. + +.. date: 2023-05-02-17-56-32 +.. gh-issue: 99889 +.. nonce: l664SU +.. section: Security + +Fixed a security in flaw in :func:`uu.decode` that could allow for directory +traversal based on the input if no ``out_file`` was specified. + +.. + +.. date: 2023-05-01-15-03-25 +.. gh-issue: 104049 +.. nonce: b01Y3g +.. section: Security + +Do not expose the local on-disk location in directory indexes produced by +:class:`http.client.SimpleHTTPRequestHandler`. + +.. + +.. date: 2023-03-07-20-59-17 +.. gh-issue: 102153 +.. nonce: 14CLSZ +.. section: Security + +:func:`urllib.parse.urlsplit` now strips leading C0 control and space +characters following the specification for URLs defined by WHATWG in +response to CVE-2023-24329. Patch by Illia Volochii. + +.. + +.. date: 2023-04-27-20-03-08 +.. gh-issue: 103935 +.. nonce: Uaf2M0 +.. section: Library + +Use :func:`io.open_code` for files to be executed instead of raw +:func:`open` + +.. + +.. date: 2023-03-23-15-24-38 +.. gh-issue: 102953 +.. nonce: YR4KaK +.. section: Library + +The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`, +have a new a *filter* argument that allows limiting tar features than may be +surprising or dangerous, such as creating files outside the destination +directory. See :ref:`tarfile-extraction-filter` for details. + +.. + +.. date: 2023-05-28-19-08-42 +.. gh-issue: 89412 +.. nonce: j4cg7K +.. section: Documentation + +Add missing documentation for the ``end_lineno`` and ``end_offset`` +attributes of the :class:`traceback.TracebackException` class. + +.. + +.. date: 2023-04-05-15-59-46 +.. gh-issue: 103262 +.. nonce: nV83ub +.. section: Build + +Fixes Windows installer build to work with latest compilers. diff --git a/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst b/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst deleted file mode 100644 index d4bb955595138a..00000000000000 --- a/Misc/NEWS.d/next/Build/2023-04-05-15-59-46.gh-issue-103262.nV83ub.rst +++ /dev/null @@ -1 +0,0 @@ -Fixes Windows installer build to work with latest compilers. diff --git a/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst b/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst deleted file mode 100644 index 00937e58c98595..00000000000000 --- a/Misc/NEWS.d/next/Documentation/2023-05-28-19-08-42.gh-issue-89412.j4cg7K.rst +++ /dev/null @@ -1,2 +0,0 @@ -Add missing documentation for the ``end_lineno`` and ``end_offset`` attributes -of the :class:`traceback.TracebackException` class. diff --git a/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst b/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst deleted file mode 100644 index 48a105a4a17b29..00000000000000 --- a/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst +++ /dev/null @@ -1,4 +0,0 @@ -The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`, -have a new a *filter* argument that allows limiting tar features than may be -surprising or dangerous, such as creating files outside the destination -directory. See :ref:`tarfile-extraction-filter` for details. diff --git a/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst b/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst deleted file mode 100644 index 71b2d87249c47b..00000000000000 --- a/Misc/NEWS.d/next/Library/2023-04-27-20-03-08.gh-issue-103935.Uaf2M0.rst +++ /dev/null @@ -1 +0,0 @@ -Use :func:`io.open_code` for files to be executed instead of raw :func:`open` diff --git a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst b/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst deleted file mode 100644 index e57ac4ed3ac5d7..00000000000000 --- a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst +++ /dev/null @@ -1,3 +0,0 @@ -:func:`urllib.parse.urlsplit` now strips leading C0 control and space -characters following the specification for URLs defined by WHATWG in -response to CVE-2023-24329. Patch by Illia Volochii. diff --git a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst b/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst deleted file mode 100644 index 969deb26bfeb95..00000000000000 --- a/Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst +++ /dev/null @@ -1,2 +0,0 @@ -Do not expose the local on-disk location in directory indexes -produced by :class:`http.client.SimpleHTTPRequestHandler`. diff --git a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst b/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst deleted file mode 100644 index b7002e81b6b677..00000000000000 --- a/Misc/NEWS.d/next/Security/2023-05-02-17-56-32.gh-issue-99889.l664SU.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fixed a security in flaw in :func:`uu.decode` that could allow for -directory traversal based on the input if no ``out_file`` was specified. diff --git a/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst b/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst deleted file mode 100644 index 7e0836879e4f81..00000000000000 --- a/Misc/NEWS.d/next/Security/2023-06-01-03-24-58.gh-issue-103142.GLWDMX.rst +++ /dev/null @@ -1,2 +0,0 @@ -The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u -to address several CVEs. diff --git a/README.rst b/README.rst index 6451fab64b43a7..864d11990770d6 100644 --- a/README.rst +++ b/README.rst @@ -1,4 +1,4 @@ -This is Python version 3.10.11 +This is Python version 3.10.12 ============================== .. image:: https://travis-ci.com/python/cpython.svg?branch=master