[issue11457] os.stat(): add new fields to get timestamps as Decimal objects with nanosecond resolution

Larry Hastings added the comment: Given Guido's rejection of PEP 410, this won't happen, so I'm closing this bug. Our BFDL has specifically rejected any of the complicated representations; he ruled that all we need are new _ns fields representing the time in nanoseconds, and

[issue11941] Support st_atim, st_mtim and st_ctim attributes in os.stat_result

Larry Hastings added the comment: Given Guido's rejection of PEP 410, this won't happen, so I'm closing this bug. Our BFDL has specifically rejected any of the complicated representations; he ruled that all we need are new _ns fields representing the time in nanoseconds, and

[issue13086] Update howto/cporting.rst so it talks about Python 3 instead of 3.0

Larry Hastings added the comment: Whoops--I hadn't updated my repo since last year, and someone had already changed to :c:macro:, :c:func:, and :c:type:. When will I learn! Attached is a new diff with those changes, against revision @4c6662090870 (on the 2.7 branch). Also, while I w

[issue13053] Add Capsule migration documentation to "cporting"

Larry Hastings added the comment: I have some more changes for cporting.rst (see #13086). Once those are in, I'll manually merge the edits over to 3.2, then forward-port to trunk. Does anyone want to see those as patches before I commit them? (Your silence will be interpreted as &quo

[issue11457] os.stat(): add new fields to get timestamps as Decimal objects with nanosecond resolution

Changes by Larry Hastings : -- status: open -> closed ___ Python tracker <http://bugs.python.org/issue11457> ___ ___ Python-bugs-list mailing list Unsubscri

[issue13086] Update howto/cporting.rst so it talks about Python 3 instead of 3.0

Larry Hastings added the comment: @eric.araujo: I talked to Brett about it. We don't pretend that Python 3.0 never existed; we tell people it's unsupported and unsuitable for production use. At his suggestion I added a statement to that effect, and left the rest the same.

[issue13053] Add Capsule migration documentation to "cporting"

Larry Hastings added the comment: Now checked in to 2.7, 3.2, and default. Thanks everyone! -- resolution: -> fixed status: open -> closed ___ Python tracker <http://bugs.python.org/i

[issue13086] Update howto/cporting.rst so it talks about Python 3 instead of 3.0

Larry Hastings added the comment: Now checked in to 2.7, 3.2, and default. Thanks everyone! -- resolution: -> fixed status: open -> closed ___ Python tracker <http://bugs.python.org/i

[issue13405] Add DTrace probes

Changes by Larry Hastings : -- nosy: +larry ___ Python tracker <http://bugs.python.org/issue13405> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue13964] os.utimensat() and os.futimes() should accept Decimal, drop os.futimens()

Larry Hastings added the comment: Um, doesn't the rejection of PEP 410 mean this should be discontinued? -- nosy: +larry ___ Python tracker <http://bugs.python.org/is

[issue13964] os.utimensat() and os.futimes() should accept (sec, nsec), drop os.futimens()

Larry Hastings added the comment: After Guido rejected 410 and said "let's just do nanoseconds, take it to the bug tracker" I created issue #14127. Your having changed this issue to be the same thing means that at least one of 'em is redundant. Could you engage on tha

[issue14127] os.stat and os.utime: allow preserving exact metadata

Larry Hastings added the comment: Actually, I'm hoping that by the time we get better than nanosecond resolution, we can also switch to 128-bit floats, and then the existing st_[acm]time field will become the preferred representation once more. What goes around comes a

[issue14127] os.stat and os.utime: allow preserving exact metadata

Larry Hastings added the comment: Well, Guido has already nixed future-proof formats, see his comments above: "I take full responsibility for fixing the precision at ns." So hope is all I have left. -- ___ Python tracker <http://bu

[issue14127] os.stat and os.utime: allow preserving exact metadata

Larry Hastings added the comment: I grant you that (int, float) is probably, theoretically better than (int, int). But it's academic as Guido has ruled against anything but a straight int representing nanoseconds, and I doubt he's gonna chang

[issue13964] os.utimensat() and os.futimes() should accept (sec, nsec), drop os.futimens()

Larry Hastings added the comment: I just asked Guido in person, and he says he never intended to suggest accepting a (sec, nsec) tuple. os.*utime* may accept atime and mtime as either float seconds-since-the-epoch, or int nanoseconds-since-the-epoch when passed in using the ns= named

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: > Larry, are you sprinting on this? I'd love to help. I am. Come on by--mi CPU es tu CPU! -- ___ Python tracker <http://bugs.python.org

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Guido suggested I break the work up into small patches. So here's the first patch: adds st_?time_ns fields to os.stat() result. Includes doc changes and a reasonable smoke-test in the regrtest suite; suite passes all expected tests. FYI I wasn't

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: I was notified by email of both Antoine's and Guido's reviews. -- ___ Python tracker <http://bugs.python.o

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: My revised patch, incorporating changes suggested by Antoine and Guido. -- Added file: http://bugs.python.org/file24859/larry.st_mtime_ns.patch.2.txt ___ Python tracker <http://bugs.python.org/issue14

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Attached is a second patch that adds keyword-only argument support to PyArg_ParseTupleAndKeywords. This was developed in isolation. The magic character is '$'; I would have used '*', but we already use '*' in the format stri

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Do you insist? It's a small patch, and I need it as a precondition to posting the... *third* patch in this series, which adds the ns= parameter to utime and its brothers. (Most of the patch is test and doc; it really only adds about twenty lines

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: A fresh patch for adding st_mtime_ns etc to os.stat output. This is the same as last night's patch but with fresh line numbers. (Generated against 44eba26951f6.) -- Added file: http://bugs.python.org/file24875/larry.st_mtime_ns.patch.

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

New submission from Larry Hastings : This has been split off from #14127 at Antoine's request. The attached patch adds support for keyword-only arguments to the PyArg_ParseTupleAndKeywords() family of functions. Includes doc and test. I used '$' to indicate "all param

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: I've created a separate issue for adding keyword-only parameter support to PyArg_ParseTupleAndKeywords, #14328. I've also posted a new patch to that issue incorporating Greg's suggestions. Please file all further comments regarding this topi

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: It frankly never occurred to me that you'd want mandatory keyword-only arguments. Implementing them as optional-only was easy; I'm not sure but making them possibly mandatory (or both!) might complicate matters. Is there a use ca

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: How about we leave it for now, and if we need it later we can fix the implementation. Adding that feature won't break existing calls--we'll just permit $ to occur before/without | in the for

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: BTW, I have the os.utime patch nearly ready for review; it works, it just needs doc and test. But it's dependent on this patch--and it'd be smoother if #14127 were finished too. So I'll hold off on posting the new patch until the fates o

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: Attached is r3 of my patch incorporated Benjamin's suggestions. > I want #14325 to go in first. Why do you care? If I get signoff before 14325 does please explain to me why I should wait. They don't touch the same lines; should be a clean mer

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Updated patch incorporating only one of Antoine's latest suggestions. Please see my reply on Reitveld for r3 as to why I skipped two of your three suggestions. -- Added file: http://bugs.python.org/file24884/larry.st_mtime_ns.patch.

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: > Shouldn't using vgetargs1 with '$' in the format string just be > an error? vgetargs1 doesn't know anything about keyword arguments. Thank you for catching that! Serves me right for search-and-destroy style development--I'm n

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Incorporated Greg's (hopefully) parting shot. Also put the "as an integer" back for the docs. Finally, munged the note about float seconds vs integer nanoseconds a bit; I think it's an improvement. Can I get the go ahea

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: Incorporated the latest round of suggestions from Benjamin's most recent--and very thorough!--review. Thanks, Benjamin! -- Added file: http://bugs.python.org/file24912/larry.parsekwonly.diff.5.txt ___ P

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: Anyone else? Or can I get the go-ahead? -- ___ Python tracker <http://bugs.python.org/issue14328> ___ ___ Python-bugs-list m

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Revision 7 of my patch. Incorporates all suggestions from Georg. Added "as an integer" in the docs to make Antoine happy. If I fail to create the "billion" int in INITFUNC, I return NULL and leak references. I figure this is fine,

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Incorporated Victor's reinstated assert suggestion. Fingers crossed. -- Added file: http://bugs.python.org/file24952/larry.st_mtime_ns.patch.8.txt ___ Python tracker <http://bugs.python.org/is

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: > The patch looks good to me. I was going to commit it > but then I realized that Larry is a core developer. Indeed; please permit me the pleasure of checking it in myself. That is, assuming I actually get the go-ahead someday. (Probably in the far

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Larry Hastings added the comment: Whoops! Actually, I did. But then I promptly forgot about them. They're now all incorporated; please see attached patch. -- Added file: http://bugs.python.org/file24955/larry.parsekwonly.diff.7.txt ___ P

[issue14328] Add keyword-only parameter support to PyArg_ParseTupleAndKeywords

Changes by Larry Hastings : -- keywords: -patch resolution: -> fixed stage: patch review -> committed/rejected status: open -> closed ___ Python tracker <http://bugs.python.or

[issue14127] add st_*time_ns fileds to os.stat(), add ns keyword to os.*utime*(), os.*utimens*() expects a number of nanoseconds

Larry Hastings added the comment: Sorry to let this slide but I just got back from vacation. Unless anybody has any more feedback I'm checking this in tomorrow (Wednesday April 4). Phew! -- ___ Python tracker <http://bugs.python.org/is

[issue36963] PyDict_GetItem SegFaults on simple dictionary lookup when using Ctypes

Larry Hastings added the comment: It's not surprising that you crashed the CPython interpreter by using ctypes--it's very easy to do by accident, or via a bug in your own code. That's why we don't accept crash reports involving ctypes. Also, it's rude to "nosy

[issue36963] PyDict_GetItem SegFaults on simple dictionary lookup when using Ctypes

Larry Hastings added the comment: Inada-san, while it is best to not call PyDict_ functions without holding the GIL, it doesn't matter unless one creates a second thread. The GIL doesn't even exist until Python creates a second thread. But, I too don't want bugs.python.

[issue37003] ast unparse does not support f-string new debug format.

Change by Larry Hastings : -- assignee: -> eric.smith nosy: +eric.smith ___ Python tracker <https://bugs.python.org/issue37003> ___ ___ Python-bugs-list mai

[issue33326] Convert collections (cmp_op, hasconst, hasname and others) in opcode module to more optimal type

Larry Hastings added the comment: Maynard is unsupported; it only understands the old bytecode format, pre-3.6 16-bit "wordcode". https://docs.python.org/3.6/whatsnew/3.6.html#optimizations -- ___ Python tracker <https://bu

[issue36816] self-signed.pythontest.net TLS certificate key is too weak

Larry Hastings added the comment: New changeset 221178aea686abf13ff92b7e2b5ed3e739a53b3f by larryhastings (Gregory P. Smith) in branch '3.5': [3.5] bpo-36816: Update the self-signed.pythontest.net cert (GH-13192) (#13200) https://github.com/python/cpyt

[issue35907] [security][CVE-2019-9948] Unnecessary URL scheme exists to allow local_file:// reading file in urllib

Larry Hastings added the comment: New changeset 4fe82a8eef7aed60de05bfca0f2c322730ea921e by larryhastings (Victor Stinner) in branch '3.5': bpo-35907, CVE-2019-9948: urllib rejects local_file:// scheme (GH-13474) (GH-13505) (#13510) https://github.com/python/cpyt

[issue36742] CVE-2019-10160: urlsplit NFKD normalization vulnerability in user:password@

Larry Hastings added the comment: New changeset 4655d576141ee56a69d2052431c636858fcb916a by larryhastings (Steve Dower) in branch '3.5': bpo-36742: Fixes handling of pre-normalization characters in urlsplit() (GH-13017) (#13042) https://github.com/python/cpyt

[issue30458] [security][CVE-2019-9740][CVE-2019-9947] HTTP Header Injection (follow-up of CVE-2016-5699)

Larry Hastings added the comment: New changeset afe3a4975cf93c97e5d6eb8800e48f368011d37a by larryhastings (Miro Hrončok) in branch '3.5': bpo-30458: Disallow control chars in http URLs. (GH-12755) (#13207) https://github.com/python/cpython/commit/afe3a4975cf93c97e5d6eb8800e48f

[issue29657] os.symlink: FileExistsError shows wrong message

Larry Hastings added the comment: "Special cases aren't special enough to break the rules." I want the error message to mirror the API, which it currently does. If we swapped them, the error message would now contradict the API. So no, I don't support swapping "sr

[issue30730] [security] Injecting environment variable in subprocess on Windows

Larry Hastings added the comment: Serhiy, I don't see where you got a full review of this change. Eryksun reviewed the code and asked for changes; you made the he asked for changes but didn't get any further review. Nor did you get a full review / "looks good to me"

[issue30730] [security] Injecting environment variable in subprocess on Windows

Larry Hastings added the comment: It seems that os.execve() still permits this, even on Windows. Shouldn't we solve it there too? (Thanks to Steve Dower for realizing this.) -- import os cmdline=["/usr/bin/printenv"] env={'a=b': 'c'} os.execve(cmdline[0]

[issue30730] [security] Injecting environment variable in subprocess on Windows

Larry Hastings added the comment: (never-mind, 3.6.1 still permits this, but I see that it's been fixed in trunk) -- ___ Python tracker <http://bugs.python.org/is

[issue30730] [security] Injecting environment variable in subprocess on Windows

Larry Hastings added the comment: New changeset fe82c46327effc124ff166e1fa1e611579e1176b by larryhastings (Serhiy Storchaka) in branch '3.4': [security][3.4] bpo-30730: Prevent environment variables injection in subprocess on Windows. (GH-2325) (#2362) https://github.com/python/cpyt

[issue30801] shoutdown process error with python 3.4 and pyqt/PySide

Larry Hastings added the comment: Python 3.4 no longer accepts bug fixes; it is in "security fixes only" mode. Since this is not a security fix, it will not be accepted into Python 3.4. If this bug affects other versions of Python, please file a new bug. Although, unless you

[issue26657] Directory traversal with http.server and SimpleHTTPServer on windows

Larry Hastings added the comment: Will this be backported to 3.3 or 3.6? I don't see a PR or checkin for either of those versions on this issue, and both those versions are open for security fixes.b -- nosy: +larry ___ Python tracker

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: I don't quite understand what's happening on this issue. I see that master, 3.6, 3.6, and 2.7 have been upgraded to expat 2.2.0. This issue was created to upgrade CPython to 2.2.0. But the PR against 3.3 and 3.4 upgrade expat to 2.2.1?! I

[issue30484] Garbage Collector can cause Segfault whilst iterating dictionary items

Larry Hastings added the comment: Yes, and thank you for submitting the PR to backport it to 3.4! (And thank you for backporting it to 3.3, too!) -- ___ Python tracker <http://bugs.python.org/issue30

[issue27945] Various segfaults with dict

Larry Hastings added the comment: New changeset f7344798e57da6b9c4ed9372e8eaecde80989c86 by larryhastings (Serhiy Storchaka) in branch '3.4': [3.4] [3.5] bpo-27945: Fixed various segfaults with dict. (GH-1657) (GH-1678) (#2248) https://github.com/python/cpyt

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: Please instead choose to use bpo-30694 for the upgrades of 3.3 and 3.4 to expat 2.2.1. I guess there are historical reasons why the PRs are here, but bpo stands as a historical record; let's not confuse posterity by upgrading to 2.2.1 using a bpo

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: Okay. Closing this bug, because all the branches that are being upgraded to expat 2.2.*0* have already gotten their upgrades. Job done. The discussions for PRs 2203 and 2204 should move to Issue #30694, which is for the upgrade to expat 2.2.*1

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: New changeset 71572bbe82aa0836c036d44d41c8269ba6a321be by larryhastings (Victor Stinner) in branch '3.4': [3.4] bpo-29591, bpo-30694: Upgrade Modules/expat to libexpat 2.2.1 (#2164) (#2203) https://github.com/python/cpyt

[issue30694] Update embedded copy of expat to 2.2.1

Larry Hastings added the comment: New changeset 71572bbe82aa0836c036d44d41c8269ba6a321be by larryhastings (Victor Stinner) in branch '3.4': [3.4] bpo-29591, bpo-30694: Upgrade Modules/expat to libexpat 2.2.1 (#2164) (#2203) https://github.com/python/cpyt

[issue30726] [Windows] Warnings in elementtree due to new expat

Larry Hastings added the comment: New changeset 71572bbe82aa0836c036d44d41c8269ba6a321be by larryhastings (Victor Stinner) in branch '3.4': [3.4] bpo-29591, bpo-30694: Upgrade Modules/expat to libexpat 2.2.1 (#2164) (#2203) https://github.com/python/cpyt

[issue30500] [security] urllib connects to a wrong host

Larry Hastings added the comment: New changeset cc54c1c0d2d05fe7404ba64c53df4b1352ed2262 by larryhastings (Victor Stinner) in branch '3.4': bpo-30500: urllib: Simplify splithost by calling into urlparse. (#1849) (#2291) https://github.com/python/cpyt

[issue26657] Directory traversal with http.server and SimpleHTTPServer on windows

Larry Hastings added the comment: New changeset 6f6bc1da8aaae52664e7747e328d26eb59c0e74f by larryhastings (Victor Stinner) in branch '3.4': bpo-26657: Fix Windows directory traversal vulnerability with http.server (#782) https://github.com/python/cpyt

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: Here, I'll remove 3.4 and 3.5 from the versions affected. Now everybody can be pedantic! -- versions: -Python 3.3, Python 3.4 ___ Python tracker <http://bugs.python.org/is

[issue29591] expat 2.2.0: Various security vulnerabilities in bundled expat (CVE-2016-0718 and CVE-2016-4472)

Larry Hastings added the comment: Correct. But technically 3.3 is being upgraded to 2.2.*1*, which is being tracked on--repeating myself here--Issue #30694. -- ___ Python tracker <http://bugs.python.org/issue29

[issue26617] Assertion failed in gc with __del__ and weakref

Larry Hastings added the comment: I'll accept this as a backport for 3.4. I'm convinced that, although the sample programs don't crash in release builds, the behavior is wrong and could be exploited. Will someone have time to create the PR in the next day or two? (It&#

[issue28427] WeakValueDictionary next bug (with multithreading)

Larry Hastings added the comment: I tested this in a freshly-built 3.4.6. Although it reproduced the behavior you're complaining about--it threw the assert in Armin's test.py, and Serhiy's issue28427.py prints an admonishing FAIL--neither test *crashes* CPython. So I'm

[issue30929] AttributeErrors after import in multithreaded environment

Larry Hastings added the comment: I'm closing this. It isn't a security issue, so it's not applicable for 3.4. 3.5 is about to close for bugfixes too, so you'd have to work very... quickly. If this applies to 3.6, figure out whether or not it's a duplicate of Is

[issue30939] Sphinx 1.6.3 deprecation warning for sphinx.util.compat.Directive in docs builds

Changes by Larry Hastings : -- pull_requests: +2781 ___ Python tracker <http://bugs.python.org/issue30939> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue26617] Assertion failed in gc with __del__ and weakref

Larry Hastings added the comment: New changeset 34fae03cd6c9e304e02c571b3bf9e8df0cfe76be by larryhastings (Serhiy Storchaka) in branch '3.4': [3.4] bpo-26617: Ensure gc tracking is off when invoking weakref callbacks. (#2695) https://github.com/python/cpyt

[issue26617] Assertion failed in gc with __del__ and weakref

Larry Hastings added the comment: Sorry for the delay in merging your PR. I believe Ned is planning to tag the next 3.3 rc1 tomorrow (Sunday). If you see this, and you have time, it'd be great if you could make a PR for the 3.3 backport. Note that 3.3 is probably *not* getting convert

[issue30939] Sphinx 1.6.3 deprecation warning for sphinx.util.compat.Directive in docs builds

Larry Hastings added the comment: New changeset 3b3a5a5b70dc468dcfacb17a3d6b342820b480ff by larryhastings (Ned Deily) in branch '3.4': bpo-30939: Avoid Sphinx deprecation warning in docs build. (#2721) (#2724) https://github.com/python/cpython/commit/3b3a5a5b70dc468dcfacb17a3d6b34

[issue30730] [security] Injecting environment variable in subprocess on Windows

Larry Hastings added the comment: New changeset b1549175ed30f2931e2bb980a7e3c360ed19e1c9 by larryhastings (Victor Stinner) in branch '3.4': [3.4] Backport CI config from master (#2475) https://github.com/python/cpython/commit/b1549175ed30f2931e2bb980a7e3c3

[issue30231] test_imaplib needs a TLS server accepting self-signed certificates

Larry Hastings added the comment: New changeset b1549175ed30f2931e2bb980a7e3c360ed19e1c9 by larryhastings (Victor Stinner) in branch '3.4': [3.4] Backport CI config from master (#2475) https://github.com/python/cpython/commit/b1549175ed30f2931e2bb980a7e3c360ed19e1c9 -- no

[issue30714] test_ssl fails with openssl 1.1.0f

Larry Hastings added the comment: I don't see how a fix for a *test* can be considered a *release blocker*. The PR literally doesn't change Python's behavior; it only modifies two text files and a test. There is no crash or exploitable security hole being

[issue30714] test_ssl fails with openssl 1.1.0f

Larry Hastings added the comment: Quoting from the Python Dev Guide: "As a guideline, critical and above are usually reserved for crashes, serious regressions or breakage of very important APIs. Whether a bug is a release blocker is a decision better left to the release manager so, i

[issue31000] Test failure in resource module on ZFS

New submission from Larry Hastings: I use Linux (Ubuntu GNOME, 17.04, 64-bit) on all my computers, and I use ZFS for the /home partition. While releasing 3.4.7rc1 and 3.5.4rc1, I encountered this test failure: % ./python -m test test_resource 0:00:00 load avg: 0.40 [1/1] test_resource test

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: * I was told that blurb needed to be in the core-workflow repo, that this was better than checking it in to CPython itself. Okay. If you want to debate the point, loop in Brett Cannon, he's the one with the strong opinions. * Ned has taken over th

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: > Sorry to say, but the assumption that pip should be used to be able to build > core python seems to be the wrong direction. I'm not sure I understand your position. External tools are only permissible if Debian packages exist for them? An

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: I guess it depends on what the upstream patches look like. If they're always coded against release tarballs and not against git repos, then they'll assume (correctly) that Misc/NEWS exists. In that case you shouldn't have to do anything.

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: What you're missing is that Misc/NEWS.d is removed from tarballs. We ship Misc/NEWS in tarballs but *not* Misc/NEWS.d. If you start with a CPython tarball (e.g. 3.5.4rc1), and then apply vendor-specific patches on top of that, and those patches include

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: We changed *revision control systems* "within subminor version updates". If your argument is "you mustn't add a new tool used to build the documentation until 3.7", you're not going to win that argument,

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: And, in the past, I'm not aware that the availability of tools in the Debian ecosystem has been a strong determining factor in the choice of tooling for CPython. In particular, I'm not aware of any tool in the Debian package ecosystem that would

[issue30119] (ftplib) A remote attacker could possibly attack by containing the newline characters

Larry Hastings added the comment: New changeset 2a5a26c87e82c7d9a348792891feccd1b5e9a769 by larryhastings (Dong-hee Na) in branch '3.4': [3.4] bpo-30119: fix ftplib.FTP.putline() to throw an error for a illegal command (#1214) (#2893) https://github.com/python/cpyt

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: New changeset 3de144890ad3bc50694368a1b33be6d7f3a780b3 by larryhastings (Ned Deily) in branch '3.5': [3.5] bpo-31036: use an existing Misc/NEWS rather than trying to use blurb (#2874) https://github.com/python/cpyt

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: This is marked as a release blocker for 3.4 and 3.5; however, Ned's Doc/Makefile change has been merged in both those versions. And no other branches have been "blurbified" yet. While we may improve the solution in the future, the fundament

[issue30876] SystemError on importing module from unloaded package

Larry Hastings added the comment: It seems this change broke the 3.5 build on AMD FreeBSD: http://buildbot.python.org/all/builders/AMD64%20FreeBSD%20CURRENT%20Debug%203.5 On the 3.5 branch, the previous revision (19b2890014d3098147d16475c492a47a43893768) built and tested successfully on July

[issue30876] SystemError on importing module from unloaded package

Larry Hastings added the comment: Okay, that's good news. That means I don't have to accept a fix for it in the 3.5 branch *after* 3.5 transitions to security-fixes-only mode tomorrow ;-) -- ___ Python tracker <http://bugs.python.o

[issue25910] Fixing links in documentation

Larry Hastings added the comment: New changeset 14167c9524bd65f231dfd85edc0b938c4781f42a by Larry Hastings (Mariatta) in branch '3.5': bpo-25910: Update LICENSE (GH-2873) (GH-2968) https://github.com/python/cpython/commit/14167c9524bd65f231dfd85edc0b938c4781f42a -- no

[issue31036] building the python docs requires the blurb module

Larry Hastings added the comment: New changeset abe7b60b80f5cb23f84a49f95ef6ce23521eed14 by Larry Hastings (Ned Deily) in branch '3.5': [3.5] bpo-31036: use an existing Misc/NEWS rather than trying to use blurb (#2874) https://github.com/python/cpyt

[issue30876] SystemError on importing module from unloaded package

Larry Hastings added the comment: If the change has been checked into the 3.5 branch, it'll go out with 3.5.5. TBH we should probably stop accepting bug fixes into a branch when it hits rc1 of "last release to accept bugfixes" (e.g. 3.5.4rc1). There are two or three bugf

[issue31106] os.posix_fallocate() generate exception with errno 0

Larry Hastings added the comment: New changeset d4b93e21c2664d6a78e0656e7a7be0807be1c352 by larryhastings (Коренберг Марк) in branch 'master': bpo-31106: Fix handling of erros in posix_fallocate() and posix_fadvise() (#3000) (#3000) https://github.com/python/cpyt

[issue31106] os.posix_fallocate() generate exception with errno 0

Changes by Larry Hastings : -- pull_requests: +3129 ___ Python tracker <http://bugs.python.org/issue31106> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue31106] os.posix_fallocate() generate exception with errno 0

Larry Hastings added the comment: You understand correctly. It won't be backported to Python 3.5. -- ___ Python tracker <http://bugs.python.org/is

[issue29169] update zlib to 1.2.11

Larry Hastings added the comment: New changeset d0e61bded5256e775e470e2c0da22367a1a81970 by larryhastings (Victor Stinner) in branch '3.4': bpo-29169: Update zlib to 1.2.11 (#3107) https://github.com/python/cpython/commit/d0e61bded5256e775e470e2c0da223

[issue31095] Checking all tp_dealloc with Py_TPFLAGS_HAVE_GC

Larry Hastings added the comment: Victor, what do you think, does this need a 3.5 backport? I'm inclined to say yes. -- ___ Python tracker <http://bugs.python.org/is

[issue31095] Checking all tp_dealloc with Py_TPFLAGS_HAVE_GC

Larry Hastings added the comment: I thought crashing bugs were generally considered security bugs. With a reliable crashing bug exploiting a reasonable module (e.g. not ctypes) you can crash Python instances in hosting services. If those instances are shared with other users (e.g. Google

[issue35746] [ssl][CVE-2019-5010] TALOS-2018-0758 Denial of Service

Larry Hastings added the comment: I can confirm this crashes a freshly-built interpreter from the current 3.5 and 3.4 branches. -- nosy: +larry ___ Python tracker <https://bugs.python.org/issue35

[issue20767] Some python extensions can't be compiled with clang 3.4

Larry Hastings added the comment: It's too late to fix this for Python 3.4 and 3.5, as those are now in security-fixes-only mode. Also, please don't select every possible component that could be remotely connected. -- components: -2to3 (2.x to 3.x conversion tool), Argum

<    1   2   3   4   5   6   7   8   9   10   >