Ubuntu
python3.7 package

Change logs for python3.7 source package in Disco

  1. Disco (19.04)
  2. Change log 
  • python3.7 (3.7.3-2ubuntu0.2) disco-security; urgency=medium

  * SECURITY UPDATE: incorrect email address parsing
    - debian/patches/CVE-2019-16056.patch: don't parse domains containing @
      in Lib/email/_header_value_parser.py, Lib/email/_parseaddr.py,
      Lib/test/test_email/test__header_value_parser.py,
      Lib/test/test_email/test_email.py.
    - CVE-2019-16056
  * SECURITY UPDATE: XSS in documentation XML-RPC server
    - debian/patches/CVE-2019-16935.patch: escape the server_title in
      Lib/xmlrpc/server.py, Lib/test/test_docxmlrpc.py.
    - CVE-2019-16935

 -- Marc Deslauriers <email address hidden>  Mon, 07 Oct 2019 08:56:13 -0400
  • python3.7 (3.7.3-2ubuntu0.1) disco-security; urgency=medium

  * SECURITY UPDATE: HTTP header injection
    - debian/patches/CVE-2019-9740.patch: disallow control chars in http
      URLs in Lib/http/client.py, Lib/test/test_urllib.py,
      Lib/test/test_xmlrpc.py.
    - CVE-2019-9740
    - CVE-2019-9947
  * SECURITY UPDATE: urllib support the local_file: scheme
    - debian/patches/CVE-2019-9948.patch: disallow file reading in
      Lib/urllib/request.py, Lib/test/test_urllib.py.
    - CVE-2019-9948
  * SECURITY UPDATE: incomplete fix for CVE-2019-9636
    - debian/patches/CVE-2019-10160-1.patch: fix handling of
      pre-normalization characters in urlsplit() in
      Lib/test/test_urlparse.py, Lib/urllib/parse.py.
    - debian/patches/CVE-2019-10160-2.patch: correct fix to handle
      decomposition in usernames in Lib/test/test_urlparse.py,
      Lib/urllib/parse.py.
    - CVE-2019-10160

 -- Marc Deslauriers <email address hidden>  Tue, 20 Aug 2019 13:04:43 -0400
  • python3.7 (3.7.3-2) unstable; urgency=medium

  * d/p/arm-alignment.diff: Don't allow unaligned memory accesses in the
    _sha3 extension (Dave Jones). LP: #1821869. Issue #36515.
  * Tweak the asyncio/ssl test again.

 -- Matthias Klose <email address hidden>  Wed, 03 Apr 2019 07:39:12 +0200
  • python3.7 (3.7.3-1ubuntu1) disco; urgency=medium

  * Tweak the asyncio/ssl test again.

 -- Matthias Klose <email address hidden>  Tue, 26 Mar 2019 21:05:42 +0100
  • python3.7 (3.7.3-1) unstable; urgency=medium

  * Python 3.7.3 release.
  * Work around issue #35988, reducing the payload size for the asyncio/ssl
    tests.

 -- Matthias Klose <email address hidden>  Tue, 26 Mar 2019 08:25:18 +0100
  • python3.7 (3.7.3~rc1-1) unstable; urgency=medium

  * Python 3.7.3 release candidate 1.
  * CVE-2019-9636. Fix issue #36216: Add check for characters in netloc that
    normalize to separators. Closes: #924072.
  * Use a build profile for libbluetooth-dev (<!pkg.python3.7.nobluetooth>).

 -- Matthias Klose <email address hidden>  Wed, 13 Mar 2019 12:01:15 +0100
  • python3.7 (3.7.2-3) unstable; urgency=medium

  * Update to 20190227 from the 3.7 branch.
  * Add more breaks for packages not compatible with Python 3.7:
    - xapers. Closes: #916914.
  * Move the test/ann_module{,2,3} modules into libpython-stdlib.
    Closes: #922285.
  * Limit the import checks for some extension modules to native builds.
    Closes: #921742.

 -- Matthias Klose <email address hidden>  Wed, 27 Feb 2019 16:41:59 +0100
  • python3.7 (3.7.2-2) unstable; urgency=medium

  * Update to 20190202 from the 3.7 branch.

 -- Matthias Klose <email address hidden>  Sat, 02 Feb 2019 15:31:48 +0100
  • python3.7 (3.7.2-1build1) disco; urgency=medium

  * No-change rebuild for readline soname change.

 -- Matthias Klose <email address hidden>  Mon, 14 Jan 2019 20:09:34 +0000
  • python3.7 (3.7.2-1) unstable; urgency=medium

  * Python 3.7.2 release.
  * Revert the link optimization changes which appeared after the
    release candidate.
  * Make the build compatible with sphinx 1.6.x.
  * Loosen the pyzo break. Closes: #916548.

 -- Matthias Klose <email address hidden>  Thu, 03 Jan 2019 03:55:40 +0100
  • python3.7 (3.7.2~rc1-1) unstable; urgency=medium

  * Python 3.7.2 release candidate 1.
  * Add more breaks for packages not compatible with Python 3.7:
    - python3-dns. Closes: #912988.
    - python3-dkim. Closes: #912084.
    - pyzo. Closes: #914332.
  * Update VCS attributes. Closes: #904097.
  * Update symbols files.

 -- Matthias Klose <email address hidden>  Wed, 12 Dec 2018 07:25:49 +0100
  • python3.7 (3.7.1-1) unstable; urgency=medium

  * Python 3.7.1 release.

 -- Matthias Klose <email address hidden>  Sun, 21 Oct 2018 10:03:53 +0200
  • python3.7 (3.7.1-1~18.10) cosmic-proposed; urgency=medium

  * SRU: LP: #1799202.

 -- Matthias Klose <email address hidden>  Mon, 22 Oct 2018 13:21:55 +0200
  • python3.7 (3.7.1~rc2-1) unstable; urgency=medium

  * Python 3.7.1 release candidate 2.

 -- Matthias Klose <email address hidden>  Mon, 15 Oct 2018 11:24:12 +0200