Changelog¶

gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file.

gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only garbage-collected once they are no longer referenced by subparsers created by ExternalEntityParserCreate(). Patch by Sebastian Pipping.

gh-135661: Fix parsing start and end tags in html.parser.HTMLParser according to the HTML5 standard.

• Whitespaces no longer accepted between </ and the tag name. E.g. </ script> does not end the script section.

• Vertical tabulation (\v) and non-ASCII whitespaces no longer recognized as whitespaces. The only whitespaces are \t\n\r\f and space.

• Null character (U+0000) no longer ends the tag name.

• Attributes and slashes after the tag name in end tags are now ignored, instead of terminating after the first > in quoted attribute value. E.g. </script/foo=">"/>.

• Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. <a foo=bar/ //>.

• Multiple = between attribute name and value are no longer collapsed. E.g. <a foo==bar> produces attribute “foo” with value “=bar”.

gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in foreign content (SVG or MathML) or as a bogus comment in the HTML namespace.

gh-102555: Fix comment parsing in html.parser.HTMLParser according to the HTML5 standard. --!> now ends the comment. -- > no longer ends the comment. Support abnormally ended empty comments <--> and <--->.

gh-135462: Fix quadratic complexity in processing specially crafted input in html.parser.HTMLParser. End-of-file errors are now handled according to the HTML5 specs – comments and declarations are automatically closed, tags are ignored.

gh-118350: Fix support of escapable raw text mode (elements “textarea” and “title”) in html.parser.HTMLParser.

gh-86155: html.parser.HTMLParser.close() no longer loses data when the <script> tag is not closed. Patch by Waylan Limberg.

gh-139312: Upgrade bundled libexpat to 2.7.3

gh-138998: Update bundled libexpat to 2.7.2

gh-130577: tarfile now validates archives to ensure member offsets are non-negative. (Contributed by Alexander Enrique Urieles Nieto in gh-130577.)

gh-135374: Update the bundled copy of setuptools to 79.0.1.

gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address.

gh-134062: ipaddress: fix collisions in __hash__() for IPv4Network and IPv6Network objects.

gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output according to RFC 3596, §2.5. Patch by Bénédikt Tran.

bpo-43633: Improve the textual representation of IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2) in ipaddress. Patch by Oleksandr Pavliuk.

gh-131809: Update bundled libexpat to 2.7.1

gh-131261: Upgrade to libexpat 2.7.0

gh-105704: When using urllib.parse.urlsplit() and urllib.parse.urlparse() host parsing would not reject domain names containing square brackets ([ and ]). Square brackets are only valid for IPv6 and IPvFuture hosts according to RFC 3986 Section 3.2.2.

gh-121284: Fix bug in the folding of rfc2047 encoded-words when flattening an email message using a modern email policy. Previously when an encoded-word was too long for a line, it would be decoded, split across lines, and re-encoded. But commas and other special characters in the original text could be left unencoded and unquoted. This could theoretically be used to spoof header lines using a carefully constructed encoded-word if the resulting rendered email was transmitted or re-parsed.

gh-80222: Fix bug in the folding of quoted strings when flattening an email message using a modern email policy. Previously when a quoted string was folded so that it spanned more than one line, the surrounding quotes and internal escapes would be omitted. This could theoretically be used to spoof header lines using a carefully constructed quoted string if the resulting rendered email was transmitted or re-parsed.

gh-119511: Fix a potential denial of service in the imaplib module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. On many systems this is harmless as unused virtual memory is only a mapping, but if this hit a virtual address size limit it could lead to a MemoryError or other process crash. On unusual systems or builds where all allocated memory is touched and backed by actual ram or storage it could’ve consumed resources doing so until similarly crashing.

gh-127257: In ssl, system call failures that OpenSSL reports using ERR_LIB_SYS are now raised as OSError.

gh-121277: Writers of CPython’s documentation can now use next as the version for the versionchanged, versionadded, deprecated directives.

gh-125041: Re-enable skipped tests for zlib on the s390x architecture: only skip checks of the compressed bytes, which can be different between zlib’s software implementation and the hardware-accelerated implementation.

gh-109396: Fix test_socket.test_hmac_sha1() in FIPS mode. Use a longer key: FIPS mode requires at least of at least 112 bits. The previous key was only 32 bits. Patch by Victor Stinner.

gh-126623: Upgrade libexpat to 2.6.4

gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified.

gh-124651: Properly quote template strings in venv activation scripts.

gh-103848: Add checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.

gh-119690: Fixes data type confusion in audit events raised by _winapi.CreateFile and _winapi.CreateNamedPipe.

gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash.

gh-112769: The tests now correctly compare zlib version when zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For example zlib-ng defines the version as 1.3.0.zlib-ng.

gh-117187: Fix XML tests for vanilla Expat <2.6.0.

gh-100454: Fix SSL tests CI for OpenSSL 3.1+

gh-112275: A deadlock involving pystate.c’s HEAD_LOCK in posixmodule.c at fork is now fixed. Patch by ChuBoning based on previous Python 3.12 fix by Victor Stinner.

gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods:

• xml.etree.ElementTree.XMLParser.flush()

• xml.etree.ElementTree.XMLPullParser.flush()

• xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()

• xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()

• xml.sax.expatreader.ExpatParser.flush()

gh-115399: Update bundled libexpat to 2.6.0

gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads.

gh-113659: Skip .pth files with names starting with a dot or hidden file attribute.

gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004 codecs read out of bounds

gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows.

gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.

gh-81194: Fix a crash in socket.if_indextoname() with specific value (UINT_MAX). Fix an integer overflow in socket.if_indextoname() on 64-bit non-Windows platforms.

gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now raises BadZipFile when try to read an entry that overlaps with other entry or central directory.

gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, which now no longer dereferences symlinks when working around file system permission errors.

gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”.

gh-111239: Update Windows builds to use zlib v1.3.1.

gh-109991: Windows builds now use OpenSSL 1.1.1w. Note that OpenSSL 1.1 has reached its end of life and no future fixes will be made, and this version of Python is no longer receiving maintenance fixes and will not be updated to OpenSSL 3.0.

gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.11 and multissltests to use 1.1.1w, 3.0.11, and 3.1.3.

gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith.

gh-107845: tarfile.data_filter() now takes the location of symlinks into account when determining their target, so it will no longer reject some valid tarballs with LinkOutsideDestinationError.

gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10, and 3.1.2.

gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data: *consumed was not set.

gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.

gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.

gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.

gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.

gh-103935: Use io.open_code() for files to be executed instead of raw open()

gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details.

gh-89412: Add missing documentation for the end_lineno and end_offset attributes of the traceback.TracebackException class.

gh-103262: Fixes Windows installer build to work with latest compilers.

gh-101727: Updated the OpenSSL version used in Windows and macOS binary release builds to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per the OpenSSL 2023-02-07 security advisory.

gh-101283: subprocess.Popen now uses a safer approach to find cmd.exe when launching with shell=True. Patch by Eryk Sun, based on a patch by Oleg Iarygin.

gh-102416: Do not memoize incorrectly automatically generated loop rules in the parser. Patch by Pablo Galindo.

gh-102356: Fix a bug that caused a crash when deallocating deeply nested filter objects. Patch by Marta Gómez Macías.

gh-102397: Fix segfault from race condition in signal handling during garbage collection. Patch by Kumar Aditya.

gh-102126: Fix deadlock at shutdown when clearing thread states if any finalizer tries to acquire the runtime head lock. Patch by Kumar Aditya.

gh-102027: Fix SSE2 and SSE3 detection in _blake2 internal module. Patch by Max Bachmann.

gh-101967: Fix possible segfault in positional_only_passed_as_keyword function, when new list created.

gh-101765: Fix SystemError / segmentation fault in iter __reduce__ when internal access of builtins.__dict__ keys mutates the iter object.

gh-102947: Improve traceback when dataclasses.fields() is called on a non-dataclass. Patch by Alex Waygood

gh-101979: Fix a bug where parentheses in the metavar argument to argparse.ArgumentParser.add_argument() were dropped. Patch by Yeojin Kim.

gh-102179: Fix os.dup2() error message for negative fds.

gh-101961: For the binary mode, fileinput.hookcompressed() doesn’t set the encoding value even if the value is None. Patch by Gihwan Kim.

gh-101936: The default value of fp becomes io.BytesIO if HTTPError is initialized without a designated fp parameter. Patch by Long Vo.

gh-101566: In zipfile, apply fix for extractall on the underlying zipfile after being wrapped in Path.

gh-101997: Upgrade pip wheel bundled with ensurepip (pip 23.0.1)

gh-101892: Callable iterators no longer raise SystemError when the callable object exhausts the iterator but forgets to either return a sentinel value or raise StopIteration.

gh-97786: Fix potential undefined behaviour in corner cases of floating-point-to-time conversions.

gh-101517: Fixed bug where bdb looks up the source line with linecache with a lineno=None, which causes it to fail with an unhandled exception.

gh-101673: Fix a pdb bug where ll clears the changes to local variables.

gh-96931: Fix incorrect results from ssl.SSLSocket.shared_ciphers()

gh-88233: Correctly preserve “extra” fields in zipfile regardless of their ordering relative to a zip64 “extra.”

gh-95495: When built against OpenSSL 3.0, the ssl module had a bug where it reported unauthenticated EOFs (i.e. without close_notify) as a clean TLS-level EOF. It now raises SSLEOFError, matching the behavior in previous versions of OpenSSL. The options attribute on SSLContext also no longer includes OP_IGNORE_UNEXPECTED_EOF by default. This option may be set to specify the previous OpenSSL 3.0 behavior.

gh-94440: Fix a concurrent.futures.process bug where ProcessPoolExecutor shutdown could hang after a future has been quickly submitted and canceled.

gh-103112: Add docstring to http.client.HTTPResponse.read() to fix pydoc output.

gh-85417: Update cmath documentation to clarify behaviour on branch cuts.

gh-97725: Fix asyncio.Task.print_stack() description for file=None. Patch by Oleg Iarygin.

gh-102980: Improve test coverage on pdb.

gh-102537: Adjust the error handling strategy in test_zoneinfo.TzPathTest.python_tzpath_context. Patch by Paul Ganssle.

gh-101377: Improved test_locale_calendar_formatweekday of calendar.

gh-102711: Fix -Wstrict-prototypes compiler warnings.

gh-101759: Update Windows installer to SQLite 3.40.1.

gh-101614: Correctly handle extensions built against debug binaries that reference python3_d.dll.

gh-103207: Add instructions to the macOS installer welcome display on how to workaround the macOS 13 Ventura “The installer encountered an error” failure.

gh-101759: Update macOS installer to SQLite 3.40.1.

gh-87235: On macOS python3 /dev/fd/9 9</path/to/script.py failed for any script longer than a couple of bytes.

gh-101400: Fix wrong lineno in exception message on continue or break which are not in a loop. Patch by Dong-hee Na.

gh-101372: Fix is_normalized() to properly handle the UCD 3.2.0 cases. Patch by Dong-hee Na.

gh-101046: Fix a possible memory leak in the parser when raising MemoryError. Patch by Pablo Galindo

gh-100942: Fixed segfault in property.getter/setter/deleter that occurred when a property subclass overrode the __new__ method to return a non-property instance.

gh-100892: Fix race while iterating over thread states in clearing threading.local. Patch by Kumar Aditya.

gh-100776: Fix misleading default value in input()’s __text_signature__.

gh-100374: Fix incorrect result and delay in socket.getfqdn(). Patch by Dominic Socular.

gh-100050: Honor existing errors obtained when searching for mismatching parentheses in the tokenizer. Patch by Pablo Galindo

bpo-32782: ctypes arrays of length 0 now report a correct itemsize when a memoryview is constructed from them, rather than always giving a value of 0.

gh-100795: Avoid potential unexpected freeaddrinfo call (double free) in socket when when a libc getaddrinfo() implementation leaves garbage in an output pointer when returning an error. Original patch by Sergey G. Brester.

gh-101143: Remove unused references to TimerHandle in asyncio.base_events.BaseEventLoop._add_callback.

gh-101144: Make zipfile.Path.open() and zipfile.Path.read_text() also accept encoding as a positional argument. This was the behavior in Python 3.9 and earlier. Earlier 3.10 versions had a regression where supplying it as a positional argument would lead to a TypeError.

gh-100573: Fix a Windows asyncio bug with named pipes where a client doing os.stat() on the pipe would cause an error in the server that disabled serving future requests.

gh-90104: Avoid RecursionError on repr if a dataclass field definition has a cyclic reference.

gh-100689: Fix crash in pyexpat by statically allocating PyExpat_CAPI capsule.

gh-100740: Fix unittest.mock.Mock not respecting the spec for attribute names prefixed with assert.

gh-86508: Fix asyncio.open_connection() to skip binding to local addresses of different family. Patch by Kumar Aditya.

gh-100287: Fix the interaction of unittest.mock.seal() with unittest.mock.AsyncMock.

gh-100474: http.server now checks that an index page is actually a regular file before trying to serve it. This avoids issues with directories named index.html.

gh-100160: Remove any deprecation warnings in asyncio.get_event_loop(). They are deferred to Python 3.12.

gh-99952: Fix a reference undercounting issue in ctypes.Structure with from_param() results larger than a C pointer.

gh-98778: Update HTTPError to be initialized properly, even if the fp is None. Patch by Dong-hee Na.

gh-83035: Fix inspect.getsource() handling of decorator calls with nested parentheses.

gh-99240: Fix double-free bug in Argument Clinic str_converter by extracting memory clean up to a new post_parsing section.

gh-85267: Several improvements to inspect.signature()’s handling of __text_signature. - Fixes a case where inspect.signature() dropped parameters - Fixes a case where inspect.signature() raised tokenize.TokenError - Allows inspect.signature() to understand defaults involving binary operations of constants - inspect.signature() is documented as only raising TypeError or ValueError, but sometimes raised RuntimeError. These cases now raise ValueError - Removed a dead code path

gh-96192: Fix handling of bytes path-like objects in os.ismount().

bpo-44817: Ignore WinError 53 (ERROR_BAD_NETPATH), 65 (ERROR_NETWORK_ACCESS_DENIED) and 161 (ERROR_BAD_PATHNAME) when using ntpath.realpath().

bpo-40447: Accept os.PathLike (such as pathlib.Path) in the stripdir arguments of compileall.compile_file() and compileall.compile_dir().

bpo-36880: Fix a reference counting issue when a ctypes callback with return type py_object returns None, which could cause crashes.

gh-100616: Document existing attr parameter to curses.window.vline() function in curses.

gh-100472: Remove claim in documentation that the stripdir, prependdir and limit_sl_dest parameters of compileall.compile_dir() and compileall.compile_file() could be bytes.

gh-101334: test_tarfile has been updated to pass when run as a high UID.

gh-96002: Add functional test for Argument Clinic.

gh-101522: Allow overriding Windows dependencies versions and paths using MSBuild properties.

gh-82052: Fixed an issue where writing more than 32K of Unicode output to the console screen in one go can result in mojibake.

gh-100180: Update Windows installer to OpenSSL 1.1.1s

bpo-43984: winreg.SetValueEx() now leaves the target value untouched in the case of conversion errors. Previously, -1 would be written in case of such errors.

gh-100180: Update macOS installer to OpenSSL 1.1.1s

gh-99240: In argument parsing, after deallocating newly allocated memory, reset its pointer to NULL.

gh-99578: Fix a reference bug in _imp.create_builtin() after the creation of the first sub-interpreter for modules builtins and sys. Patch by Victor Stinner.

gh-99581: Fixed a bug that was causing a buffer overflow if the tokenizer copies a line missing the newline caracter from a file that is as long as the available tokenizer buffer. Patch by Pablo galindo

gh-96055: Update faulthandler to emit an error message with the proper unexpected signal number. Patch by Dong-hee Na.

gh-98852: Fix subscription of types.GenericAlias instances containing bare generic types: for example tuple[A, T][int], where A is a generic type, and T is a type variable.

gh-98415: Fix detection of MAC addresses for uuid on certain OSs. Patch by Chaim Sanders

gh-92119: Print exception class name instead of its string representation when raising errors from ctypes calls.

gh-93696: Allow pdb to locate source for frozen modules in the standard library.

bpo-31718: Raise ValueError instead of SystemError when methods of uninitialized io.IncrementalNewlineDecoder objects are called. Patch by Oren Milman.

bpo-38031: Fix a possible assertion failure in io.FileIO when the opener returns an invalid file descriptor.

gh-100001: Also escape s in the http.server BaseHTTPRequestHandler.log_message so that it is technically possible to parse the line and reconstruct what the original data was. Without this a xHH is ambiguious as to if it is a hex replacement we put in or the characters r”x” came through in the original request line.

gh-93453: asyncio.get_event_loop() now only emits a deprecation warning when a new event loop was created implicitly. It no longer emits a deprecation warning if the current event loop was set.

gh-51524: Fix bug when calling trace.CoverageResults with valid infile.

gh-99645: Fix a bug in handling class cleanups in unittest.TestCase. Now addClassCleanup() uses separate lists for different TestCase subclasses, and doClassCleanups() only cleans up the particular class.

gh-97001: Release the GIL when calling termios APIs to avoid blocking threads.

gh-99341: Fix ast.increment_lineno() to also cover ast.TypeIgnore when changing line numbers.

gh-74044: Fixed bug where inspect.signature() reported incorrect arguments for decorated methods.

gh-99275: Fix SystemError in ctypes when exception was not set during __initsubclass__.

gh-99155: Fix statistics.NormalDist pickle with 0 and 1 protocols.

gh-99134: Update the bundled copy of pip to version 22.3.1.

gh-99130: Apply bugfixes from importlib_metadata 4.11.4, namely: In PathDistribution._name_from_stem, avoid including parts of the extension in the result. In PathDistribution._normalized_name, ensure names loaded from the stem of the filename are also normalized, ensuring duplicate entry points by packages varying only by non-normalized name are hidden.

gh-83004: Clean up refleak on failed module initialisation in _zoneinfo

gh-83004: Clean up refleaks on failed module initialisation in in _pickle

gh-83004: Clean up refleak on failed module initialisation in _io.

gh-98897: Fix memory leak in math.dist() when both points don’t have the same dimension. Patch by Kumar Aditya.

gh-98793: Fix argument typechecks in _overlapped.WSAConnect() and _overlapped.Overlapped.WSASendTo() functions.

gh-98740: Fix internal error in the re module which in very rare circumstances prevented compilation of a regular expression containing a conditional expression without the “else” branch.

gh-98703: Fix asyncio.StreamWriter.drain() to call protocol.connection_lost callback only once on Windows.

gh-98624: Add a mutex to unittest.mock.NonCallableMock to protect concurrent access to mock attributes.

gh-89237: Fix hang on Windows in subprocess.wait_closed() in asyncio with ProactorEventLoop. Patch by Kumar Aditya.

gh-98458: Fix infinite loop in unittest when a self-referencing chained exception is raised

gh-97928: tkinter.Text.count() raises now an exception for options starting with “-” instead of silently ignoring them.

gh-97966: On uname_result, restored expectation that _fields and _asdict would include all six properties including processor.

gh-98331: Update the bundled copies of pip and setuptools to versions 22.3 and 65.5.0 respectively.

gh-96035: Fix bug in urllib.parse.urlparse() that causes certain port numbers containing whitespace, underscores, plus and minus signs, or non-ASCII digits to be incorrectly accepted.

gh-98251: Allow venv to pass along PYTHON* variables to ensurepip and pip when they do not impact path resolution

gh-98178: On macOS, fix a crash in syslog.syslog() in multi-threaded applications. On macOS, the libc syslog() function is not thread-safe, so syslog.syslog() no longer releases the GIL to call it. Patch by Victor Stinner.

gh-96151: Allow BUILTINS to be a valid field name for frozen dataclasses.

gh-98086: Make sure patch.dict() can be applied on async functions.

gh-88863: To avoid apparent memory leaks when asyncio.open_connection() raises, break reference cycles generated by local exception and future instances (which has exception instance as its member var). Patch by Dong Uk, Kang.

gh-93858: Prevent error when activating venv in nested fish instances.

bpo-46364: Restrict use of sockets instead of pipes for stdin of subprocesses created by asyncio to AIX platform only.

bpo-38523: shutil.copytree() now applies the ignore_dangling_symlinks argument recursively.

bpo-36267: Fix IndexError in argparse.ArgumentParser when a store_true action is given an explicit argument.

gh-92892: Document that calling variadic functions with ctypes requires special care on macOS/arm64 (and possibly other platforms).

gh-99892: Skip test_normalization() of test_unicodedata if it fails to download NormalizationTest.txt file from pythontest.net. Patch by Victor Stinner.

bpo-34272: Some C API tests were moved into the new Lib/test/test_capi/ directory.

gh-99086: Fix -Wimplicit-int, -Wstrict-prototypes, and -Wimplicit-function-declaration compiler warnings in configure checks.

gh-99086: Fix -Wimplicit-int compiler warning in configure check for PTHREAD_SCOPE_SYSTEM.

gh-97731: Specify the full path to the source location for make docclean (needed for cross-builds).

gh-98671: Fix NO_MISALIGNED_ACCESSES being not defined for the SHA3 extension when HAVE_ALIGNED_REQUIRED is set. Allowing builds on hardware that unaligned memory accesses are not allowed.

gh-99345: Use faster initialization functions to detect install location for Windows Store package

gh-98689: Update Windows builds to zlib v1.2.13. v1.2.12 has CVE-2022-37434, but the vulnerable inflateGetHeader API is not used by Python.

gh-94328: Update Windows installer to use SQLite 3.39.4.

bpo-40882: Fix a memory leak in multiprocessing.shared_memory.SharedMemory on Windows.

gh-94328: Update macOS installer to SQLite 3.39.4.

gh-97527: Fix a bug in the previous bugfix that caused IDLE to not start when run with 3.10.8, 3.12.0a1, and at least Microsoft Python 3.10.2288.0 installed without the Lib/test package. 3.11.0 was never affected.

gh-95731: Fix handling of module docstrings in Tools/i18n/pygettext.py.

gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner.

gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner.

gh-68966: The deprecated mailcap module now refuses to inject unsafe text (filenames, MIME types, parameters) into shell commands. Instead of using such text, it will warn and act as if a match was not found (or for test commands, as if the test failed).

gh-96078: os.sched_yield() now release the GIL while calling sched_yield(2). Patch by Dong-hee Na.

gh-97943: Bugfix: PyFunction_GetAnnotations() should return a borrowed reference. It was returning a new reference.

gh-97591: Fixed a missing incref/decref pair in Exception.__setstate__(). Patch by Ofey Chan.

gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. Patch by Victor Stinner.

gh-95921: Fix overly-broad source position information for chained comparisons used as branching conditions.

gh-96821: Fix undefined behaviour in _testcapimodule.c.

gh-95778: When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. Patch by Victor Stinner.

gh-96387: At Python exit, sometimes a thread holding the GIL can wait forever for a thread (usually a daemon thread) which requested to drop the GIL, whereas the thread already exited. To fix the race condition, the thread which requested the GIL drop now resets its request before exiting. Issue discovered and analyzed by Mingliang ZHAO. Patch by Victor Stinner.

gh-96864: Fix a possible assertion failure, fatal error, or SystemError if a line tracing event raises an exception while opcode tracing is enabled.

gh-96678: Fix undefined behaviour in C code of null pointer arithmetic.

gh-96641: Do not expose KeyWrapper in _functools.

gh-96611: When loading a file with invalid UTF-8 inside a multi-line string, a correct SyntaxError is emitted.

gh-95196: Disable incorrect pickling of the C implemented classmethod descriptors.

gh-96352: Fix AttributeError missing name and obj attributes in object.__getattribute__(). Patch by Philip Georgi.

bpo-42316: Document some places where an assignment expression needs parentheses.

gh-87730: Wrap network errors consistently in urllib FTP support, so the test suite doesn’t fail when a network is available but the public internet is not reachable.

gh-97825: Fixes AttributeError when subprocess.check_output() is used with argument input=None and either of the arguments encoding or errors are used.

gh-96827: Avoid spurious tracebacks from asyncio when default executor cleanup is delayed until after the event loop is closed (e.g. as the result of a keyboard interrupt).

gh-97592: Avoid a crash in the C version of asyncio.Future.remove_done_callback() when an evil argument is passed.

gh-97639: Remove tokenize.NL check from tabnanny.

gh-97545: Make Semaphore run faster.

gh-73588: Fix generation of the default name of tkinter.Checkbutton. Previously, checkbuttons in different parent widgets could have the same short name and share the same state if arguments “name” and “variable” are not specified. Now they are globally unique.

gh-97005: Update bundled libexpat to 2.4.9

gh-85760: Fix race condition in asyncio where process_exited() called before the pipe_data_received() leading to inconsistent output. Patch by Kumar Aditya.

gh-96819: Fixed check in multiprocessing.resource_tracker that guarantees that the length of a write to a pipe is not greater than PIPE_BUF.

gh-96741: Corrected type annotation for dataclass attribute pstats.FunctionProfile.ncalls to be str.

gh-96652: Fix the faulthandler implementation of faulthandler.register(signal, chain=True) if the sigaction() function is not available: don’t call the previous signal handler if it’s NULL. Patch by Victor Stinner.

gh-96073: In inspect, fix overeager replacement of “typing.” in formatting annotations.

gh-90467: Fix asyncio.streams.StreamReaderProtocol to keep a strong reference to the created task, so that it’s not garbage collected

gh-96052: Fix handling compiler warnings (SyntaxWarning and DeprecationWarning) in codeop.compile_command() when checking for incomplete input. Previously it emitted warnings and raised a SyntaxError. Now it always returns None for incomplete input without emitting any warnings.

gh-91212: Fixed flickering of the turtle window when the tracer is turned off. Patch by Shin-myoung-serp.

gh-74116: Allow asyncio.StreamWriter.drain() to be awaited concurrently by multiple tasks. Patch by Kumar Aditya.

gh-90155: Fix broken asyncio.Semaphore when acquire is cancelled.

gh-92986: Fix ast.unparse() when ImportFrom.level is None

gh-91539: Improve performance of urllib.request.getproxies_environment when there are many environment variables

gh-97741: Fix ! in c domain ref target syntax via a conf.py patch, so it works as intended to disable ref target resolution.

gh-95588: Clarified the conflicting advice given in the ast documentation about ast.literal_eval() being “safe” for use on untrusted input while at the same time warning that it can crash the process. The latter statement is true and is deemed unfixable without a large amount of work unsuitable for a bugfix. So we keep the warning and no longer claim that literal_eval is safe.

gh-93031: Update tutorial introduction output to use 3.10+ SyntaxError invalid range.

gh-96729: Ensure that Windows releases built with Tools\msi\buildrelease.bat are upgradable to and from official Python releases.

gh-97728: Fix possible crashes caused by the use of uninitialized variables when pass invalid arguments in os.system() on Windows and in Windows-specific modules (like winreg).

gh-90989: Clarify some text in the Windows installer.

gh-96577: Fixes a potential buffer overrun in msilib.

gh-97897: The macOS 13 SDK includes support for the mkfifoat and mknodat system calls. Using the dir_fd option with either os.mkfifo() or os.mknod() could result in a segfault if cpython is built with the macOS 13 SDK but run on an earlier version of macOS. Prevent this by adding runtime support for detection of these system calls (“weaklinking”) as is done for other newer syscalls on macOS.

gh-96187: Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. Patch by Pablo Galindo

gh-95876: Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments.

gh-95605: Fix misleading contents of error message when converting an all-whitespace string to float.

gh-93592: coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine.

gh-94996: ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). Patch by Shantanu Jain.

gh-68163: Correct conversion of numbers.Rational’s to float.

gh-96159: Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed.

gh-96175: Fix unused localName parameter in the Attr class in xml.dom.minidom.

gh-95609: Update bundled pip to 22.2.2.

gh-95231: Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled.

gh-96098: Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules.

gh-95789: Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org

gh-91207: Fix stylesheet not working in Windows CHM htmlhelp docs. Contributed by C.A.M. Gerlach.

bpo-47115: The documentation now lists which members of C structs are part of the Limited API/Stable ABI.

gh-95243: Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. Patch by Ross Burton.

gh-94682: Build and test with OpenSSL 1.1.1q

gh-65802: Document handling of extensions in Save As dialogs.

gh-95191: Include prompts when saving Shell (interactive input and output).

gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan.

gh-92888: Fix memoryview use after free when accessing the backing buffer in certain cases.

gh-95355: _PyPegen_Parser_New now properly detects token memory allocation errors. Patch by Honglin Zhu.

gh-94938: Fix error detection in some builtin functions when keyword argument name is an instance of a str subclass with overloaded __eq__ and __hash__. Previously it could cause SystemError or other undesired behavior.

gh-94949: ast.parse() will no longer parse parenthesized context managers when passed feature_version less than (3, 9). Patch by Shantanu Jain.

gh-94947: ast.parse() will no longer parse assignment expressions when passed feature_version less than (3, 8). Patch by Shantanu Jain.

gh-94869: Fix the column offsets for some expressions in multi-line f-strings ast nodes. Patch by Pablo Galindo.

gh-91153: Fix an issue where a bytearray item assignment could crash if it’s resized by the new value’s __index__() method.

gh-94329: Compile and run code with unpacking of extremely large sequences (1000s of elements). Such code failed to compile. It now compiles and runs correctly.

gh-94360: Fixed a tokenizer crash when reading encoded files with syntax errors from stdin with non utf-8 encoded text. Patch by Pablo Galindo

gh-94192: Fix error for dictionary literals with invalid expression as value.

gh-93964: Strengthened compiler overflow checks to prevent crashes when compiling very large source files.

gh-93671: Fix some exponential backtrace case happening with deeply nested sequence patterns in match statements. Patch by Pablo Galindo

gh-93021: Fix the __text_signature__ for __get__() methods implemented in C. Patch by Jelle Zijlstra.

gh-92930: Fixed a crash in _pickle.c from mutating collections during __reduce__ or persistent_id.

gh-92914: Always round the allocated size for lists up to the nearest even number.

gh-92858: Improve error message for some suites with syntax error before ‘:’

gh-94321: Document the PEP 246 style protocol type sqlite3.PrepareProtocol.

gh-86128: Document a limitation in ThreadPoolExecutor where its exit handler is executed before any handlers in atexit.

gh-61162: Clarify sqlite3 behavior when How to use the connection context manager.

gh-87260: Align sqlite3 argument specs with the actual implementation.

gh-86986: The minimum Sphinx version required to build the documentation is now 3.2.

gh-88831: Augmented documentation of asyncio.create_task(). Clarified the need to keep strong references to tasks and added a code snippet detailing how to do this.

bpo-47161: Document that pathlib.PurePath does not collapse initial double slashes because they denote UNC paths.

gh-95280: Fix problem with test_ssl test_get_ciphers on systems that require perfect forward secrecy (PFS) ciphers.

gh-95212: Make multiprocessing test case test_shared_memory_recreate parallel-safe.

gh-91330: Added more tests for dataclasses to cover behavior with data descriptor-based fields.

gh-94208: test_ssl is now checking for supported TLS version and protocols in more tests.

gh-93951: In test_bdb.StateTestCase.test_skip, avoid including auxiliary importers.

gh-93957: Provide nicer error reporting from subprocesses in test_venv.EnsurePipTest.test_with_pip.

gh-57539: Increase calendar test coverage for calendar.LocaleTextCalendar.formatweekday().

gh-92886: Fixing tests that fail when running with optimizations (-O) in test_zipimport.py

bpo-47016: Create a GitHub Actions workflow for verifying bundled pip and setuptools. Patch by Illia Volochii and Adam Turner.

gh-94841: Fix the possible performance regression of PyObject_Free() compiled with MSVC version 1932.

bpo-45816: Python now supports building with Visual Studio 2022 (MSVC v143, VS Version 17.0). Patch by Jeremiah Vivian.

gh-90844: Allow virtual environments to correctly launch when they have spaces in the path.

gh-92841: asyncio no longer throws RuntimeError: Event loop is closed on interpreter exit after asynchronous socket activity. Patch by Oleg Iarygin.

bpo-42658: Support native Windows case-insensitive path comparisons by using LCMapStringEx instead of str.lower() in ntpath.normcase(). Add LCMapStringEx to the _winapi module.

gh-95511: Fix the Shell context menu copy-with-prompts bug of copying an extra line when one selects whole lines.

gh-95471: In the Edit menu, move Select All and add a new separator.

gh-95411: Enable using IDLE’s module browser with .pyw files.

gh-89610: Add .pyi as a recognized extension for IDLE on macOS. This allows opening stub files by double clicking on them in the Finder.

gh-94538: Fix Argument Clinic output to custom file destinations. Patch by Erlend E. Aasland.

gh-94430: Allow parameters named module and self with custom C names in Argument Clinic. Patch by Erlend E. Aasland

gh-94930: Fix SystemError raised when PyArg_ParseTupleAndKeywords() is used with # in (...) but without PY_SSIZE_T_CLEAN defined.

gh-94864: Fix PyArg_Parse* with deprecated format units “u” and “Z”. It returned 1 (success) when warnings are turned into exceptions.

gh-86438: Clarify that -W and PYTHONWARNINGS are matched literally and case-insensitively, rather than as regular expressions, in warnings.

gh-92240: Added release dates for “What’s New in Python 3.X” for 3.0, 3.1, 3.2, 3.8 and 3.10

gh-91888: Add a new gh role to the documentation to link to GitHub issues.

gh-91783: Document security issues concerning the use of the function shutil.unpack_archive()

gh-91547: Remove “Undocumented modules” page.

bpo-44347: Clarify the meaning of dirs_exist_ok, a kwarg of shutil.copytree().

bpo-38668: Update the introduction to documentation for os.path to remove warnings that became irrelevant after the implementations of PEP 383 and PEP 529.

bpo-47138: Pin Jinja to a version compatible with Sphinx version 3.2.1.

bpo-46962: All docstrings in code snippets are now wrapped into PyDoc_STR() to follow the guideline of PEP 7’s Documentation Strings paragraph. Patch by Oleg Iarygin.

bpo-26792: Improve the docstrings of runpy.run_module() and runpy.run_path(). Original patch by Andrew Brezovsky.

bpo-40838: Document that inspect.getdoc(), inspect.getmodule(), and inspect.getsourcefile() might return None.

bpo-45790: Adjust inaccurate phrasing in Defining Extension Types: Tutorial about the ob_base field and the macros used to access its contents.

bpo-42340: Document that in some circumstances KeyboardInterrupt may cause the code to enter an inconsistent state. Provided a sample workaround to avoid it if needed.

bpo-41233: Link the errnos referenced in Doc/library/exceptions.rst to their respective section in Doc/library/errno.rst, and vice versa. Previously this was only done for EINTR and InterruptedError. Patch by Yan “yyyyyyyan” Orestes.

bpo-38056: Overhaul the Error Handlers documentation in codecs.

bpo-13553: Document tkinter.Tk args.

gh-92886: Fixing tests that fail when running with optimizations (-O) in test_imaplib.py.

gh-92670: Skip test_shutil.TestCopy.test_copyfile_nonexistent_dir test on AIX as the test uses a trailing slash to force the OS consider the path as a directory, but on AIX the trailing slash has no effect and is considered as a file.

gh-91904: Fix initialization of PYTHONREGRTEST_UNICODE_GUARD which prevented running regression tests on non-UTF-8 locale.

gh-91607: Fix test_concurrent_futures to test the correct multiprocessing start method context in several cases where the test logic mixed this up.

bpo-47205: Skip test for sched_getaffinity() and sched_setaffinity() error case on FreeBSD.

bpo-47104: Rewrite asyncio.to_thread() tests to use unittest.IsolatedAsyncioTestCase.

bpo-29890: Add tests for ipaddress.IPv4Interface and ipaddress.IPv6Interface construction with tuple arguments. Original patch and tests by louisom.

bpo-47103: Windows PGInstrument builds now copy a required DLL into the output directory, making it easier to run the profile stage of a PGO build.

gh-92984: Explicitly disable incremental linking for non-Debug builds

bpo-47194: Update zlib to v1.2.12 to resolve CVE-2018-25032.

bpo-46785: Fix race condition between os.stat() and unlinking a file on Windows, by using errors codes returned by FindFirstFileW() when appropriate in win32_xstat_impl.

bpo-40859: Update Windows build to use xz-5.2.5

gh-91583: Fix regression in the code generated by Argument Clinic for functions with the defining_class parameter.

bpo-46968: Check for the existence of the “sys/auxv.h” header in faulthandler to avoid compilation problems in systems where this header doesn’t exist. Patch by Pablo Galindo

bpo-46940: Avoid overriding AttributeError metadata information for nested attribute access calls. Patch by Pablo Galindo.