This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients christian.heimes, gregory.p.smith, ned.deily, vstinner
Date 2017-08-16.14:21:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1502893279.89.0.0271174970663.issue30947@psf.upfronthosting.co.za>
In-reply-to
Content
Expat 2.2.3 was released:

Release 2.2.3 Wed August 2 2017
        Security fixes:
             #82  CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
                    using Steve Holme's LoadLibrary wrapper for/of cURL

        Bug fixes:
             #85  Fix a dangling pointer issue related to realloc

        Other changes:
                  Increase code coverage
             #91  Linux: Allow getrandom to fail if nonblocking pool has not
                    yet been initialized and read /dev/urandom then, instead.
                    This is in line with what recent Python does.
             #81  Pre-10.7/Lion macOS: Support entropy from arc4random
             #86  Check that a UTF-16 encoding in an XML declaration has the
                    right endianness
        #4 #5 #7  Recover correctly when some reallocations fail
                  Repair "./configure && make" for systems without any
                    provider of high quality entropy
                    and try reading /dev/urandom on those
                  Ensure that user-defined character encodings have converter
                    functions when they are needed
                  Fix mis-leading description of argument -c in xmlwf.1
                  Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
                    for CloudABI
            #100  Fix use of SIPHASH_MAIN in siphash.h
             #23  Test suite: Fix memory leaks
                  Version info bumped from 7:4:6 to 7:5:6

        Special thanks to:
            Chanho Park
            Joe Orton
            Pascal Cuoq
            Rhodri James
            Simon McVittie
            Vadim Zeitlin
            Viktor Szakats
                 and
Core Infrastructure Initiative
History
Date User Action Args
2017-08-16 14:21:19vstinnersetrecipients: + vstinner, gregory.p.smith, christian.heimes, ned.deily
2017-08-16 14:21:19vstinnersetmessageid: <1502893279.89.0.0271174970663.issue30947@psf.upfronthosting.co.za>
2017-08-16 14:21:19vstinnerlinkissue30947 messages
2017-08-16 14:21:19vstinnercreate