From 55fee9cf216abe4ec0d1139f94b1930fbd0c7644 Mon Sep 17 00:00:00 2001 From: Thomas Wouters Date: Tue, 3 Jun 2025 17:41:33 +0200 Subject: [PATCH] Python 3.12.11 --- Doc/library/os.path.rst | 4 +- Doc/library/tarfile.rst | 4 +- Include/patchlevel.h | 4 +- Lib/pydoc_data/topics.py | 2 +- Misc/NEWS.d/3.12.11.rst | 73 +++++++++++++++++++ .../2021-10-31-16-06-28.bpo-43633.vflwXv.rst | 1 - ...-08-28-13-03-36.gh-issue-123409.lW0YF-.rst | 2 - ...-05-15-14-27-01.gh-issue-134062.fRbJet.rst | 3 - ...-05-28-15-53-27.gh-issue-128840.Nur2pB.rst | 1 - ...-01-14-11-19-07.gh-issue-128840.M1doZW.rst | 2 - ...-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst | 2 - ...-06-02-11-32-23.gh-issue-135034.RLGjbp.rst | 6 -- README.rst | 2 +- 13 files changed, 81 insertions(+), 25 deletions(-) create mode 100644 Misc/NEWS.d/3.12.11.rst delete mode 100644 Misc/NEWS.d/next/Library/2021-10-31-16-06-28.bpo-43633.vflwXv.rst delete mode 100644 Misc/NEWS.d/next/Library/2024-08-28-13-03-36.gh-issue-123409.lW0YF-.rst delete mode 100644 Misc/NEWS.d/next/Library/2025-05-15-14-27-01.gh-issue-134062.fRbJet.rst delete mode 100644 Misc/NEWS.d/next/Library/2025-05-28-15-53-27.gh-issue-128840.Nur2pB.rst delete mode 100644 Misc/NEWS.d/next/Security/2025-01-14-11-19-07.gh-issue-128840.M1doZW.rst delete mode 100644 Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst delete mode 100644 Misc/NEWS.d/next/Security/2025-06-02-11-32-23.gh-issue-135034.RLGjbp.rst diff --git a/Doc/library/os.path.rst b/Doc/library/os.path.rst index f5e684f2ccf..4208c729387 100644 --- a/Doc/library/os.path.rst +++ b/Doc/library/os.path.rst @@ -415,7 +415,7 @@ the :mod:`glob` module.) .. versionchanged:: 3.10 The *strict* parameter was added. - .. versionchanged:: next + .. versionchanged:: 3.12.11 The :py:data:`~os.path.ALLOW_MISSING` value for the *strict* parameter was added. @@ -423,7 +423,7 @@ the :mod:`glob` module.) Special value used for the *strict* argument in :func:`realpath`. - .. versionadded:: next + .. versionadded:: 3.12.11 .. function:: relpath(path, start=os.curdir) diff --git a/Doc/library/tarfile.rst b/Doc/library/tarfile.rst index a2403b70e29..84ec6f2af86 100644 --- a/Doc/library/tarfile.rst +++ b/Doc/library/tarfile.rst @@ -256,7 +256,7 @@ The :mod:`tarfile` module defines the following exceptions: The exception that was raised to reject the replacement member is available as :attr:`!BaseException.__context__`. - .. versionadded:: next + .. versionadded:: 3.12.11 The following constants are available at the module level: @@ -1082,7 +1082,7 @@ reused in custom filters: Return the modified ``TarInfo`` member. - .. versionchanged:: next + .. versionchanged:: 3.12.11 Link targets are now normalized. diff --git a/Include/patchlevel.h b/Include/patchlevel.h index 5ce973d580e..45b770003cb 100644 --- a/Include/patchlevel.h +++ b/Include/patchlevel.h @@ -18,12 +18,12 @@ /*--start constants--*/ #define PY_MAJOR_VERSION 3 #define PY_MINOR_VERSION 12 -#define PY_MICRO_VERSION 10 +#define PY_MICRO_VERSION 11 #define PY_RELEASE_LEVEL PY_RELEASE_LEVEL_FINAL #define PY_RELEASE_SERIAL 0 /* Version as a string */ -#define PY_VERSION "3.12.10+" +#define PY_VERSION "3.12.11" /*--end constants--*/ /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2. diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py index ac9f7fb0f98..742866a1aa8 100644 --- a/Lib/pydoc_data/topics.py +++ b/Lib/pydoc_data/topics.py @@ -1,4 +1,4 @@ -# Autogenerated by Sphinx on Tue Apr 8 13:35:42 2025 +# Autogenerated by Sphinx on Tue Jun 3 17:41:43 2025 # as part of the release process. topics = { diff --git a/Misc/NEWS.d/3.12.11.rst b/Misc/NEWS.d/3.12.11.rst new file mode 100644 index 00000000000..aad965c830a --- /dev/null +++ b/Misc/NEWS.d/3.12.11.rst @@ -0,0 +1,73 @@ +.. date: 2025-06-02-11-32-23 +.. gh-issue: 135034 +.. nonce: RLGjbp +.. release date: 2025-06-03 +.. section: Security + +Fixes multiple issues that allowed ``tarfile`` extraction filters +(``filter="data"`` and ``filter="tar"``) to be bypassed using crafted +symlinks and hard links. + +Addresses :cve:`2024-12718`, :cve:`2025-4138`, :cve:`2025-4330`, and +:cve:`2025-4517`. + +.. + +.. date: 2025-05-09-20-22-54 +.. gh-issue: 133767 +.. nonce: kN2i3Q +.. section: Security + +Fix use-after-free in the "unicode-escape" decoder with a non-"strict" error +handler. + +.. + +.. date: 2025-01-14-11-19-07 +.. gh-issue: 128840 +.. nonce: M1doZW +.. section: Security + +Short-circuit the processing of long IPv6 addresses early in +:mod:`ipaddress` to prevent excessive memory consumption and a minor +denial-of-service. + +.. + +.. date: 2025-05-28-15-53-27 +.. gh-issue: 128840 +.. nonce: Nur2pB +.. section: Library + +Fix parsing long IPv6 addresses with embedded IPv4 address. + +.. + +.. date: 2025-05-15-14-27-01 +.. gh-issue: 134062 +.. nonce: fRbJet +.. section: Library + +:mod:`ipaddress`: fix collisions in :meth:`~object.__hash__` for +:class:`~ipaddress.IPv4Network` and :class:`~ipaddress.IPv6Network` objects. + +.. + +.. date: 2024-08-28-13-03-36 +.. gh-issue: 123409 +.. nonce: lW0YF- +.. section: Library + +Fix :attr:`ipaddress.IPv6Address.reverse_pointer` output according to +:rfc:`RFC 3596, §2.5 <3596#section-2.5>`. Patch by Bénédikt Tran. + +.. + +.. bpo: 43633 +.. date: 2021-10-31-16-06-28 +.. nonce: vflwXv +.. section: Library + +Improve the textual representation of IPv4-mapped IPv6 addresses +(:rfc:`4291` Sections 2.2, 2.5.5.2) in :mod:`ipaddress`. Patch by Oleksandr +Pavliuk. diff --git a/Misc/NEWS.d/next/Library/2021-10-31-16-06-28.bpo-43633.vflwXv.rst b/Misc/NEWS.d/next/Library/2021-10-31-16-06-28.bpo-43633.vflwXv.rst deleted file mode 100644 index 025de1e1a7d..00000000000 --- a/Misc/NEWS.d/next/Library/2021-10-31-16-06-28.bpo-43633.vflwXv.rst +++ /dev/null @@ -1 +0,0 @@ -Improve the textual representation of IPv4-mapped IPv6 addresses (:rfc:`4291` Sections 2.2, 2.5.5.2) in :mod:`ipaddress`. Patch by Oleksandr Pavliuk. diff --git a/Misc/NEWS.d/next/Library/2024-08-28-13-03-36.gh-issue-123409.lW0YF-.rst b/Misc/NEWS.d/next/Library/2024-08-28-13-03-36.gh-issue-123409.lW0YF-.rst deleted file mode 100644 index 7c6aab632b6..00000000000 --- a/Misc/NEWS.d/next/Library/2024-08-28-13-03-36.gh-issue-123409.lW0YF-.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fix :attr:`ipaddress.IPv6Address.reverse_pointer` output according to -:rfc:`RFC 3596, §2.5 <3596#section-2.5>`. Patch by Bénédikt Tran. diff --git a/Misc/NEWS.d/next/Library/2025-05-15-14-27-01.gh-issue-134062.fRbJet.rst b/Misc/NEWS.d/next/Library/2025-05-15-14-27-01.gh-issue-134062.fRbJet.rst deleted file mode 100644 index f62a3ec4801..00000000000 --- a/Misc/NEWS.d/next/Library/2025-05-15-14-27-01.gh-issue-134062.fRbJet.rst +++ /dev/null @@ -1,3 +0,0 @@ -:mod:`ipaddress`: fix collisions in :meth:`~object.__hash__` for -:class:`~ipaddress.IPv4Network` and :class:`~ipaddress.IPv6Network` -objects. diff --git a/Misc/NEWS.d/next/Library/2025-05-28-15-53-27.gh-issue-128840.Nur2pB.rst b/Misc/NEWS.d/next/Library/2025-05-28-15-53-27.gh-issue-128840.Nur2pB.rst deleted file mode 100644 index faff433aa4b..00000000000 --- a/Misc/NEWS.d/next/Library/2025-05-28-15-53-27.gh-issue-128840.Nur2pB.rst +++ /dev/null @@ -1 +0,0 @@ -Fix parsing long IPv6 addresses with embedded IPv4 address. diff --git a/Misc/NEWS.d/next/Security/2025-01-14-11-19-07.gh-issue-128840.M1doZW.rst b/Misc/NEWS.d/next/Security/2025-01-14-11-19-07.gh-issue-128840.M1doZW.rst deleted file mode 100644 index b57ec3e70dc..00000000000 --- a/Misc/NEWS.d/next/Security/2025-01-14-11-19-07.gh-issue-128840.M1doZW.rst +++ /dev/null @@ -1,2 +0,0 @@ -Short-circuit the processing of long IPv6 addresses early in :mod:`ipaddress` to prevent excessive -memory consumption and a minor denial-of-service. diff --git a/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst b/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst deleted file mode 100644 index 39d2f1e1a89..00000000000 --- a/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst +++ /dev/null @@ -1,2 +0,0 @@ -Fix use-after-free in the "unicode-escape" decoder with a non-"strict" error -handler. diff --git a/Misc/NEWS.d/next/Security/2025-06-02-11-32-23.gh-issue-135034.RLGjbp.rst b/Misc/NEWS.d/next/Security/2025-06-02-11-32-23.gh-issue-135034.RLGjbp.rst deleted file mode 100644 index 08a0087e203..00000000000 --- a/Misc/NEWS.d/next/Security/2025-06-02-11-32-23.gh-issue-135034.RLGjbp.rst +++ /dev/null @@ -1,6 +0,0 @@ -Fixes multiple issues that allowed ``tarfile`` extraction filters -(``filter="data"`` and ``filter="tar"``) to be bypassed using crafted -symlinks and hard links. - -Addresses :cve:`2024-12718`, :cve:`2025-4138`, :cve:`2025-4330`, and :cve:`2025-4517`. - diff --git a/README.rst b/README.rst index e691ccc232f..a01b2519de6 100644 --- a/README.rst +++ b/README.rst @@ -1,4 +1,4 @@ -This is Python version 3.12.10 +This is Python version 3.12.11 ============================== .. image:: https://github.com/python/cpython/workflows/Tests/badge.svg