3.6.12v3.6.12

author: Ned Deily <nad@python.org> 2020-08-15 02:43:26 -0400
committer: Ned Deily <nad@python.org> 2020-08-15 02:43:26 -0400
commit: c0a9afe2ac1820409e6173bd1893ebee2cf50270 (patch)
tree: e3dbec2cd10ccb6534915d812a316e1e6f7e8c28
parent: bpo-39603: Prevent header injection in http methods (GH-18485) (GH-21539) (diff)
download: cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.tar.gz
cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.tar.bz2
cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.zip
9 files changed, 56 insertions, 13 deletions
diff --git a/Include/patchlevel.h b/Include/patchlevel.h
index 1f4195058ae..7478a6b5308 100644
--- a/Include/patchlevel.h
+++ b/Include/patchlevel.h
@@ -18,12 +18,12 @@
 /*--start constants--*/
 #define PY_MAJOR_VERSION	3
 #define PY_MINOR_VERSION	6
-#define PY_MICRO_VERSION	11
+#define PY_MICRO_VERSION	12
 #define PY_RELEASE_LEVEL	PY_RELEASE_LEVEL_FINAL
 #define PY_RELEASE_SERIAL	0
 
 /* Version as a string */
-#define PY_VERSION      	"3.6.11+"
+#define PY_VERSION      	"3.6.12"
 /*--end constants--*/
 
 /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
diff --git a/Lib/pydoc_data/topics.py b/Lib/pydoc_data/topics.py
index 69bf815cab3..4b53f76969f 100644
--- a/Lib/pydoc_data/topics.py
+++ b/Lib/pydoc_data/topics.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Autogenerated by Sphinx on Wed Jun 17 06:55:37 2020
+# Autogenerated by Sphinx on Sat Aug 15 02:33:47 2020
 topics = {'assert': 'The "assert" statement\n'
            '**********************\n'
            '\n'
diff --git a/Misc/NEWS.d/3.6.12.rst b/Misc/NEWS.d/3.6.12.rst
new file mode 100644
index 00000000000..277b3fe13e3
--- /dev/null
+++ b/Misc/NEWS.d/3.6.12.rst
@@ -0,0 +1,51 @@
+.. bpo: 29778
+.. date: 2020-07-03-17-21-37
+.. nonce: cR_fGS
+.. release date: 2020-08-15
+.. section: Security
+
+Ensure :file:`python3.dll` is loaded from correct locations when Python is
+embedded (CVE-2020-15523).
+
+..
+
+.. bpo: 41004
+.. date: 2020-06-29-16-02-29
+.. nonce: ovF0KZ
+.. section: Security
+
+CVE-2020-14422: The __hash__() methods of  ipaddress.IPv4Interface and
+ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and
+128 respectively. This resulted in always causing hash collisions. The fix
+uses hash() to generate hash values for the tuple of (address, mask length,
+network address).
+
+..
+
+.. bpo: 39603
+.. date: 2020-02-12-14-17-39
+.. nonce: Gt3RSg
+.. section: Security
+
+Prevent http header injection by rejecting control characters in
+http.client.putrequest(...).
+
+..
+
+.. bpo: 41288
+.. date: 2020-07-13-15-06-35
+.. nonce: 8mn5P-
+.. section: Library
+
+Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now
+UnpicklingError instead of crashing.
+
+..
+
+.. bpo: 39017
+.. date: 2020-07-12-22-16-58
+.. nonce: x3Cg-9
+.. section: Library
+
+Avoid infinite loop when reading specially crafted TAR files using the
+tarfile module (CVE-2019-20907).
diff --git a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst
deleted file mode 100644
index ad26676f8b8..00000000000
--- a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst
+++ /dev/null
@@ -1 +0,0 @@
-Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907).
diff --git a/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst b/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst
deleted file mode 100644
index 3c3adbabf16..00000000000
--- a/Misc/NEWS.d/next/Library/2020-07-13-15-06-35.bpo-41288.8mn5P-.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now
-UnpicklingError instead of crashing.
diff --git a/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst b/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst
deleted file mode 100644
index 990affc3edd..00000000000
--- a/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Prevent http header injection by rejecting control characters in
-http.client.putrequest(...).
diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
deleted file mode 100644
index f5a9db52fff..00000000000
--- a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
+++ /dev/null
@@ -1 +0,0 @@
-CVE-2020-14422: The __hash__() methods of  ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst b/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst
deleted file mode 100644
index 998ffb1ee66..00000000000
--- a/Misc/NEWS.d/next/Security/2020-07-03-17-21-37.bpo-29778.cR_fGS.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Ensure :file:`python3.dll` is loaded from correct locations when Python is
-embedded (CVE-2020-15523).
diff --git a/README.rst b/README.rst
index c6602bb8429..fdcbb3eeb4a 100644
--- a/README.rst
+++ b/README.rst
@@ -1,5 +1,5 @@
-This is Python version 3.6.11+
-==============================
+This is Python version 3.6.12
+=============================
 
 .. image:: https://travis-ci.org/python/cpython.svg?branch=3.6
    :alt: CPython build status on Travis CI
author	Ned Deily <nad@python.org>	2020-08-15 02:43:26 -0400
committer	Ned Deily <nad@python.org>	2020-08-15 02:43:26 -0400
commit	c0a9afe2ac1820409e6173bd1893ebee2cf50270 (patch)
tree	e3dbec2cd10ccb6534915d812a316e1e6f7e8c28
parent	bpo-39603: Prevent header injection in http methods (GH-18485) (GH-21539) (diff)
download	cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.tar.gz cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.tar.bz2 cpython-c0a9afe2ac1820409e6173bd1893ebee2cf50270.zip