[Python-Dev] Status of 3.2 in Hg repository? (original) (raw)

Tim Peters tim.peters at gmail.com
Tue Aug 20 17:43:57 CEST 2013

[Tim]

> hg log -r 3.2 changeset: 83826:b9b521efeba3 branch: 3.2 parent: 83739:6255b40c6a61 user: Antoine Pitrou <solipsis at pitrou.net> date: Sat May 18 17:56:42 2013 +0200 summary: Issue #17980: Fix possible abuse of ssl.matchhostname() for denial of service using certificates with many wildcards (CVE-2013-2099).

[Antoine]

Oops, that's me :-S Now I don't remember if I omitted to merge deliberately, or if that was an oversight.

Well, yours is just the tip of the 3.2 branch. 3.2 was already active when you made this commit, left over from the 3.2.5 release fiddling (when, presumably, a merge to default was also skipped):

hg log -v -r "children(ancestor(3.2, default)):: and branch(3.2)" changeset: 83738:cef745775b65 branch: 3.2 tag: v3.2.5 user: Georg Brandl <georg at python.org> date: Sun May 12 12:28:20 2013 +0200 files: Include/patchlevel.h Lib/distutils/init.py Lib/idlelib/idlever.py Misc/NEWS Misc/RPM/python-3.2.spec README description: Bump to version 3.2.5.

changeset: 83739:6255b40c6a61 branch: 3.2 user: Georg Brandl <georg at python.org> date: Sun May 12 12:28:30 2013 +0200 files: .hgtags description: Added tag v3.2.5 for changeset cef745775b65

changeset: 83826:b9b521efeba3 branch: 3.2 parent: 83739:6255b40c6a61 user: Antoine Pitrou <solipsis at pitrou.net> date: Sat May 18 17:56:42 2013 +0200 files: Lib/ssl.py Lib/test/test_ssl.py Misc/NEWS description: Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wi ldcards (CVE-2013-2099).

For the record, the issue was fixed in 3.3 too, albeit not with a merge changeset.

In that case, I bet this one is easy to fix, for someone who knows what they're doing ;-)

More information about the Python-Dev mailing list