Converting between :class:`int` and :class:`str` in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a :exc:`ValueError` if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735.
This new limit can be configured or disabled by environment variable, command line flag, or :mod:`sys` APIs. See the :ref:`integer string conversion length limitation <int_max_str_digits>` documentation. The default limit is 4300 digits in string form.
Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson.
Fixed a bug that caused _PyCode_GetExtra to return garbage for negative
indexes. Patch by Pablo Galindo
Fix format string in _PyPegen_raise_error_known_location that can lead
to memory corruption on some 64bit systems. The function was building a
tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t
arguments.
Fix misleading contents of error message when converting an all-whitespace string to :class:`float`.
coroutine.throw() now properly initializes the frame.f_back when
resuming a stack of coroutines. This allows e.g. traceback.print_stack()
to work correctly when an exception (such as CancelledError) is thrown
into a coroutine.
:func:`ast.parse` will no longer parse function definitions with
positional-only params when passed feature_version less than (3, 8).
Patch by Shantanu Jain.
Correct conversion of :class:`numbers.Rational`'s to :class:`float`.
Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed.
Fix unused localName parameter in the Attr class in
:mod:`xml.dom.minidom`.
Update bundled pip to 22.2.2.
Fail gracefully if :data:`~errno.EPERM` or :data:`~errno.ENOSYS` is raised
when loading :mod:`crypt` methods. This may happen when trying to load
MD5 on a Linux kernel with :abbr:`FIPS (Federal Information Processing
Standard)` enabled.
Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules.
Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org
Fix stylesheet not working in Windows CHM htmlhelp docs. Contributed by C.A.M. Gerlach.
The documentation now lists which members of C structs are part of the :ref:`Limited API/Stable ABI <stable>`.
Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. Patch by Ross Burton.
Build and test with OpenSSL 1.1.1q
Document handling of extensions in Save As dialogs.
Include prompts when saving Shell (interactive input and output).