1 .. bpo: 22959 2 .. date: 9494 3 .. nonce: FioVGu 4 .. release date: 2014-12-10 5 .. section: Library 6 7 Remove the *check_hostname* parameter of httplib.HTTPSConnection. The 8 *context* parameter should be used instead. 9 10 .. 11 12 .. bpo: 16043 13 .. date: 9493 14 .. nonce: TGIC7t 15 .. section: Library 16 17 Add a default limit for the amount of data xmlrpclib.gzip_decode will 18 return. This resolves CVE-2013-1753. 19 20 .. 21 22 .. bpo: 16042 23 .. date: 9492 24 .. nonce: 7I3FPy 25 .. section: Library 26 27 CVE-2013-1752: smtplib: Limit amount of data read by limiting the call to 28 readline(). Original patch by Christian Heimes. 29 30 .. 31 32 .. bpo: 16041 33 .. date: 9491 34 .. nonce: TyhfVi 35 .. section: Library 36 37 In poplib, limit maximum line length read from the server to prevent 38 CVE-2013-1752. 39 40 .. 41 42 .. bpo: 22960 43 .. date: 9490 44 .. nonce: J-KiZ3 45 .. section: Library 46 47 Add a context argument to xmlrpclib.ServerProxy. 48 49 .. 50 51 .. bpo: 22935 52 .. date: 9489 53 .. nonce: -vY3lc 54 .. section: Build 55 56 Allow the ssl module to be compiled if openssl doesn't support SSL 3. 57 58 .. 59 60 .. bpo: 17128 61 .. date: 9488 62 .. nonce: JMdOBP 63 .. section: Build 64 65 Use private version of OpenSSL for 2.7.9 OS X 10.5+ installer. 66
