[issue39344] Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found

Ajaya added the comment: Thanks all for your quick response. That issue has been resolved by solution given by Steve Dower and Christian Heimes On Thu, Jan 16, 2020 at 2:41 AM Steve Dower wrote: > > Steve Dower added the comment: > > More precisely, make sure the libcrypto-1_1.dll and

[issue39349] Add "cancel" parameter to concurrent.futures.Executor.shutdown()

New submission from Kyle Stanley : This feature enhancement issue is based on the following python-ideas thread: https://mail.python.org/archives/list/python-id...@python.org/thread/ZSUIFN5GTDO56H6LLOPXOLQK7EQQZJHJ/ In summary, the main suggestion was to implement a new parameter called

[issue38649] tkinter messagebox is sloppy

David Lambert added the comment: Sometimes I say nice things about python. https://www.quora.com/Is-Python-fast-yet/answer/David-Lambert-86?__nsrc__=4&__snid3__=6376944631 On 10/31/19 1:14 PM, Brett Cannon wrote: > Brett Cannon added the comment: > > Please note that calling something

[issue39200] Fix inaccurate TypeError messages when calling with insufficient arguments

Dong-hee Na added the comment: Thanks for the opinion. Sounds reasonable! -- ___ Python tracker ___ ___ Python-bugs-list mailing

[issue39348] wrong rst syntax in socket.rst

miss-islington added the comment: New changeset 19bd3a18626b504dc92abb44019cad600c7ef221 by Miss Islington (bot) in branch '3.8': bpo-39348: Fix code highlight for the SOCK_NONBLOCK example (GH-18018) https://github.com/python/cpython/commit/19bd3a18626b504dc92abb44019cad600c7ef221

[issue39344] ImportError: DLL load failed while importing _ssl: The specified module could not be found."

Change by ppperry : -- title: Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found." -> ImportError: DLL load failed while importing

[issue39348] wrong rst syntax in socket.rst

miss-islington added the comment: New changeset 970188c2d792133e2273924a987e0542659a676f by Miss Islington (bot) in branch '3.7': bpo-39348: Fix code highlight for the SOCK_NONBLOCK example (GH-18018) https://github.com/python/cpython/commit/970188c2d792133e2273924a987e0542659a676f

[issue39348] wrong rst syntax in socket.rst

Change by Mariatta : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___ ___

[issue39348] wrong rst syntax in socket.rst

Mariatta added the comment: Thanks! -- nosy: +Mariatta ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue39348] wrong rst syntax in socket.rst

Change by miss-islington : -- pull_requests: +17414 pull_request: https://github.com/python/cpython/pull/18019 ___ Python tracker ___

[issue39348] wrong rst syntax in socket.rst

Change by miss-islington : -- pull_requests: +17415 pull_request: https://github.com/python/cpython/pull/18020 ___ Python tracker ___

[issue39348] wrong rst syntax in socket.rst

miss-islington added the comment: New changeset fad8b5674c66d9e00bb788e30adddb0c256c787b by Miss Islington (bot) (Oz N Tiram) in branch 'master': bpo-39348: Fix code highlight for the SOCK_NONBLOCK example (GH-18018)

[issue39348] wrong rst syntax in socket.rst

Change by Oz Tiram : -- keywords: +patch pull_requests: +17413 stage: -> patch review pull_request: https://github.com/python/cpython/pull/18018 ___ Python tracker ___

[issue39348] wrong rst syntax in socket.rst

New submission from Oz Tiram : The code block for the isn't hightlighted: Changed in version 3.7: When SOCK_NONBLOCK or SOCK_CLOEXEC bit flags are applied to type they are cleared, and socket.type will not reflect them. They are still passed to the underlying system socket() call.

[issue37958] Adding get_profile_dict to pstats

Gregory P. Smith added the comment: Thanks Daniel! -- nosy: +gregory.p.smith resolution: -> fixed stage: -> commit review status: open -> closed ___ Python tracker ___

[issue39318] NamedTemporaryFile could cause double-close on an fd if _TemporaryFileWrapper throws

Albert Zeyer added the comment: > I think it is worth pointing out that the semantics of > > f = ``open(fd, closefd=True)`` > > are broken (IMHO) because an exception can result in an unreferenced file > object that has taken over reponsibility for closing the fd, but it can > also fail

[issue37958] Adding get_profile_dict to pstats

miss-islington added the comment: New changeset 01602ae40321ecdb375ee6d44eaeac3255857879 by Miss Islington (bot) (Daniel Olshansky) in branch 'master': bpo-37958: Adding get_profile_dict to pstats (GH-15495) https://github.com/python/cpython/commit/01602ae40321ecdb375ee6d44eaeac3255857879

[issue39310] Add math.ulp(x): unit in the last place

Tim Peters added the comment: `ulp()` is the right name: universally understood by those who know how to use it, and easy to find exhaustive web explanations for those who don't. In a different context, spelling out some variant of Hypertext_Transfer_Protocol would be as wrong-headed to

[issue39274] Conversion from fractions.Fraction to bool

Change by Sebastian Berg : -- keywords: +patch pull_requests: +17412 stage: -> patch review pull_request: https://github.com/python/cpython/pull/18017 ___ Python tracker ___

[issue39318] NamedTemporaryFile could cause double-close on an fd if _TemporaryFileWrapper throws

Change by rekcartgubnohtyp : -- nosy: +rekcartgubnohtyp ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue14014] codecs.StreamWriter.reset contract not fulfilled

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue1820] Enhance Object/structseq.c to match namedtuple and tuple api

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue39010] ProactorEventLoop raises unhandled ConnectionResetError

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue39200] Fix inaccurate TypeError messages when calling with insufficient arguments

STINNER Victor added the comment: > 3rd party: IMHO, if somebody relies on the error message, not error type, I > think that the code pattern is bad usage I don't think that we can be pedantic on how projects should be tested. IMHO it's too risky. I rejected backports. The risk of

[issue36048] Deprecate implicit truncating when convert Python numbers to C integers: use __index__, not __int__

STINNER Victor added the comment: > Serhiy: any thoughts about what version should be targeted for eventual > removal of the functionality deprecated in this PR? 3.10? IMHO it should be done at the *very beginning* of a release cycle. Python 3.9.0 alpha 1 *and* alpha 2 versions have already

[issue35561] Valgrind reports Syscall param epoll_ctl(event) points to uninitialised byte(s)

STINNER Victor added the comment: > Thank you, Victor, for the comments. I will update PR 17782. Since it's a very different approach (modify C vs suppress the false alarm), I suggest instead to open a new different PR. -- ___ Python tracker

[issue32615] Inconsistent behavior if globals is a dict subclass

STINNER Victor added the comment: I modified ceval.c to accept dict subclasses when I was working on PEP 416: https://www.python.org/dev/peps/pep-0416/ This PEP motivation was to implement a sandbox. The PEP was rejected. Later, I closed my pysandbox beause it was "broken by design":

[issue39274] Conversion from fractions.Fraction to bool

STINNER Victor added the comment: Does someone want to propose a PR to modify fractions.Fraction.__bool__() to use "return bool(a._numerator)"? -- keywords: +newcomer friendly versions: -Python 3.5, Python 3.6, Python 3.7, Python 3.8 ___ Python

[issue39123] PyThread_xxx() not available when using limited API

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue36746] Create test for fcntl.lockf()

STINNER Victor added the comment: PR #17010 of bpo-22367 added tests for fcntl.lockf(). I close this PR as a duplicate of bpo-22367. Thanks @nanjekyejoannah anyway! -- resolution: -> duplicate stage: patch review -> resolved status: open -> closed superseder: -> Add

[issue19083] IDNA prefix should be case insensitive

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue24416] Have date.isocalendar() return a structseq instance

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue37224] test__xxsubinterpreters fails randomly

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35665] Function ssl.create_default_context raises exception on Windows 10 when called with ssl.Purpose.SERVER_AUTH) attribute

Change by STINNER Victor : -- nosy: -vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35943] PyImport_GetModule() can return partially-initialized module

STINNER Victor added the comment: > The changes required to successfully do this backport are many and affect > critical areas. I am not in a hurry to do this. If anyone else wants to take > this up quickly, please do. Do you mean that there is a risk that the backport introduces a

[issue39344] Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found

Steve Dower added the comment: More precisely, make sure the libcrypto-1_1.dll and libssl-1_1.dll files are in the same directory as your _ssl.pyd, but _not_ inside your Python38.zip file (zip import does not support native modules, they have to be outside of the zip). --

[issue39347] Use of argument clinic like parsing and `METH_FASTCALL` support in extension modules

New submission from Sebastian Berg : This is mainly an information request, so sorry if its a bit besides the point (I do not mind if you just close it). But it seemed a bit too specific to get answers in most places... In Python you use argument clinic, which supports `METH_FASTCALL`, that

[issue39346] gzip module only supports half of possible read/write scenarios

New submission from Drew DeVault : A gzip file can have uncompressed data written to it, writing compressed data to the underlying file. It can also have uncompressed data read from it, reading compressed data from the underlying file. However, it does not support reading compressed data

[issue39346] gzip module only supports half of possible read/write scenarios

Change by Drew DeVault : -- type: -> enhancement ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue39318] NamedTemporaryFile could cause double-close on an fd if _TemporaryFileWrapper throws

Paul Ollis added the comment: I think it is worth pointing out that the semantics of f = ``open(fd, closefd=True)`` are broken (IMHO) because an exception can result in an unreferenced file object that has taken over reponsibility for closing the fd, but it can also fail without

[issue37373] Configuration of windows event loop for libraries

Change by Carlton Gibson : -- nosy: +carltongibson ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue39345] Py_Initialize Hangs on Windows 10

New submission from Darren Hamilton : This is related to https://bugs.python.org/issue17797, which is closed. Using Python 3.7.4, Windows 10.0.18362, Visual Studio 2017 and running as a C Application. Py_Initialize() eventually calls is_valid_fd with STDIN. The behavior appears to cause

[issue38884] __import__ is not thread-safe on Python 3

Brett Cannon added the comment: @valentyn just assume it's good enough unless some asks otherwise. People are probably too busy right now to be looking at this and so you might be waiting a while for a more definitive answer. -- ___ Python

[issue38361] syslog: Default "ident" in syslog.openlog() shouldn't contain slash

Change by Brandt Bucher : -- components: +Library (Lib) -Extension Modules nosy: +brandtbucher resolution: -> fixed stage: -> resolved status: open -> closed versions: -Python 3.5, Python 3.6, Python 3.7, Python 3.8 ___ Python tracker

[issue38884] __import__ is not thread-safe on Python 3

Valentyn Tymofieiev added the comment: Just checking - is issue38884.zip an acceptable repro for this issue? Thanks. -- ___ Python tracker ___

[issue38593] Python 3.7 does not catch infinite recursion for some values of sys.getrecursionlimit()

Valentyn Tymofieiev added the comment: The stack is fairly deep here, and I didn't have time to filter out the smallest repro. Since this check is best effort, and not reproducible on the 3.8, perhaps this is a low-priority issue. Thanks. -- nosy: +brett.cannon

[issue39305] Merge nntplib._NNTPBase and nntplib.NNTP

Luciana added the comment: Thank you, I am creating the patch now and will submit it later today! -- ___ Python tracker ___ ___

[issue38630] subprocess.Popen.send_signal() should poll the process

STINNER Victor added the comment: While there was no strong agreement on my change, Nathaniel and Giampaolo said that it should not harm to merge it :-) So I merged my change. It has been said multiple times: my change doesn't fully close the race condition. It only reduces the risk that it

[issue38630] subprocess.Popen.send_signal() should poll the process

STINNER Victor added the comment: New changeset e85a305503bf83c5a8ffb3a988dfe7b67461cbee by Victor Stinner in branch 'master': bpo-38630: Fix subprocess.Popen.send_signal() race condition (GH-16984) https://github.com/python/cpython/commit/e85a305503bf83c5a8ffb3a988dfe7b67461cbee

[issue1635741] Py_Finalize() doesn't clear all Python objects at exit

STINNER Victor added the comment: New changeset ed154c387efc5f978ec97900ec9e0ec6631d5498 by Victor Stinner (Hai Shi) in branch 'master': bpo-1635741: Port _json extension module to multiphase initialization (PEP 489) (GH-17835)

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Ned Deily added the comment: I should have checked first. The move was completed ahead of schedule and it's now back in service. The tests should no loner fail. https://lars.ingebrigtsen.no/2020/01/15/news-gmane-org-is-now-news-gmane-io/ -- ___

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

STINNER Victor added the comment: > FYI, gmane.io is down for a server move today. It should be back in service > by 2100 GMT. I propose to do nothing and wait. Travis CI is not currently preventing to merge a PR. -- ___ Python tracker

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Ned Deily added the comment: FYI, gmane.io is down for a server move today. It should be back in service by 2100 GMT. -- nosy: +ned.deily ___ Python tracker ___

[issue35058] Unable to Install Python on Windows

Change by Zachary Ware : -- Removed message: https://bugs.python.org/msg354421 ___ Python tracker ___ ___ Python-bugs-list mailing

[issue39344] Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found

Christian Heimes added the comment: It sounds like Python cannot load the OpenSSL DLLs or a dependency of the OpenSSL DLLs. IIRC the libraries are called libssl.dll and libcrypto.dll. The files must be in the current DLL search path. -- ___

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Change by Dong-hee Na : -- keywords: +patch pull_requests: +17411 stage: -> patch review pull_request: https://github.com/python/cpython/pull/18013 ___ Python tracker ___

[issue39344] Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found

Change by SilentGhost : -- assignee: -> christian.heimes components: +SSL nosy: +christian.heimes versions: +Python 3.8 ___ Python tracker ___

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Dong-hee Na added the comment: But for now on, IMHO skip is better choice. -- ___ Python tracker ___ ___ Python-bugs-list mailing

[issue38858] new_interpreter() should reuse more Py_InitializeFromConfig() code

STINNER Victor added the comment: FYI this change broke librepo which calls PyLong_FromLong() without holding the GIL. In Python 3.8, "it works". In Python 3.9, it does crash: get_small_int() gets a NULL tstate and then dereference a NULL pointer. librepo bug:

[issue35943] PyImport_GetModule() can return partially-initialized module

Joannah Nanjekye added the comment: The changes required to successfully do this backport are many and affect critical areas. I am not in a hurry to do this. If anyone else wants to take this up quickly, please do. -- ___ Python tracker

[issue39344] Getting error while importing ssl " import _ssl # if we can't import it, let the error propagate ImportError: DLL load failed while importing _ssl: The specified module could not be found

New submission from Ajaya : We have built python3.7.5 and python3.8.1 source code in windows 10 machine. I have created an embedded interptreter where i am trying to "import ssl" but it is failing with error "Journal execution results for D:\workdir\PR\9616145\9616145\journal.py... Syntax

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Dong-hee Na added the comment: s = nntplib.NNTP('nntp.perl.org') s = nntplib.NNTP('news.mozilla.org') I 've checked a few servers list to use. But I don't know that they are proper to use. -- ___ Python tracker

[issue35058] Unable to Install Python on Windows

Change by Karthikeyan Singaravelan : -- Removed message: https://bugs.python.org/msg360043 ___ Python tracker ___ ___

[issue35058] Unable to Install Python on Windows

Change by Karthikeyan Singaravelan : -- Removed message: https://bugs.python.org/msg360042 ___ Python tracker ___ ___

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

STINNER Victor added the comment: > Is this 2.7 only issue? I think it is too late. I vaguely recall that Christian Heimes wrote something about Python 3 in a private email, but I cannot find this email anymore :-p In case of doubt, I marked Python 3 as affected as well. --

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Dong-hee Na added the comment: Same for news.gmane.org >>> s = nntplib.NNTP('news.gmane.org') Traceback (most recent call last): File "", line 1, in File "/Users/corona10/oss/cpython/Lib/nntplib.py", line 1045, in __init__ self.sock = self._create_socket(timeout) File

[issue39104] ProcessPoolExecutor hangs on shutdown nowait with pickling failure

Patrick Buxton added the comment: Added core developer to get some feedback -- nosy: +patbuxton, pitrou ___ Python tracker ___ ___

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

Change by Dong-hee Na : -- nosy: +corona10 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35665] Function ssl.create_default_context raises exception on Windows 10 when called with ssl.Purpose.SERVER_AUTH) attribute

Pedja added the comment: This is still an issue. Serious one. People are unable to just remove this certificate as it is needed for everyday use. It is reasonable that application does not deal with invalid certificates. I can understand application to breaks if one tries to use invalid

[issue39164] Add private _PyErr_GetExcInfo() function which accepts a tstate argument

STINNER Victor added the comment: New changeset 3f12ac18a407983a23d43ae785e805e773571477 by Victor Stinner in branch 'master': bpo-39164: Fix compiler warning in PyErr_GetExcInfo() (GH-18010) https://github.com/python/cpython/commit/3f12ac18a407983a23d43ae785e805e773571477 --

[issue33351] Support compiling with clang-cl on Windows

Gisle Vanem added the comment: I will add to this issue my *only* compile problem I had using clang-cl ver 9. It has an issue with parsing the `frame_t` structure in Modules/_tracemalloc.c: Modules/_tracemalloc.c(64,11): error: declaration of anonymous struct must be a definition typedef

[issue39303] Refactor cmd module

Cheryl Sabella added the comment: Dan, thank you for your contribution. Please see the pull request for the motivation behind closing this. -- nosy: +cheryl.sabella resolution: -> rejected stage: patch review -> resolved status: open -> closed

[issue39340] shutil.rmtree and write protected files

Eryk Sun added the comment: I'm not certain exactly what you want Python to be doing here, but let's start out by clarifying some concepts. > Reproduction method linux > mkdir test; touch test/file.txt; chmod -w test/file.txt Unlinking a file requires write permission to the parent

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Serhiy Storchaka added the comment: Is this 2.7 only issue? I think it is too late. -- ___ Python tracker ___ ___ Python-bugs-list

[issue39222] unittest.mock.Mock.parent is broken or undocumented

Mario Corchero added the comment: > My suggestion would be to add `parent` to the docs @xtreak links to as a way > to resolve this issue. +1, we should probably add it on the docs of the constructor here https://docs.python.org/3/library/unittest.mock.html#unittest.mock.Mock as it is done

[issue35058] Unable to Install Python on Windows

Amelia smith added the comment: Steps to canon printer error b200 Fix by Canon Support .Dial Tollfree +1-800-570-3215 To Fix group b200 mistake, Canon Printer Error B200. https://www.printersupport24x7.com/questions/how-to-fix-canon-printer-error-b200/ --

[issue35058] Unable to Install Python on Windows

Amelia smith added the comment: Steps to canon printer error b200 Fix by Canon Support. Dial Tollfree +1-800-570-3215 To Fix group b200 mistake, Canon Printer Error B200. printersupport24x7.com/questions/how-to-fix-canon-printer-error-b200/ -- nosy: +ameliasmith010

[issue39318] NamedTemporaryFile could cause double-close on an fd if _TemporaryFileWrapper throws

Albert Zeyer added the comment: If you anyway accept that KeyboardInterrupt can potentially leak, by just using `except Exception`, it would also be solved here. -- ___ Python tracker

[issue39318] NamedTemporaryFile could cause double-close on an fd if _TemporaryFileWrapper throws

Robert Xiao added the comment: Could this be solvable if `closefd` were a writable attribute? Then we could do file = None try: file = io.open(fd, ..., closefd=False) file.closefd = True except: if file and not file.closefd: os.close(fd)

[issue39343] Travis CI: documentation job fails in library/nntplib.rst with random network issue on news.gmane.io

New submission from STINNER Victor : Should we disable documentation test on nntplib? It's surprising that test_nntplib test on the other Travis CI jobs. https://travis-ci.org/python/cpython/jobs/637325027 Warning, treated as error:

[issue39342] Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl

Change by Chris Burr : -- keywords: +patch pull_requests: +17410 stage: -> patch review pull_request: https://github.com/python/cpython/pull/18011 ___ Python tracker ___

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Karthikeyan Singaravelan added the comment: See also some discussion on regarding this class of vulnerability : https://bugs.python.org/issue36260 -- nosy: +serhiy.storchaka, xtreak ___ Python tracker

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

STINNER Victor added the comment: Is this issue a duplicate of bpo-36260 "[security] CVE-2019-9674: Zip Bomb vulnerability" which has been closed by documenting the issue (without touching zipfile.py)? The zipfile documentation now contains an explicit warning against ZIP bombs: """

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

STINNER Victor added the comment: Amit Laish reported the exact same vulnerability to rubyzip and they released a fix for it, CVE-2019-16892. -- ___ Python tracker ___

[issue39342] Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl

Change by Chris Burr : -- assignee: -> christian.heimes components: +SSL -Library (Lib) nosy: +christian.heimes ___ Python tracker ___

[issue39342] Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl

New submission from Chris Burr : Enabling proxy certificate validation requires X509_V_FLAG_ALLOW_PROXY_CERTS to be included in the verify flags.[1] This should be exposed as ssl.VERIFY_ALLOW_PROXY_CERTS to match with the other X509_V_FLAG_* variables.

[issue39341] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Change by STINNER Victor : Added file: https://bugs.python.org/file48845/malicious.zip ___ Python tracker ___ ___ Python-bugs-list mailing

[issue39341] [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Change by STINNER Victor : -- nosy: +christian.heimes, rschiron title: zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size -> [security] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size ___ Python

[issue39341] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Change by STINNER Victor : Added file: https://bugs.python.org/file48844/poc.py ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue39341] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

Change by STINNER Victor : Added file: https://bugs.python.org/file48843/create_zip.py ___ Python tracker ___ ___ Python-bugs-list mailing

[issue39341] zipfile: ZIP Bomb vulnerability, don't check announced uncompressed size

New submission from STINNER Victor : Laish, Amit (GE Digital) reported a vulnerability in the zipfile module to the PSRT list. The module is vulnerable to ZIP Bomb: https://en.wikipedia.org/wiki/Zip_bomb A 100 KB malicious ZIP file announces an uncompressed size of 1 byte but extracting it

[issue39340] shutil.rmtree and write protected files

New submission from Peter Liedholm : Ubuntu 18.4 and Windows 7 has different behaviour when deleting write protected files with rmtree. Ubuntu silently deletes them (unexpected?) Windows moans about access denied (expected?) Reproduction method linux mkdir test; touch test/file.txt; chmod -w

[issue39310] Add math.ulp(x): unit in the last place

Mark Dickinson added the comment: [Brett] > Can I just say that "ulp" is totally non-obvious what that even means unless > you have a specific math background? It's a good point. I guess we have a choice between using the domain-specific standard-ish name (which should be immediately

[issue39164] Add private _PyErr_GetExcInfo() function which accepts a tstate argument

Change by STINNER Victor : -- pull_requests: +17409 pull_request: https://github.com/python/cpython/pull/18010 ___ Python tracker ___

[issue8800] add threading.RWLock

Andrew Svetlov added the comment: Thanks for sharing, your project looks viable! -- ___ Python tracker ___ ___ Python-bugs-list

[issue39339] ProcessPoolExecutor() Exception in thread QueueManagerThread

Change by ss <1162276...@qq.com>: -- title: Exception in thread QueueManagerThread -> ProcessPoolExecutor() Exception in thread QueueManagerThread ___ Python tracker ___

[issue39339] Exception in thread QueueManagerThread

New submission from ss <1162276...@qq.com>: os.cpu_count() is 64, but 61 to 64 raise Exception in thread QueueManagerThread Error: ValueError: need at most 63 handles, got a sequence of length 63. -- components: Windows messages: 360030 nosy: paul.moore, pythonpython, steve.dower,