Breaking

Friday, April 2, 2021

Home / Unlabelled / Python 3.9.3 and 3.8.9 are now available

Python 3.9.3 and 3.8.9 are now available

by on

Those are expedited security releases, recommended to all users. Get them here:

https://www.python.org/downloads/release/python-389/

Note: 3.9.3 has been recalled due to introducing unintentional ABI incompatibility. Download 3.9.4 instead: https://www.python.org/downloads/release/python-394/.

Security Content



  • bpo-43631:
    high-severity CVE-2021-3449 and CVE-2021-3450 were published for
    OpenSSL, it’s been upgraded to 1.1.1k in CI, and macOS and Windows
    installers.

  • bpo-42988:
    CVE-2021-3426: Remove the getfile feature of the pydoc module which
    could be abused to read arbitrary files on the disk (directory traversal
    vulnerability). Moreover, even source code of Python modules can
    contain sensitive data like passwords. Vulnerability reported by David
    Schwörer.

  • bpo-43285: ftplib no
    longer trusts the IP address value returned from the server in response
    to the PASV command by default. This prevents a malicious FTP server
    from using the response to probe IPv4 address and port combinations on
    the client network. Code that requires the former vulnerable behavior
    may set a trust_server_pasv_ipv4_address attribute on their ftplib.FTP
    instances to True to re-enable it.

  • bpo-43439: Add audit hooks for gc.get_objects(), gc.get_referrers() and gc.get_referents(). Patch by Pablo Galindo.


Release Calendar

Baca Juga

    Due to the security fixes, those releases are made a month sooner
    than planned. I decided to keep the release calendar intact, meaning
    that the last full regular maintenance release of
    Python 3.8 is still planned for May 3rd 2021, after which it will shift
    to source releases only for security bug fixes only. Maintenance
    releases for the 3.9 series will continue at regular bi-monthly
    intervals, with 3.9.3 planned for May 3rd 2021 as well.



    What’s new?


    The Python 3.9 series contains many new features and optimizations over 3.8. See the “What’s New in Python 3.9 ” document for more information about features included in the 3.9 series. We also have a detailed change log for 3.9.3 specifically.


    Detailed information about all changes made in version 3.8.9 can be found in its respective changelog.



    We hope you enjoy those new releases!


    Thanks to all of the many volunteers who help make Python Development
    and these releases possible! Please consider supporting our efforts by
    volunteering yourself or through organization contributions to the
    Python Software Foundation.


    Your friendly release team,

    Ned Deily @nad

    Steve Dower @steve.dower

    Łukasz Langa @ambv

    Author Image

    About Under
    Media Sharing Informasi Android, Komputer, Bisnis, Kesehatan, Wisata, Tutorial, Download Aplikasi, Tips dan Triks.

    Newer Article Create Local APT Repository in Ubuntu 20.04 LTS Older Article A Piglet's Tale Short Film Review
    Related Posts:
    By

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)