setup.py | 13 5 + 8 - 0 !
1 file changed, 5 insertions(+), 8 deletions(-)

---

Lib/pydoc.py | 4 4 + 0 - 0 !
Misc/python.man | 2 1 + 1 - 0 !
2 files changed, 5 insertions(+), 1 deletion(-)

---

Lib/distutils/command/install.py | 43 42 + 1 - 0 !
Lib/distutils/command/install_egg_info.py | 30 25 + 5 - 0 !
Lib/distutils/sysconfig.py | 7 7 + 0 - 0 !
Lib/distutils/tests/test_bdist_dumb.py | 2 1 + 1 - 0 !
Lib/distutils/tests/test_install.py | 4 2 + 2 - 0 !
Lib/pydoc.py | 1 1 + 0 - 0 !
Lib/site.py | 23 20 + 3 - 0 !
Lib/test/test_site.py | 7 4 + 3 - 0 !
8 files changed, 102 insertions(+), 15 deletions(-)

---

Lib/locale.py | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---

Lib/distutils/unixccompiler.py | 11 11 + 0 - 0 !
1 file changed, 11 insertions(+)

---

Lib/distutils/sysconfig.py | 15 13 + 2 - 0 !
1 file changed, 13 insertions(+), 2 deletions(-)

---

Lib/tkinter/__init__.py | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

---

Lib/dbm/gnu.py | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

---

configure.ac | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

---

Modules/Setup.dist | 11 5 + 6 - 0 !
1 file changed, 5 insertions(+), 6 deletions(-)

---

Lib/platform.py | 25 24 + 1 - 0 !
Lib/test/test_platform.py | 22 0 + 22 - 0 !
2 files changed, 24 insertions(+), 23 deletions(-)

---

Lib/distutils/command/bdist_wininst.py | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

---

Makefile.pre.in | 10 10 + 0 - 0 !
1 file changed, 10 insertions(+)

---

Modules/makesetup | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---

Modules/posixmodule.c | 2 2 + 0 - 0 !
Modules/socketmodule.c | 2 2 + 0 - 0 !
2 files changed, 4 insertions(+)

---

setup.py | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

---

Lib/gettext.py | 15 15 + 0 - 0 !
1 file changed, 15 insertions(+)

 support alternative gettext tree in
# DP: /usr/share/locale-langpack; if a file is present in both trees,
# DP: prefer the newer one
# DP: Upstream status: Ubuntu-Specific

configure.ac | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

---

configure.ac | 18 14 + 4 - 0 !
1 file changed, 14 insertions(+), 4 deletions(-)

---

Lib/argparse.py | 11 10 + 1 - 0 !
1 file changed, 10 insertions(+), 1 deletion(-)

---

Lib/ctypes/util.py | 15 13 + 2 - 0 !
1 file changed, 13 insertions(+), 2 deletions(-)

---

Makefile.pre.in | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---

Lib/distutils/sysconfig.py | 5 5 + 0 - 0 !
Lib/sysconfig.py | 8 8 + 0 - 0 !
Makefile.pre.in | 8 7 + 1 - 0 !
Python/sysmodule.c | 9 9 + 0 - 0 !
configure.ac | 9 7 + 2 - 0 !
5 files changed, 36 insertions(+), 3 deletions(-)

---

Lib/lib2to3/pgen2/driver.py | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

---

Lib/distutils/command/build_ext.py | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---

Tools/scripts/run_tests.py | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

---

Lib/distutils/command/install.py | 3 3 + 0 - 0 !
Lib/distutils/command/install_lib.py | 4 4 + 0 - 0 !
Lib/distutils/dir_util.py | 13 13 + 0 - 0 !
3 files changed, 20 insertions(+)

---

Lib/distutils/sysconfig.py | 35 4 + 31 - 0 !
1 file changed, 4 insertions(+), 31 deletions(-)

---

Lib/tempfile.py | 145 142 + 3 - 0 !
1 file changed, 142 insertions(+), 3 deletions(-)

---

Lib/distutils/tests/test_build_ext.py | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---

Lib/ensurepip/__init__.py | 68 47 + 21 - 0 !
1 file changed, 47 insertions(+), 21 deletions(-)

---

Lib/ensurepip/__init__.py | 33 33 + 0 - 0 !
Lib/venv/__init__.py | 23 22 + 1 - 0 !
2 files changed, 55 insertions(+), 1 deletion(-)

---

Modules/_decimal/_decimal.c | 4 0 + 4 - 0 !
1 file changed, 4 deletions(-)

---

Lib/distutils/sysconfig.py | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

---

Makefile.pre.in | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---

Lib/pydoc.py | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---

Python/pyhash.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

---

Lib/lib2to3/tests/test_parser.py | 65 0 + 65 - 0 !
1 file changed, 65 deletions(-)

---

Objects/bytesobject.c | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 [patch] bpo-30657: fix cve-2017-1000158 (#4664)

Fixes possible integer overflow in PyBytes_DecodeEscape.

Co-Authored-By: Jay Bosamiya <jaybosamiya@gmail.com>

Lib/difflib.py | 2 1 + 1 - 0 !
Lib/poplib.py | 2 1 + 1 - 0 !
Lib/test/test_difflib.py | 22 21 + 1 - 0 !
Lib/test/test_poplib.py | 12 11 + 1 - 0 !
4 files changed, 34 insertions(+), 4 deletions(-)

 [patch] [3.5] bpo-32981: fix catastrophic backtracking vulns
 (GH-5955) (#6034)

* Prevent low-grade poplib REDOS (CVE-2018-1060)

The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.

Replace it with a similar non-vulnerable regex.

The new regex is RFC compliant.
The old regex was non-compliant in edge cases.

Include/pyexpat.h | 4 3 + 1 - 0 !
Modules/_elementtree.c | 5 5 + 0 - 0 !
Modules/pyexpat.c | 5 5 + 0 - 0 !
3 files changed, 13 insertions(+), 1 deletion(-)

 [patch] bpo-34623: use xml_sethashsalt in _elementtree (gh-9146)

The C accelerated _elementtree module now initializes hash randomization
salt from _Py_HashSecret instead of libexpat's default CPRNG.

Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue34623
(cherry picked from commit cb5778f00ce48631c7140f33ba242496aaf7102b)

Co-authored-by: Christian Heimes <christian@python.org>