pkgsrc.se | The NetBSD package collection

Log message:
python314 py314-html-docs: updated to 3.14.6

Python 3.14.6

Security
gh-151159: Update Android and iOS installers to use OpenSSL 3.5.7.
gh-150599: Fix a possible stack buffer overflow in bz2 when a \ 
bz2.BZ2Decompressor is reused after a decompression error. The decompressor now \ 
becomes unusable after libbz2 reports an error.
gh-149835: shutil.move() now resolves symlinks via os.path.realpath() when \ 
checking whether the destination is inside the source directory, preventing a \ 
symlink-based bypass of that guard.
gh-149698: Update bundled libexpat to version 2.8.1 for the fix for CVE 2026-45186.
gh-87451: The ftplib module’s undocumented ftpcp function no longer trusts the \ 
IPv4 address value returned from the source server in response to the PASV \ 
command by default, completing the fix for CVE-2021-4189. As with ftplib.FTP, \ 
the former behavior can be re-enabled by setting the \ 
trust_server_pasv_ipv4_address attribute on the source ftplib.FTP instance to \ 
True. Thanks to Qi Deng at Aurascape AI for the report.
gh-149486: tarfile.data_filter() now validates link targets using the same \ 
normalised value that is written to disk, strips trailing separators from the \ 
member name when resolving a symlink’s directory, and rejects link members \ 
that would replace the destination directory itself. This closes several \ 
path-traversal bypasses of the data extraction filter.
gh-149079: Fix a potential denial of service in unicodedata.normalize(). The \ 
canonical ordering step of Unicode normalization used a quadratic-time insertion \ 
sort for reordering combining characters, which could be exploited with crafted \ 
input containing many combining characters in non-canonical order. Replaced with \ 
a linear-time counting sort for long runs.
gh-149018: Improved protection against XML hash-flooding attacks in \ 
xml.parsers.expat and xml.etree.ElementTree when Python is compiled with \ 
libExpat 2.8.0 or later.
Core and Builtins
gh-151112: Fix a crash in the compiler that could occur when running out of memory.

gh-151126: Fix a crash, when there’s no memory left on a device, which happened in:

code compilation - _winapi.CreateProcess()
Now these places raise proper MemoryError errors.

gh-150700: Fix a SystemError when compiling a class-scope comprehension \ 
containing a lambda that references __class__, __classdict__, or \ 
__conditional_annotations__. Patch by Bartosz Sławecki.

gh-150633: Fix the frozen importer accepting module names with embedded null \ 
bytes, which caused it to bypass the sys.modules cache and create duplicate \ 
module objects.

gh-148613: Fix a data race in the free-threaded build between gc.set_threshold() \ 
and garbage collection scheduling during object allocation.

gh-149156: Fix an intermittent crash after os.fork() when perf trampoline \ 
profiling is enabled and the child returns through trampoline frames inherited \ 
from the parent process.

gh-149449: Fix a use-after-free crash when the unicodedata module was removed \ 
from sys.modules and garbage-collected between calls that decode \N{...} escapes \ 
or use the namereplace codec error handler.

gh-150207: Fix a crash when a memory allocation fails during tokenizer \ 
initialization. A proper MemoryError is now raised instead.

gh-150107: asyncio: sendfile() and sock_sendfile() event loop methods now call \ 
file.seek(offset) if file has a seek() method, even if offset is 0 (default \ 
value).

gh-150146: Fix a crash on a complex type variable substitution.

from typing import TypeVar; \ 
memoryview[TypeVar("")][*typing.Mapping[..., ...]] used to fail due to \ 
missing NULL check on _unpack_args C function call.

gh-149590: Fix crash when faulthandler is imported more than once.

gh-149816: Fix a race condition in _PyBytes_FromList in free-threading mode.

gh-149816: Fix a race condition in memoryview with free-threading.

gh-149805: Fix a SystemError when compiling a compiling __classdict__ class \ 
annotation.

gh-149738: sqlite3: Disallow removing row_factory and text_factory attributes of \ 
a connection to prevent a crash on a query.

gh-139808: Add branch protections for AArch64 (BTI/PAC) in assembly code used by \ 
-X perf_jit (Linux perf profiler integration).

gh-148450: Fix abc.register() so it invalidates type version tags for registered \ 
classes.
Library
gh-151039: Fix a crash when static datetime types outlive the _datetime module.
gh-150913: Fix sqlite3.Blob slice assignment to raise TypeError and IndexError \ 
for type and size mismatches respectively, even when the target slice is empty.
gh-143008: Fix race conditions when re-initializing a io.TextIOWrapper object.
gh-150750: Fix a race condition in collections.deque.index() with free-threading.
gh-150685: Update bundled pip to 26.1.2
gh-150406: Fix a possible crash occurring during socket module initialization \ 
when the system is out of memory on platforms without a reentrant gethostbyname.
gh-150372: readline: Fix a potential crash during tab completion caused by an \ 
out-of-memory error during module initialization.
gh-150157: Fix a crash in free-threaded builds that occurs when pickling by name \ 
objects without a __module__ attribute while sys.modules is concurrently being \ 
modified.
gh-150175: Fix race condition in unittest.mock.ThreadingMock where concurrent \ 
calls could lose increments to call_count and other attributes due to a missing \ 
lock in _increment_mock_call.
gh-84353: Preserve non-UTF-8 encoded filenames when appending to a \ 
zipfile.ZipFile. Previously, non-ASCII names stored in a legacy encoding \ 
(without the UTF-8 flag bit set) could be corrupted when the central directory \ 
was rewritten: they were decoded as cp437 and then re-stored as UTF-8.
gh-149816: Fix race condition in ssl.SSLContext.sni_callback
gh-149995: Update various docstrings in typing.
gh-88726: The email package now uses standard MIME charset names “gb2312” \ 
and “big5” instead of non-standard names “eucgb2312_cn” and \ 
“big5_tw”.
gh-149571: Fix the C implementation of xml.etree.ElementTree.Element.itertext(): \ 
it no longer emits text for comments and processing instructions.
gh-149921: Fix reference leaks in error paths of the _interpchannels and \ 
_interpqueues extension modules.
gh-149816: Fix a race condition in _random.Random.__init__ method in \ 
free-threading mode.
gh-149801: Add IANA registered names and aliases with leading zeros before \ 
number (like IBM00858, CP00858, IBM01140, CP01140) for corresponding codecs.
gh-149701: Fix bad return code from Lib/venv/bin/activate if hashing is disabled
gh-112821: In the REPL, autocompletion might run arbitrary code in the getter of \ 
a descriptor. If that getter raised an exception, autocompletion would fail to \ 
present any options for the entire object. Autocompletion now works as expected \ 
for these objects.
gh-149489: Fix ElementTree serialization to HTML. The content of elements \ 
“xmp”, “iframe”, “noembed”, “noframes”, and “plaintext” is \ 
no longer escaped. The “plaintext” element no longer have the closing tag.
gh-149231: In tomllib, the number of parts in TOML keys is now limited.
gh-149046: io: Fix io.StringIO serialization: no longer call str(obj) on str \ 
subclasses. Patch by Thomas Kowalski.
gh-148954: Fix XML injection vulnerability in xmlrpc.client.dumps() where the \ 
methodname was not being escaped before interpolation into the XML body.
gh-148441: xml.parsers.expat: prevent a crash in CharacterDataHandler() when the \ 
character data size exceeds the parser’s buffer size.
gh-146452: Fix segfault in pickle when pickling a dictionary concurrently \ 
mutated by another thread in the free-threaded build.
gh-142831: Fix a crash in the json module where a use-after-free could occur if \ 
the object being encoded is modified during serialization.
gh-90949: Add SetBillionLaughsAttackProtectionActivationThreshold() and \ 
SetBillionLaughsAttackProtectionMaximumAmplification() to xmlparser objects to \ 
tune protections against billion laughs attacks. Patch by Bénédikt Tran.
gh-134261: zip: On reproducible builds, ZipFile uses UTC instead of the local \ 
time when writing file datetimes to avoid underflows.
gh-128110: Fix bug in the parsing of email address headers that could result in \ 
extraneous spaces in the decoded text when using a modern email policy. Space \ 
between pairs of adjacent RFC 2047 encoded-words is now ignored, per section 6.2 \ 
(and consistent with existing parsing of unstructured headers like Subject).
gh-107398: Fix tarfile stream mode exception when process the file with the gzip \ 
extra field.
gh-123853: Update the table of Windows language code identifiers (LCIDs) used by \ 
locale.getdefaultlocale() on Windows to protocol version 16.0 (2024-04-23).
gh-91099: imaplib.IMAP4.login() now raises exceptions with str instead of bytes. \ 
Patch by Florian Best.
Documentation
gh-150319: Generic builtin and standard library types now document the meaning \ 
of their type parameters.
gh-109503: Fix documentation for shutil.move() on usage of os.rename() since \ 
nonatomic move might be used even if the files are on the same filesystem. Patch \ 
by Fang Li
Tests
gh-151130: Add more tests for PyWeakref_* C API.
gh-149776: Fix test_socket on Linux kernel 7.1 and newer: skip UDP Lite tests if \ 
it’s not supported. Patch by Victor Stinner.
Build
gh-148294: Corrected the use of AC_PATH_TOOL in configure.ac to allow a C++ \ 
compiler to be found on PATH.
Windows
gh-151159: Updated bundled version of OpenSSL to 3.5.7.
macOS
gh-151159: Update macOS installer to use OpenSSL 3.5.7.
gh-150644: When system logging is enabled (with config.use_system_logger, \ 
messages are now tagged as public. This allows the macOS 26 system logger to \ 
view messages without special configuration.
gh-115119: Update macOS installer to use libmpdecimal 4.0.1.
IDLE
bpo-6699: Warn the user if a file will be overwritten when saving.
C API
gh-150907: Fix dynamic_annotations.h header file when built with C++ and \ 
Valgrind: add extern "C++" scope for the C++ template. Patch by Victor \ 
Stinner.
gh-145235: Made PyDict_AddWatcher(), PyDict_ClearWatcher(), PyDict_Watch(), and \ 
PyDict_Unwatch() thread-safe on the free threaded build.

Log message:
python314: fix terminfo support in REPL

Bump PKGREVISION.

Log message:
python314: regenerate patch, NFCI

Log message:
python314 py314-html-docs: updated to 3.14.5

Python 3.14.5

Security

gh-148178: Hardened _remote_debugging by validating remote debug offset tables \ 
before using them to size memory reads or interpret remote layouts.

Core and Builtins

gh-146270: Fix a sequential consistency bug in structmember.c.
gh-137293: Fix SystemError when searching ELF Files in sys.remote_exec().

Library

gh-149388: Make asyncio.windows_utils.PipeHandle closing idempotent.
gh-149377: Update bundled pip to 26.1.1
gh-138907: Support RFC 9309 in urllib.robotparser.
gh-148615: Fix pdb to accept standard – end of options separator. Reported by \ 
haampie. Patched by Shrey Naithani.
gh-130750: Restore quoting of choices in argparse error messages for improved \ 
clarity and consistency with documentation.
gh-141449: Improve tests and documentation for non-function callables as \ 
annotate functions.

Tests

gh-149425: Increase time delta in \ 
test.test_zipfile.test_core.OtherTests.test_write_without_source_date_epoch
gh-145736: Fix test_tkinter test_configure_values test case backport miss for Tk 9.

macOS

gh-142295: For Python macOS framework builds, update Info.plist files to be more \ 
compliant with current Apple guidelines. Original patch contributed by Martinus \ 
Verburg.
gh-124111: Update macOS installer to use Tcl/Tk 9.0.3.

Log message:
python314 py314-html-docs: updated to 3.14.4

Python 3.14.4

Security

gh-145986: xml.parsers.expat: Fixed a crash caused by unbounded C recursion when \ 
converting deeply nested XML content models with ElementDeclHandler(). This \ 
addresses CVE 2026-4224.
gh-145599: Reject control characters in http.cookies.Morsel update() and \ 
js_output(). This addresses CVE 2026-3644.
gh-145506: Fixes CVE 2026-2297 by ensuring that SourcelessFileLoader uses \ 
io.open_code() when opening .pyc files.
gh-144370: Disallow usage of control characters in status in wsgiref.handlers to \ 
prevent HTTP header injections. Patch by Benedikt Johannes.
gh-143930: Reject leading dashes in URLs passed to webbrowser.open().

Core and Builtins

gh-148157: Fix an unlikely crash when parsing an invalid type comments for \ 
function parameters. Found by OSS Fuzz in 492782951.

gh-148144: Initialize _PyInterpreterFrame.visited when copying interpreter \ 
frames so incremental GC does not read an uninitialized byte from generator and \ 
frame-object copies.

gh-146615: Fix a crash in __get__() for METH_METHOD descriptors when an invalid \ 
(non-type) object is passed as the second argument. Patch by Steven Sun.

gh-146308: Fixed several error handling issues in the _remote_debugging module, \ 
including safer validation of remote int objects, clearer asyncio task chain \ 
failures, and cache cleanup fixes that avoid leaking or double-freeing metadata \ 
on allocation failure. Patch by Pablo Galindo.

gh-146128: Fix a bug which could cause constant values to be partially corrupted \ 
in AArch64 JIT code. This issue is theoretical, and hasn’t actually been \ 
observed in unmodified Python interpreters.

gh-146250: Fixed a memory leak in SyntaxError when re-initializing it.

gh-146245: Fixed reference leaks in socket when audit hooks raise exceptions in \ 
socket.getaddrinfo() and socket.sendto().

gh-146196: Fix potential Undefined Behavior in PyUnicodeWriter_WriteASCII() by \ 
adding a zero-length check. Patch by Shamil Abdulaev.

gh-146227: Fix wrong type in _Py_atomic_load_uint16 in the C11 atomics backend \ 
(pyatomic_std.h), which used a 32-bit atomic load instead of 16-bit. Found by \ 
Mohammed Zuhaib.

gh-146056: Fix repr() for lists and tuples containing NULLs.

gh-146092: Handle properly memory allocation failures on str and float opcodes. \ 
Patch by Victor Stinner.

gh-146041: Fix free-threading scaling bottleneck in sys.intern() and \ 
PyObject_SetAttr() by avoiding the interpreter-wide lock when the string is \ 
already interned and immortalized.

gh-145990: python --help-env sections are now sorted by environment variable name.

gh-145990: python --help-xoptions is now sorted by -X option name.

gh-145376: Fix GC tracking in structseq.__replace__().

gh-145792: Fix out-of-bounds access when invoking faulthandler on a CPython \ 
build compiled without support for VLAs.

gh-142183: Avoid a pathological case where repeated calls at a specific stack \ 
depth could be significantly slower.

gh-145779: Improve scaling of classmethod() and staticmethod() calls in the \ 
free-threaded build by avoiding the descriptor __get__ call.

gh-145783: Fix an unlikely crash in the parser when certain errors were \ 
erroneously not propagated. Found by OSS Fuzz in 491369109.

gh-145685: Improve scaling of type attribute lookups in the free-threaded build \ 
by avoiding contention on the internal type lock.

gh-145701: Fix SystemError when __classdict__ or __conditional_annotations__ is \ 
in a class-scope inlined comprehension. Found by OSS Fuzz in 491105000.

gh-145713: Make bytearray.resize() thread-safe in the free-threaded build by \ 
using a critical section and calling the lock-held variant of the resize \ 
function.

gh-145615: Fixed a memory leak in the free-threaded build where mimalloc pages \ 
could become permanently unreclaimable until the owning thread exited.

gh-145566: In the free threading build, skip the stop-the-world pause when \ 
reassigning __class__ on a newly created object.

gh-145335: Fix a crash in os.pathconf() when called with -1 as the path argument.

gh-145036: In free-threaded build, fix race condition when calling __sizeof__() \ 
on a list

gh-145376: Fix reference leaks in various unusual error scenarios.

gh-145234: Fixed a SystemError in the parser when an encoding cookie (for \ 
example, UTF-7) decodes to carriage returns (\r). Newlines are now normalized \ 
after decoding in the string tokenizer.

Patch by Pablo Galindo.

gh-130555: Fix use-after-free in dict.clear() when the dictionary values are \ 
embedded in an object and a destructor causes re-entrant mutation of the \ 
dictionary.

gh-145187: Fix compiler assertion fail when a type parameter bound contains an \ 
invalid expression in a conditional block.

gh-145142: Fix a crash in the free-threaded build when the dictionary argument \ 
to str.maketrans() is concurrently modified.

gh-144872: Fix heap buffer overflow in the parser found by OSS-Fuzz.

gh-144766: Fix a crash in fork child process when perf support is enabled.

gh-144759: Fix undefined behavior in the lexer when start and multi_line_start \ 
pointers are NULL in _PyLexer_remember_fstring_buffers() and \ 
_PyLexer_restore_fstring_buffers(). The NULL pointer arithmetic (NULL - \ 
valid_pointer) is now guarded with explicit NULL checks.

gh-144563: Fix interaction of the Tachyon profiler and ctypes and other modules \ 
that load the Python shared library (if present) in an independent map as this \ 
was causing the mechanism that loads the binary information to be confused. \ 
Patch by Pablo Galindo

gh-144601: Fix crash when importing a module whose PyInit function raises an \ 
exception from a subinterpreter.

gh-144438: Align the QSBR thread state array to a 64-byte cache line boundary to \ 
avoid false sharing in the free-threaded build.

gh-144513: Fix potential deadlock when using critical sections during \ 
stop-the-world pauses in the free-threaded build.

gh-144446: Fix data races in the free-threaded build when reading frame object \ 
attributes while another thread is executing the frame.

gh-143636: Fix a crash when calling SimpleNamespace.__replace__() on \ 
non-namespace instances. Patch by Bénédikt Tran.

gh-143650: Fix race condition in importlib where a thread could receive a stale \ 
module reference when another thread’s import fails.

gh-141732: Ensure the __repr__() for ExceptionGroup and BaseExceptionGroup does \ 
not change when the exception sequence that was original passed in to its \ 
constructor is subsequently mutated.

gh-140594: Fix an out of bounds read when a single NUL character is read from \ 
the standard input. Patch by Shamil Abdulaev.

gh-91636: While performing garbage collection, clear weakrefs to unreachable \ 
objects that are created during running of finalizers. If those weakrefs were \ 
are not cleared, they could reveal unreachable objects.

gh-130327: Fix erroneous clearing of an object’s __dict__ if overwritten at \ 
runtime.

gh-80667: Literals using the \N{name} escape syntax can now construct CJK \ 
ideographs and Hangul syllables using case-insensitive names.

Library

gh-144503: Fix a regression introduced in 3.14.3 and 3.13.12 where the \ 
multiprocessing forkserver start method would fail with BrokenPipeError when the \ 
parent process had a very large sys.argv. The argv is now passed to the \ 
forkserver as separate command-line arguments rather than being embedded in the \ 
-c command string, avoiding the operating system’s per-argument length limit.
gh-146613: itertools: Fix a crash in itertools.groupby() when the grouper \ 
iterator is concurrently mutated.
gh-146080: ssl: fix a crash when an SNI callback tries to use an SSL object that \ 
has already been garbage-collected. Patch by Bénédikt Tran.
gh-146556: Fix annotationlib.get_annotations() hanging indefinitely when called \ 
with eval_str=True on a callable that has a circular __wrapped__ chain (e.g. \ 
f.__wrapped__ = f). Cycle detection using an id-based visited set now stops the \ 
traversal and falls back to the globals found so far, mirroring the approach of \ 
inspect.unwrap().
gh-146090: sqlite3: fix a crash when sqlite3.Connection.create_collation() fails \ 
with SQLITE_BUSY. Patch by Bénédikt Tran.
gh-146090: sqlite3: properly raise MemoryError instead of SystemError when a \ 
context callback fails to be allocated. Patch by Bénédikt Tran.
gh-145633: Fix struct.pack('f', float): use PyFloat_Pack4() to raise \ 
OverflowError. Patch by Sergey B Kirpichev and Victor Stinner.
gh-146310: The ensurepip module no longer looks for pip-*.whl wheel packages in \ 
the current directory.
gh-146083: Update bundled libexpat to version 2.7.5.
gh-146076: zoneinfo: fix crashes when deleting _weak_cache from a \ 
zoneinfo.ZoneInfo subclass.
gh-146054: Limit the size of encodings.search_function() cache. Found by OSS \ 
Fuzz in 493449985.
gh-146004: All -X options from the Python command line are now propagated to \ 
child processes spawned by multiprocessing, not just a hard-coded subset. This \ 
makes the behavior consistent between default “spawn” and “forkserver” \ 
start methods and the old “fork” start method. The options that were \ 
previously not propagated are: context_aware_warnings, cpu_count, \ 
disable-remote-debug, int_max_str_digits, lazy_imports, no_debug_ranges, \ 
pathconfig_warnings, perf, perf_jit, presite, pycache_prefix, \ 
thread_inherit_context, and warn_default_encoding.
gh-145883: zoneinfo: Fix heap buffer overflow reads from malformed TZif data. \ 
Found by OSS Fuzz, issues 492245058 and 492230068.
gh-145754: Request signature during mock autospec with FORWARDREF annotation \ 
format. This prevents runtime errors when an annotation uses a name that is not \ 
defined at runtime.
gh-145750: Avoid undefined behaviour from signed integer overflow when parsing \ 
format strings in the struct module. Found by OSS Fuzz in 488466741.
gh-145492: Fix infinite recursion in collections.defaultdict __repr__ when a \ 
defaultdict contains itself. Based on analysis by KowalskiThomas in gh-145492.
gh-145623: Fix crash in struct when calling repr() or __sizeof__() on an \ 
uninitialized struct.Struct object created via Struct.__new__() without calling \ 
__init__().
gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on \ 
64-bit ARM kernel
gh-145551: Fix InvalidStateError when cancelling process created by \ 
asyncio.create_subprocess_exec() or asyncio.create_subprocess_shell(). Patch by \ 
Daan De Meyer.
gh-145446: Now functools is safer in free-threaded build when using keywords in \ 
functools.partial()
gh-145417: venv: Prevent incorrect preservation of SELinux context when copying \ 
the Activate.ps1 script. The script inherited the SELinux security context of \ 
the system template directory, rather than the destination project directory.
gh-145376: Fix double free and null pointer dereference in unusual error \ 
scenarios in hashlib and hmac modules.
gh-145301: hmac: fix a crash when the initialization of the underlying C \ 
extension module fails.
gh-145301: hashlib: fix a crash when the initialization of the underlying C \ 
extension module fails.
gh-145264: Base64 decoder (see binascii.a2b_base64(), base64.b64decode(), etc) \ 
no longer ignores excess data after the first padded quad in non-strict \ 
(default) mode. Instead, in conformance with RFC 4648, section 3.3, it now \ 
ignores the pad character, “=”, if it is present before the end of the \ 
encoded data.
gh-145158: Avoid undefined behaviour from signed integer overflow when parsing \ 
format strings in the struct module.
gh-144984: Fix crash in xml.parsers.expat.xmlparser.ExternalEntityParserCreate() \ 
when an allocation fails. The error paths could dereference NULL handlers and \ 
double-decrement the parent parser’s reference count.
gh-88091: Fix unicodedata.decomposition() for Hangul characters.
gh-144986: Fix a memory leak in atexit.register(). Patch by Shamil Abdulaev.
gh-144777: Fix data races in io.IncrementalNewlineDecoder in the free-threaded build.
gh-144809: Make collections.deque copy atomic in the free-threaded build.
gh-144835: Added missing explanations for some parameters in glob.glob() and \ 
glob.iglob().
gh-144833: Fixed a use-after-free in ssl when SSL_new() returns NULL in \ 
newPySSLSocket(). The error was reported via a dangling pointer after the object \ 
had already been freed.
gh-144782: Fix argparse.ArgumentParser to be pickleable.
gh-144259: Fix inconsistent display of long multiline pasted content in the REPL.
gh-144156: Fix the folding of headers by the email library when RFC 2047 encoded \ 
words are used. Now whitespace is correctly preserved and also correctly added \ 
between adjacent encoded words. The latter property was broken by the fix for \ 
gh-92081, which mostly fixed previous failures to preserve whitespace.
gh-66305: Fixed a hang on Windows in the tempfile module when trying to create a \ 
temporary file or subdirectory in a non-writable directory.
gh-140814: multiprocessing.freeze_support() no longer sets the default start \ 
method as a side effect, which previously caused a subsequent \ 
multiprocessing.set_start_method() call to raise RuntimeError.
gh-144475: Calling repr() on functools.partial() is now safer when the partial \ 
object’s internal attributes are replaced while the string representation is \ 
being generated.
gh-144538: Bump the version of pip bundled in ensurepip to version 26.0.1
gh-144494: Fix performance regression in asyncio.all_tasks() on free-threaded \ 
builds. Patch by Kumar Aditya.
gh-144316: Fix crash in _remote_debugging that caused test_external_inspection \ 
to intermittently fail. Patch by Taegyun Kim.
gh-144363: Update bundled libexpat to 2.7.4
gh-143637: Fixed a crash in socket.sendmsg() that could occur if ancillary data \ 
is mutated re-entrantly during argument parsing.
gh-143543: Fix a crash in itertools.groupby that could occur when a user-defined \ 
__eq__() method re-enters the iterator during key comparison.
gh-140652: Fix a crash in _interpchannels.list_all() after closing a channel.
gh-143698: Allow scheduler and setpgroup arguments to be explicitly None when \ 
calling os.posix_spawn() or os.posix_spawnp(). Patch by Bénédikt Tran.
gh-143698: Raise TypeError instead of SystemError when the scheduler in \ 
os.posix_spawn() or os.posix_spawnp() is not a tuple. Patch by Bénédikt Tran.
gh-142516: ssl: fix reference leaks in ssl.SSLContext objects. Patch by \ 
Bénédikt Tran.
gh-143304: Fix ctypes.CDLL to honor the handle parameter on POSIX systems.
gh-142781: zoneinfo: fix a crash when instantiating ZoneInfo objects for which \ 
the internal class-level cache is inconsistent.
gh-142763: Fix a race condition between zoneinfo.ZoneInfo creation and \ 
zoneinfo.ZoneInfo.clear_cache() that could raise KeyError.
gh-142787: Fix assertion failure in sqlite3 blob subscript when slicing with \ 
indices that result in an empty slice.
gh-142352: Fix asyncio.StreamWriter.start_tls() to transfer buffered data from \ 
StreamReader to the SSL layer, preventing data loss when upgrading a connection \ 
to TLS mid-stream (e.g., when implementing PROXY protocol support).
gh-141707: Don’t change tarfile.TarInfo type from AREGTYPE to DIRTYPE when \ 
parsing GNU long name or link headers.
gh-139933: Improve AttributeError suggestions for classes with a custom \ 
__dir__() method returning a list of unsortable values. Patch by Bénédikt \ 
Tran.
gh-137335: Get rid of any possibility of a name conflict for named pipes in \ 
multiprocessing and asyncio on Windows, no matter how small.
gh-80667: Support lookup for Tangut Ideographs in unicodedata.
bpo-40243: Fix unicodedata.ucd_3_2_0.numeric() for non-decimal values.

Documentation

gh-126676: Expand argparse documentation for type=bool with a demonstration of \ 
the surprising behavior and pointers to common alternatives.
gh-145649: Fix text wrapping and formatting of -X option descriptions in the \ 
python(1) man page by using proper roff markup.
gh-145450: Document missing public wave.Wave_write getter methods.
gh-136246: A new “Improve this page” link is available in the left-hand \ 
sidebar of the docs, offering links to create GitHub issues, discussion forum \ 
posts, or pull requests.

Tests

gh-144418: The Android testbed’s emulator RAM has been increased from 2 GB to 4 GB.
gh-146202: Fix a race condition in regrtest: make sure that the temporary \ 
directory is created in the worker process. Previously, temp_cwd() could fail on \ 
Windows if the “build” directory was not created. Patch by Victor Stinner.
gh-144739: When Python was compiled with system expat older then 2.7.2 but tests \ 
run with newer expat, still skip test.test_pyexpat.MemoryProtectionTest.

Build

gh-146541: The Android testbed can now be built for 32-bit ARM and x86 targets.
gh-146498: The iOS XCframework build script now ensures libpython isn’t \ 
included in installed app content, and is more robust in identifying standard \ 
library binary content that requires processing.
gh-146450: The Android build script was modified to improve parity with other \ 
platform build scripts.
gh-146446: The clean target for the Apple/iOS XCframework build script is now \ 
more selective when targeting a single architecture.
gh-145801: When Python build is optimized with GCC using PGO, use \ 
-fprofile-update=atomic option to use atomic operations when updating profile \ 
information. This option reduces the risk of gcov Data Files (.gcda) corruption \ 
which can cause random GCC crashes. Patch by Victor Stinner.

Windows

gh-145307: Defers loading of the psapi.dll module until it is used by \ 
ctypes.util.dllist().
gh-144551: Updated bundled version of OpenSSL to 3.0.19.
gh-140131: Fix REPL cursor position on Windows when module completion suggestion \ 
line hits console width.

macOS

gh-144551: Update macOS installer to use OpenSSL 3.0.19.
gh-137586: Invoke osascript with absolute path in webbrowser and turtledemo.

C API

gh-146056: PyUnicodeWriter_WriteRepr() now supports NULL argument.
gh-145010: Use GCC dialect alternatives for inline assembly in object.h so that \ 
the Python headers compile correctly with -masm=intel.
gh-144981: Made PyUnstable_Code_SetExtra(), PyUnstable_Code_GetExtra(), and \ 
PyUnstable_Eval_RequestCodeExtraIndex() thread-safe on the free threaded build.

Log message:
python*: restrict expat workaround to NetBSD<11.99.5

that version installs expat_config.h

Pullups for 10, 11 have been filed, the pattern can be improved
when they are merged.

Log message:
python31*: force use expat from pkgsrc to fix builds across platforms

Log message:
python314 py314-html-docs: updated to 3.14.3

Python 3.14.3

Windows
gh-128067: Fix a bug in PyREPL on Windows where output without a trailing \ 
newline was overwritten by the next prompt.
Tools/Demos
gh-142095: Make gdb ‘py-bt’ command use frame from thread local state when \ 
available. Patch by Sam Gross and Victor Stinner.
Tests
gh-144415: The Android testbed now distinguishes between stdout/stderr messages \ 
which were triggered by a newline, and those triggered by a manual call to \ 
flush. This fixes logging of progress indicators and similar content.
gh-143460: Skip tests relying on infinite recusion if stack size is unlimited.
gh-65784: Add support for parametrized resource wantobjects in regrtests, which \ 
allows to run Tkinter tests with the specified value of tkinter.wantobjects, for \ 
example -u wantobjects=0.
gh-143553: Add support for parametrized resources, such as -u xpickle=2.7.
gh-142836: Accommodated Solaris in test_pdb.test_script_target_anonymous_pipe.
bpo-31391: Forward-port test_xpickle from Python 2 to Python 3 and add the \ 
resource back to test’s command line.
Security
gh-144125: BytesGenerator will now refuse to serialize (write) headers that are \ 
unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas \ 
Bloemsaat and Petr Viktorin in gh-121650).
gh-143935: Fixed a bug in the folding of comments when flattening an email \ 
message using a modern email policy. Comments consisting of a very long sequence \ 
of non-foldable characters could trigger a forced line wrap that omitted the \ 
required leading space on the continuation line, causing the remainder of the \ 
comment to be interpreted as a new header field. This enabled header injection \ 
with carefully crafted inputs.
gh-143925: Reject control characters in data: URL media types.
gh-143919: Reject control characters in http.cookies.Morsel fields and values.
gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, \ 
values, and parameters.
Library
gh-144380: Improve performance of io.BufferedReader line iteration by ~49%.
gh-144169: Fix three crashes when non-string keyword arguments are supplied to \ 
objects in the ast module.
gh-144100: Fixed a crash in ctypes when using a deprecated POINTER(str) type in \ 
argtypes. Instead of aborting, ctypes now raises a proper Python exception when \ 
the pointer target type is unresolved.
gh-144050: Fix stat.filemode() in the pure-Python implementation to avoid \ 
misclassifying invalid mode values as block devices.
gh-144023: Fixed validation of file descriptor 0 in posix functions when used \ 
with follow_symlinks parameter.
gh-143999: Fix an issue where inspect.getgeneratorstate() and \ 
inspect.getcoroutinestate() could fail for generators wrapped by \ 
types.coroutine() in the suspended state.
gh-143831: annotationlib.ForwardRef objects are now hashable when created from \ 
annotation scopes with closures. Previously, hashing such objects would throw an \ 
exception. Patch by Bartosz Sławecki.
gh-143874: Fixed a bug in pdb where expression results were not sent back to \ 
remote client.
gh-143880: Fix data race in functools.partial() in the free threading build.
gh-143706: Fix multiprocessing forkserver so that sys.argv is correctly set \ 
before __main__ is preloaded. Previously, sys.argv was empty during main module \ 
import in forkserver child processes. This fixes a regression introduced in \ 
3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test provided by Thomas \ 
Watson, thanks!
gh-143638: Forbid reentrant calls of the pickle.Pickler and pickle.Unpickler \ 
methods for the C implementation. Previously, this could cause crash or data \ 
corruption, now concurrent calls of methods of the same object raise \ 
RuntimeError.
gh-78724: Raise RuntimeError’s when user attempts to call methods on \ 
half-initialized Struct objects, For example, created by Struct.__new__(Struct). \ 
Patch by Sergey B Kirpichev.
gh-143196: Fix crash when the internal encoder object returned by undocumented \ 
function json.encoder.c_make_encoder() was called with non-zero second \ 
(_current_indent_level) argument.
gh-143191: _thread.stack_size() now raises ValueError if the stack size is too \ 
small. Patch by Victor Stinner.
gh-143602: Fix a inconsistency issue in write() that leads to unexpected buffer \ 
overwrite by deduplicating the buffer exports.
gh-143547: Fix sys.unraisablehook() when the hook raises an exception and \ 
changes sys.unraisablehook(): hold a strong reference to the old hook. Patch by \ 
Victor Stinner.
gh-143517: annotationlib.get_annotations() no longer raises a SyntaxError when \ 
evaluating a stringified starred annotation that starts with one or more \ 
whitespace characters followed by a *. Patch by Bartosz Sławecki.
gh-143378: Fix use-after-free crashes when a BytesIO object is concurrently \ 
mutated during write() or writelines().
gh-143346: Fix incorrect wrapping of the Base64 data in plistlib._PlistWriter \ 
when the indent contains a mix of tabs and spaces.
gh-143310: tkinter: fix a crash when a Python list is mutated during the \ 
conversion to a Tcl object (e.g., when setting a Tcl variable). Patch by \ 
Bénédikt Tran.
gh-143309: Fix a crash in os.execve() on non-Windows platforms when given a \ 
custom environment mapping which is then mutated during parsing. Patch by \ 
Bénédikt Tran.
gh-143308: pickle: fix use-after-free crashes when a PickleBuffer is \ 
concurrently mutated by a custom buffer callback during pickling. Patch by \ 
Bénédikt Tran and Aaron Wieczorek.
gh-143237: Fix support of named pipes in the rotating logging handlers.
gh-143249: Fix possible buffer leaks in Windows overlapped I/O on error handling.
gh-143241: zoneinfo: fix infinite loop in ZoneInfo.from_file when parsing a \ 
malformed TZif file. Patch by Fatih Celik.
gh-142830: sqlite3: fix use-after-free crashes when the connection’s callbacks \ 
are mutated during a callback execution. Patch by Bénédikt Tran.
gh-143200: xml.etree.ElementTree: fix use-after-free crashes in __getitem__() \ 
and __setitem__() methods of Element when the element is concurrently mutated. \ 
Patch by Bénédikt Tran.
gh-142195: Updated timeout evaluation logic in subprocess to be compatible with \ 
deterministic environments like Shadow where time moves exactly as requested.
gh-142164: Fix the ctypes bitfield overflow error message to report the correct \ 
offset and size calculation.
gh-143145: Fixed a possible reference leak in ctypes when constructing results \ 
with multiple output parameters on error.
gh-122431: Corrected the error message in readline.append_history_file() to \ 
state that nelements must be non-negative instead of positive.
gh-143004: Fix a potential use-after-free in collections.Counter.update() when \ 
user code mutates the Counter during an update.
gh-143046: The asyncio REPL no longer prints copyright and version messages in \ 
the quiet mode (-q). Patch by Bartosz Sławecki.
gh-140648: The asyncio REPL now respects the -I flag (isolated mode). \ 
Previously, it would load and execute PYTHONSTARTUP even if the flag was set. \ 
Contributed by Bartosz Sławecki.
gh-142991: Fixed socket operations such as recvfrom() and sendto() for FreeBSD \ 
divert(4) socket.
gh-143010: Fixed a bug in mailbox where the precise timing of an external event \ 
could result in the library opening an existing file instead of a file it \ 
expected to create.
gh-142881: Fix concurrent and reentrant call of atexit.unregister().
gh-112127: Fix possible use-after-free in atexit.unregister() when the callback \ 
is unregistered during comparison.
gh-142783: Fix zoneinfo use-after-free with descriptor _weak_cache. a descriptor \ 
as _weak_cache could cause crashes during object creation. The fix ensures \ 
proper reference counting for descriptor-provided objects.
gh-142754: Add the ownerDocument attribute to xml.dom.minidom elements and \ 
attributes created by directly instantiating the Element or Attr class. Note \ 
that this way of creating nodes is not supported; creator functions like \ 
xml.dom.Document.documentElement() should be used instead.
gh-142784: The asyncio REPL now properly closes the loop upon the end of \ 
interactive session. Previously, it could cause surprising warnings. Contributed \ 
by Bartosz Sławecki.
gh-142555: array: fix a crash in a[i] = v when converting i to an index via \ 
i.__index__ or i.__float__ mutates the array.
gh-142594: Fix crash in TextIOWrapper.close() when the underlying buffer’s \ 
closed property calls detach().
gh-142451: hmac: Ensure that the HMAC.block_size attribute is correctly copied \ 
by HMAC.copy. Patch by Bénédikt Tran.
gh-142495: collections.defaultdict now prioritizes __setitem__() when inserting \ 
default values from default_factory. This prevents race conditions where a \ 
default value would overwrite a value set before default_factory returns.
gh-142651: unittest.mock: fix a thread safety issue where Mock.call_count may \ 
return inaccurate values when the mock is called concurrently from multiple \ 
threads.
gh-142595: Added type check during initialization of the decimal module to \ 
prevent a crash in case of broken stdlib. Patch by Sergey B Kirpichev.
gh-142556: Fix crash when a task gets re-registered during finalization in \ 
asyncio. Patch by Kumar Aditya.
gh-123241: Avoid reference count operations in garbage collection of ctypes objects.
gh-142517: The non-compat32 email policies now correctly handle refolding \ 
encoded words that contain bytes that can not be decoded in their specified \ 
character set. Previously this resulted in an encoding exception during folding.
gh-112527: The help text for required options in argparse no longer extended \ 
with “ (default: None)”.
gh-142346: Fix usage formatting for mutually exclusive groups in argparse when \ 
they are preceded by positional arguments or followed or intermixed with other \ 
optional arguments.
gh-142315: Pdb can now run scripts from anonymous pipes used in process \ 
substitution. Patch by Bartosz Sławecki.
gh-142332: Fix usage formatting for positional arguments in mutually exclusive \ 
groups in argparse. in argparse.
gh-142282: Fix winreg.QueryValueEx() to not accidentally read garbage buffer \ 
under race condition.
gh-75949: Fix argparse to preserve | separators in mutually exclusive groups \ 
when the usage line wraps due to length.
gh-142267: Improve argparse performance by caching the formatter used for \ 
argument validation.
gh-68552: MisplacedEnvelopeHeaderDefect and Missing header name defects are now \ 
correctly passed to the handle_defect method of policy in FeedParser.
gh-142006: Fix a bug in the email.policy.default folding algorithm which \ 
incorrectly resulted in a doubled newline when a line ending at exactly \ 
max_line_length was followed by an unfoldable token.
gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving underlying cancelled \ 
asyncio task running.
gh-139971: pydoc: Ensure that the link to the online documentation of a stdlib \ 
module is correct.
gh-139262: Some keystrokes can be swallowed in the new PyREPL on Windows, \ 
especially when used together with the ALT key. Fix by Chris Eibl.
gh-138897: Improved license/copyright/credits display in the REPL: now uses a pager.
gh-79986: Add parsing for References and In-Reply-To headers to the email \ 
library that parses the header content as lists of message id tokens. This \ 
prevents them from being folded incorrectly.
gh-136282: Add support for UNNAMED_SECTION when creating a section via the \ 
mapping protocol access
gh-109263: Starting a process from spawn context in multiprocessing no longer \ 
sets the start method globally.
gh-133253: Fix thread-safety issues in linecache.
gh-132715: Skip writing objects during marshalling once a failure has occurred.
IDLE
gh-143774: Better explain the operation of Format / Format Paragraph.
Documentation
gh-140806: Add documentation for enum.bin().
Core and Builtins
gh-144307: Prevent a reference leak in module teardown at interpreter finalization.
gh-144194: Fix error handling in perf jitdump initialization on memory \ 
allocation failure.
gh-144012: Check if the result is NULL in BINARY_OP_EXTENT opcode.
gh-141805: Fix crash in set when objects with the same hash are concurrently \ 
added to the set after removing an element with the same hash while the set \ 
still contains elements with the same hash.
gh-143670: Fixes a crash in ga_repr_items_list function.
gh-143377: Fix a crash in _interpreters.capture_exception() when the exception \ 
is incorrectly formatted. Patch by Bénédikt Tran.
gh-136924: The interactive help mode in the REPL no longer incorrectly syntax \ 
highlights text input as Python code. Contributed by Olga Matoula.
gh-143189: Fix crash when inserting a non-str key into a split table dictionary \ 
when the key matches an existing key in the split table but has no corresponding \ 
value in the dict.
gh-143228: Fix use-after-free in perf trampoline when toggling profiling while \ 
threads are running or during interpreter finalization with daemon threads \ 
active. The fix uses reference counting to ensure trampolines are not freed \ 
while any code object could still reference them. Pach by Pablo Galindo
gh-142664: Fix a use-after-free crash in memoryview.__hash__ when the __hash__ \ 
method of the referenced object mutates that object or the view. Patch by \ 
Bénédikt Tran.
gh-142557: Fix a use-after-free crash in bytearray.__mod__ when the bytearray is \ 
mutated while formatting the %-style arguments. Patch by Bénédikt Tran.
gh-143195: Fix use-after-free crashes in bytearray.hex() and memoryview.hex() \ 
when the separator’s __len__() mutates the original object. Patch by \ 
Bénédikt Tran.
gh-142975: Fix crash after unfreezing all objects tracked by the garbage \ 
collector on the free threaded build.
gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is 0. Previously, it \ 
was set to 0 in this case.
gh-143003: Fix an overflow of the shared empty buffer in bytearray.extend() when \ 
__length_hint__() returns 0 for non-empty iterator.
gh-143006: Fix a possible assertion error when comparing negative non-integer \ 
float and int with the same number of bits in the integer part.
gh-143057: Avoid locking in PyTraceMalloc_Track() and PyTraceMalloc_Untrack() \ 
when tracemalloc is not enabled.
gh-142776: Fix a file descriptor leak in import.c
gh-142829: Fix a use-after-free crash in contextvars.Context comparison when a \ 
custom __eq__ method modifies the context via set().
gh-142766: Clear the frame of a generator when generator.close() is called.
gh-142737: Tracebacks will be displayed in fallback mode even if io.open() is \ 
lost. Previously, this would crash the interpreter. Patch by Bartosz Sławecki.
gh-142554: Fix a crash in divmod() when _pylong.int_divmod() does not return a \ 
tuple of length two exactly. Patch by Bénédikt Tran.
gh-142560: Fix use-after-free in bytearray search-like methods (find(), count(), \ 
index(), rindex(), and rfind()) by marking the storage as exported which causes \ 
reallocation attempts to raise BufferError. For contains(), split(), and \ 
rsplit() the buffer protocol is used for this.
gh-142531: Fix a free-threaded GC performance regression. If there are many \ 
untracked tuples, the GC will run too often, resulting in poor performance. The \ 
fix is to include untracked tuples in the “long lived” object count. The \ 
number of frozen objects is also now included since the free-threaded GC must \ 
scan those too.
gh-142402: Fix reference counting when adjacent literal parts are merged while \ 
constructing string.templatelib.Template, preventing the displaced string object \ 
from leaking.
gh-133932: Fix crash in the free threading build when clearing frames that hold \ 
tagged integers.
gh-142343: Fix SIGILL crash on m68k due to incorrect assembly constraint.
gh-100964: Fix reference cycle in exhausted generator frames. Patch by Savannah \ 
Ostrowski.
gh-69605: Fix edge-cases around already imported modules in the REPL \ 
auto-completion of imports.
gh-138568: Adjusted the built-in help() function so that empty inputs are \ 
ignored in interactive mode.
gh-137007: Fix a bug during JIT compilation failure which caused garbage \ 
collection debug assertions to fail.
C API
gh-142589: Fix PyUnstable_Object_IsUniqueReferencedTemporary() handling of \ 
tagged ints on the interpreter stack.
gh-142571: PyUnstable_CopyPerfMapFile() now checks that opening the file \ 
succeeded before flushing.
Build
gh-142454: When calculating the digest of the JIT stencils input, sort the \ 
hashed files by filenames before adding their content to the hasher. This \ 
ensures deterministic hash input and hence deterministic hash, independent on \ 
filesystem order.
gh-141808: When running make clean-retain-profile, keep the generated JIT \ 
stencils. That way, the stencils are not generated twice when Profile-guided \ 
optimization (PGO) is used. It also allows distributors to supply their own \ 
pre-built JIT stencils.
gh-138061: Ensure reproducible builds by making JIT stencil header generation \ 
deterministic.