diff --git a/LICENSE b/LICENSE index 66a3ac80d729a3..0b0c177da8b0d9 100644 --- a/LICENSE +++ b/LICENSE @@ -59,6 +59,54 @@ direction to make these releases possible. B. TERMS AND CONDITIONS FOR ACCESSING OR OTHERWISE USING PYTHON =============================================================== +ACTIVESTATE LICENSE AGREEMENT FOR PYTHON 2.7 GREATER THAN 2.7.18 +---------------------------------------------------------------- + +1. This LICENSE AGREEMENT is between ActiveState Software Inc. ("ActiveState"), +and the Individual or Organization ("Licensee") accessing and otherwise using +this software ("Python") in source or binary form and its associated +documentation. + +2. Subject to the terms and conditions of this License Agreement, ActiveState +hereby grants Licensee a nonexclusive, royalty-free, world-wide license to +reproduce, analyze, test, perform and/or display publicly, prepare derivative +works, distribute, and otherwise use Python alone or in any derivative version, +provided, however, that ActiveState's License Agreement and ActiveState's +notice of copyright, i.e., "Copyright (c) 2020, 2021 ActiveState Software Inc.; +All Rights Reserved" are retained in Python alone or in any derivative version +prepared by Licensee. + +3. In the event Licensee prepares a derivative work that is based on +or incorporates Python or any part thereof, and wants to make +the derivative work available to others as provided herein, then +Licensee hereby agrees to include in any such work a brief summary of +the changes made to Python. + +4. ActiveState is making Python available to Licensee on an "AS IS" +basis. ActiveState MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR +IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, ActiveState MAKES NO AND +DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS +FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT +INFRINGE ANY THIRD PARTY RIGHTS. + +5. ActiveState SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON +FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS +A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, +OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + +6. This License Agreement will automatically terminate upon a material +breach of its terms and conditions. + +7. Nothing in this License Agreement shall be deemed to create any +relationship of agency, partnership, or joint venture between ActiveState and +Licensee. This License Agreement does not grant permission to use ActiveState +trademarks or trade name in a trademark sense to endorse or promote +products or services of Licensee, or any third party. + +8. By copying, installing or otherwise using Python, Licensee +agrees to be bound by the terms and conditions of this License +Agreement. + PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 -------------------------------------------- diff --git a/Lib/cgi.py b/Lib/cgi.py index cde28cc91b7883..864601c212f25c 100755 --- a/Lib/cgi.py +++ b/Lib/cgi.py @@ -1,5 +1,9 @@ #! /usr/local/bin/python +# Copyright (C) 2021 ActiveState Software Inc. +# cgi is licensed under the PSFLv2 License. +# See the file LICENSE for details. + # NOTE: the above "/usr/local/bin/python" is NOT a mistake. It is # intentionally NOT "/usr/bin/env python". On many systems # (e.g. Solaris), /usr/local/bin is not in $PATH as passed to CGI diff --git a/Lib/ctypes/test/test_parameters.py b/Lib/ctypes/test/test_parameters.py index 3456882ccbe51f..9cb2ff6c872ac2 100644 --- a/Lib/ctypes/test/test_parameters.py +++ b/Lib/ctypes/test/test_parameters.py @@ -1,3 +1,7 @@ +# Copyright (C) 2021 ActiveState Software Inc. +# test_parameters is licensed under the PSFLv2 License. +# See the file LICENSE for details. + import unittest, sys from ctypes.test import need_symbol import test.support diff --git a/Lib/httplib.py b/Lib/httplib.py index a63677477d59bb..15c1280bc91a40 100644 --- a/Lib/httplib.py +++ b/Lib/httplib.py @@ -1,3 +1,7 @@ +# Copyright (C) 2020 ActiveState Software Inc. +# httplib is licensed under the PSFLv2 License. +# See the file LICENSE for details. + r"""HTTP/1.1 client library diff --git a/Lib/test/multibytecodec_support.py b/Lib/test/multibytecodec_support.py index 24316b0c45f60a..7722244025b8a8 100644 --- a/Lib/test/multibytecodec_support.py +++ b/Lib/test/multibytecodec_support.py @@ -1,3 +1,7 @@ +# Copyright (C) 2020 ActiveState Software Inc. +# multibytecodec_support is licensed under the PSFLv2 License. +# See the file LICENSE for details. + # multibytecodec_support.py # Common Unittest Routines for CJK codecs # diff --git a/Lib/test/test_cgi.py b/Lib/test/test_cgi.py index 597260275337f0..632f2b173c8388 100644 --- a/Lib/test/test_cgi.py +++ b/Lib/test/test_cgi.py @@ -1,3 +1,7 @@ +# Copyright (C) 2021 ActiveState Software Inc. +# test_cgi is licensed under the PSFLv2 License. +# See the file LICENSE for details. + from io import BytesIO from test.test_support import run_unittest, check_warnings import cgi diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py index b7ff47f783e72e..5ec7aa3ce352c2 100644 --- a/Lib/test/test_tarfile.py +++ b/Lib/test/test_tarfile.py @@ -1,3 +1,7 @@ +# Copyright (C) 2020 ActiveState Software Inc. +# test_tarfile is licensed under the PSFLv2 License. +# See the file LICENSE for details. + import sys import os import shutil diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py index 3c7fc9217f576c..73922b5156429e 100644 --- a/Lib/test/test_urlparse.py +++ b/Lib/test/test_urlparse.py @@ -1,3 +1,7 @@ +# Copyright (C) 2021 ActiveState Software Inc. +# test_urlparse is licensed under the PSFLv2 License. +# See the file LICENSE for details. + from test import test_support import sys import unicodedata diff --git a/Lib/urllib2.py b/Lib/urllib2.py index 85260b679793b6..db7eb96e0bea41 100644 --- a/Lib/urllib2.py +++ b/Lib/urllib2.py @@ -1,3 +1,7 @@ +# Copyright (C) 2020 ActiveState Software Inc. +# urllib2 is licensed under the PSFLv2 License. +# See the file LICENSE for details. + """An extensible library for opening URLs using a variety of protocols The simplest way to use this module is to call the urlopen function, diff --git a/Lib/urlparse.py b/Lib/urlparse.py index 316dc3c6ebec49..1acbcca7fa3dd8 100644 --- a/Lib/urlparse.py +++ b/Lib/urlparse.py @@ -1,3 +1,7 @@ +# Copyright (C) 2021 ActiveState Software Inc. +# cgi is licensed under the PSFLv2 License. +# See the file LICENSE for details. + """Parse (absolute and relative) URLs. urlparse module is based upon the following RFC specifications. diff --git a/Misc/NEWS.d/2.7.18.1.rst b/Misc/NEWS.d/2.7.18.1.rst new file mode 100644 index 00000000000000..bd052d137f1beb --- /dev/null +++ b/Misc/NEWS.d/2.7.18.1.rst @@ -0,0 +1,7 @@ +.. bpo: 0 +.. date: 2020-09-29 +.. nonce: caft@D +.. release date: 2020-09-29 +.. section: Library + +Address CVE-2020-8492 in urllib2 diff --git a/Misc/NEWS.d/2.7.18.2.rst b/Misc/NEWS.d/2.7.18.2.rst new file mode 100644 index 00000000000000..4863cb706defda --- /dev/null +++ b/Misc/NEWS.d/2.7.18.2.rst @@ -0,0 +1,21 @@ +.. bpo: 0 +.. date: 2020-11-13 +.. nonce: TRAK.h +.. release date: 2020-11-13 +.. section: Library + +Address CVE-2020-27619 in multibytecodec tests + +.. bpo: 0 +.. date: 2020-11-12 +.. nonce: GEH1va +.. section: Library + +Address CVE-2020-26116 in httplib + +.. bpo: 0 +.. date: 2020-11-03 +.. nonce: TWAB9g +.. section: Library + +Address CVE-2019-20907 in tarfile diff --git a/Misc/NEWS.d/2.7.18.3.rst b/Misc/NEWS.d/2.7.18.3.rst new file mode 100644 index 00000000000000..507be1bf4ac25e --- /dev/null +++ b/Misc/NEWS.d/2.7.18.3.rst @@ -0,0 +1,7 @@ +.. bpo: 0 +.. date: 2021-02-09 +.. nonce: yic.vi +.. release date: 2021-02-09 +.. section: Library + +Address CVE-2021-3177 in ctypes diff --git a/Misc/NEWS.d/2.7.18.4.rst b/Misc/NEWS.d/2.7.18.4.rst new file mode 100644 index 00000000000000..14a7a0ed862489 --- /dev/null +++ b/Misc/NEWS.d/2.7.18.4.rst @@ -0,0 +1,7 @@ +.. bpo: 0 +.. date: 2021-04-05 +.. nonce: dip*SU +.. release date: 2020-04-05 +.. section: Library + +Address CVE-2020-8492 in urlparse diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c index 163a3cee65b17a..b9d415360973ef 100644 --- a/Modules/_ctypes/callproc.c +++ b/Modules/_ctypes/callproc.c @@ -1,3 +1,9 @@ +/* + * Copyright (C) 2021 ActiveState Software Inc. + * callproc is licensed under the PSFLv2 License. + * See the file LICENSE for details. + */ + /***************************************************************** This file contains remnant Python 2.3 compatibility code that is no longer strictly required.