====================================================================

                             CERT-Renater

                 Note d'Information No. 2020/VULN419
_____________________________________________________________________

DATE                : 21/07/2020

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Python versions prior to 3.8.4.

=====================================================================
https://docs.python.org/3/whatsnew/changelog.html#python-3-8-4-final
_____________________________________________________________________

Python 3.8.4 final

Release date: 2020-07-13

Security

  * bpo-41162: Audit hooks are now cleared later during finalization to
    avoid missing events.

  * bpo-29778: Ensure python3.dll is loaded from correct locations when
    Python is embedded (CVE-2020-15523).

Core and Builtins

  * bpo-41247: Always cache the running loop holder when running
    asyncio.set_running_loop.

  * bpo-41252: Fix incorrect refcounting in _ssl.c's
     _servername_callback().

  * bpo-41218: Python 3.8.3 had a regression where compiling with
    ast.PyCF_ALLOW_TOP_LEVEL_AWAIT would aggressively mark list
    comprehension with CO_COROUTINE. Now only list comprehension making
    use of async/await will tagged as so.

  * bpo-41175: Guard against a NULL pointer dereference within
    bytearrayobject triggered by the bytearray() + bytearray()
    operation.

  * bpo-39960: The 'hackcheck' that prevents sneaking around a type's
    __setattr__() by calling the superclass method was rewritten to
    allow C implemented heap types.

Library

  * bpo-41235: Fix the error handling in ssl.SSLContext.load_dh_params().

  * bpo-41193: The write_history() atexit function of the readline
    completer now ignores any OSError to ignore error if the filesystem
    is read-only, instead of only ignoring FileNotFoundError and
    PermissionError.

  * bpo-41043: Fixed the use of glob() in the stdlib: literal part of
    the path is now always correctly escaped.

  * bpo-39384: Fixed email.contentmanager to allow set_content() to set
    a null string.

IDLE

  * bpo-37765: Add keywords to module name completion list. Rewrite
    Completions section of IDLE doc.

  * bpo-41152: The encoding of stdin, stdout and stderr in IDLE is now
    always UTF-8.


=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================