Changes 2.7.2:

Core and Builtins
-----------------
- Issue 20041: Fixed TypeError when frame.f_trace is set to None.
  Patch by Xavier de Gaye.

- Issue 25702: A --with-lto configure option has been added that will
  enable link time optimizations at build time during a make profile-opt.
  Some compilers and toolchains are known to not produce stable code when
  using LTO, be sure to test things thoroughly before relying on it.
  It can provide a few % speed up over profile-opt alone.

- Issue 26168: Fixed possible refleaks in failing Py_BuildValue() with the "N"
  format unit.

- Issue 27039: Fixed bytearray.remove() for values greater than 127.  Patch by
  Joe Jevnik.

- Issue 4806: Avoid masking the original TypeError exception when using star
  (*) unpacking and the exception was raised from a generator.  Based on
  patch by Hagen Fürstenau.

- Issue 26659: Make the builtin slice type support cycle collection.

- Issue 26718: super.__init__ no longer leaks memory if called multiple times.
  NOTE: A direct call of super.__init__ is not endorsed!

- Issue 13410: Fixed a bug in PyUnicode_Format where it failed to properly
  ignore errors from a __int__() method.

- Issue 26494: Fixed crash on iterating exhausting iterators.
  Affected classes are generic sequence iterators, iterators of bytearray,
  list, tuple, set, frozenset, dict, OrderedDict and corresponding views.

- Issue 26581: If coding cookie is specified multiple times on a line in
  Python source code file, only the first one is taken to account.

- Issue 22836: Ensure exception reports from PyErr_Display() and
  PyErr_WriteUnraisable() are sensible even when formatting them produces
  secondary errors.  This affects the reports produced by
  sys.__excepthook__() and when __del__() raises an exception.

- Issue 22847: Improve method cache efficiency.

- Issue 25843: When compiling code, don't merge constants if they are equal
  but have a different types. For example, ``f1, f2 = lambda: 1, lambda: 1.0``
  is now correctly compiled to two different functions: ``f1()`` returns ``1``
  (``int``) and ``f2()`` returns ``1.0`` (``int``), even if ``1`` and ``1.0``
  are equal.

- Issue 22995: [UPDATE] Remove the one of the pickleability tests in
  _PyObject_GetState() due to regressions observed in Cython-based projects.

- Issue 25961: Disallowed null characters in the type name.

- Issue 22995: Instances of extension types with a state that aren't
  subclasses of list or dict and haven't implemented any pickle-related
  methods (__reduce__, __reduce_ex__, __getnewargs__, __getnewargs_ex__,
  or __getstate__), can no longer be pickled.  Including memoryview.

- Issue 20440: Massive replacing unsafe attribute setting code with special
  macro Py_SETREF.

- Issue 25421: __sizeof__ methods of builtin types now use dynamic basic size.
  This allows sys.getsize() to work correctly with their subclasses with
  __slots__ defined.

- Issue 19543: Added Py3k warning for decoding unicode.

- Issue 24097: Fixed crash in object.__reduce__() if slot name is freed inside
  __getattr__.

- Issue 24731: Fixed crash on converting objects with special methods
  __str__, __trunc__, and __float__ returning instances of subclasses of
  str, long, and float to subclasses of str, long, and float correspondingly.

- Issue 26478: Fix semantic bugs when using binary operators with dictionary
  views and tuples.

- Issue 26171: Fix possible integer overflow and heap corruption in
  zipimporter.get_data().

Library
-------
- Issue 26556: Update expat to 2.1.1, fixes CVE-2015-1283.

- Fix TLS stripping vulnerability in smptlib, CVE-2016-0772.  Reported by Team
  Oststrom

- Issue 7356: ctypes.util: Make parsing of ldconfig output independent of the
  locale.

- Issue 25738: Stop BaseHTTPServer.BaseHTTPRequestHandler.send_error() from
  sending a message body for 205 Reset Content.  Also, don't send the
  Content-Type header field in responses that don't have a body.  Based on
  patch by Susumu Koshiba.

- Issue 21313: Fix the "platform" module to tolerate when sys.version
  contains truncated build information.

- Issue 27211: Fix possible memory corruption in io.IOBase.readline().

- Issue 27114: Fix SSLContext._load_windows_store_certs fails with
  PermissionError

- Issue 14132: Fix urllib.request redirect handling when the target only has
  a query string.  Fix by Ján Janech.

- Removed the requirements for the ctypes and modulefinder modules to be
  compatible with earlier Python versions.

- Issue 22274: In the subprocess module, allow stderr to be redirected to
  stdout even when stdout is not redirected.  Patch by Akira Li.

- Issue 12045: Avoid duplicate execution of command in ctypes.util._get_soname().
  Patch by Sijin Joseph.

- Issue 26960: Backported 16270 from Python 3 to Python 2, to prevent urllib
  from hanging when retrieving certain FTP files.

- Issue 25745: Fixed leaking a userptr in curses panel destructor.

- Issue 17765: weakref.ref() no longer silently ignores keyword arguments.
  Patch by Georg Brandl.

- Issue 26873: xmlrpclib now raises ResponseError on unsupported type tags
  instead of silently return incorrect result.

- Issue 24114: Fix an uninitialized variable in `ctypes.util`.

  The bug only occurs on SunOS when the ctypes implementation searches
  for the `crle` program.  Patch by Xiang Zhang.  Tested on SunOS by
  Kees Bos.

- Issue 26864: In urllib, change the proxy bypass host checking against
  no_proxy to be case-insensitive, and to not match unrelated host names that
  happen to have a bypassed hostname as a suffix.  Patch by Xiang Zhang.

- Issue 26804: urllib will prefer lower_case proxy environment variables over
  UPPER_CASE or Mixed_Case ones. Patch contributed by Hans-Peter Jansen.

- Issue 26837: assertSequenceEqual() now correctly outputs non-stringified
  differing items.  This affects assertListEqual() and assertTupleEqual().

- Issue 26822: itemgetter, attrgetter and methodcaller objects no longer
  silently ignore keyword arguments.

- Issue 26657: Fix directory traversal vulnerability with SimpleHTTPServer
  on Windows.  This fixes a regression that was introduced in 2.7.7.  Based
  on patch by Philipp Hagemeister.

- Issue 19377: Add .svg to mimetypes.types_map.

- Issue 13952: Add .csv to mimetypes.types_map.  Patch by Geoff Wilson.

- Issue 16329: Add .webm to mimetypes.types_map.  Patch by Giampaolo Rodola'.

- Issue 23735: Handle terminal resizing with Readline 6.3+ by installing our
  own SIGWINCH handler.  Patch by Eric Price.

- Issue 26644: Raise ValueError rather than SystemError when a negative
  length is passed to SSLSocket.recv() or read().

- Issue 23804: Fix SSL recv(0) and read(0) methods to return zero bytes
  instead of up to 1024.

- Issue 24266: Ctrl+C during Readline history search now cancels the search
  mode when compiled with Readline 7.

- Issue 23857: Implement PEP 493, adding a Python-2-only ssl module API and
  environment variable to configure the default handling of SSL/TLS certificates
  for HTTPS connections.

- Issue 26313: ssl.py _load_windows_store_certs fails if windows cert store
  is empty. Patch by Baji.

- Issue 26513: Fixes platform module detection of Windows Server

- Issue 23718: Fixed parsing time in week 0 before Jan 1.  Original patch by
  Tamás Bence Gedai.

- Issue 26177: Fixed the keys() method for Canvas and Scrollbar widgets.

- Issue 15068: Got rid of excessive buffering in the fileinput module.
  The bufsize parameter is no longer used.

- Issue 2202: Fix UnboundLocalError in
  AbstractDigestAuthHandler.get_algorithm_impls.  Initial patch by Mathieu Dupuy.

- Issue 26475: Fixed debugging output for regular expressions with the (?x)
  flag.

- Issue 26385: Remove the file if the internal fdopen() call in
  NamedTemporaryFile() fails.  Based on patch by Silent Ghost.

- Issue 26309: In the "socketserver" module, shut down the request (closing
  the connected socket) when verify_request() returns false.  Based on patch
  by Aviv Palivoda.

- Issue 25939: On Windows open the cert store readonly in ssl.enum_certificates.

- Issue 24303: Fix random EEXIST upon multiprocessing semaphores creation with
  Linux PID namespaces enabled.

- Issue 25698: Importing module if the stack is too deep no longer replaces
  imported module with the empty one.

- Issue 12923: Reset FancyURLopener's redirect counter even if there is an
  exception.  Based on patches by Brian Brazil and Daniel Rocco.

- Issue 25945: Fixed a crash when unpickle the functools.partial object with
  wrong state.  Fixed a leak in failed functools.partial constructor.
  "args" and "keywords" attributes of functools.partial have now always types
  tuple and dict correspondingly.

- Issue 19883: Fixed possible integer overflows in zipimport.

- Issue 26147: xmlrpclib now works with unicode not encodable with used
  non-UTF-8 encoding.

- Issue 16620: Fixed AttributeError in msilib.Directory.glob().

- Issue 21847: Fixed xmlrpclib on Unicode-disabled builds.

- Issue 6500: Fixed infinite recursion in urllib2.Request.__getattr__().

- Issue 26083: Workaround a subprocess bug that raises an incorrect
  "ValueError: insecure string pickle" exception instead of the actual
  exception on some platforms such as Mac OS X when an exception raised
  in the forked child process prior to the exec() was large enough that
  it overflowed the internal errpipe_read pipe buffer.

- Issue 24103: Fixed possible use after free in ElementTree.iterparse().

- Issue 20954: _args_from_interpreter_flags used by multiprocessing and some
  tests no longer behaves incorrectly in the presence of the PYTHONHASHSEED
  environment variable.

- Issue 14285: When executing a package with the "python -m package" option,
  and package initialization raises ImportError, a proper traceback is now
  reported.

- Issue 6478: _strptime's regexp cache now is reset after changing timezone
  with time.tzset().

- Issue 25718: Fixed copying object with state with boolean value is false.

- Issue 25742: :func:`locale.setlocale` now accepts a Unicode string for
  its second parameter.

- Issue 10131: Fixed deep copying of minidom documents.  Based on patch
  by Marian Ganisin.

- Issue 25725: Fixed a reference leak in cPickle.loads() when unpickling
  invalid data including tuple instructions.

- Issue 25663: In the Readline completer, avoid listing duplicate global
  names, and search the global namespace before searching builtins.

- Issue 25688: Fixed file leak in ElementTree.iterparse() raising an error.

- Issue 23914: Fixed SystemError raised by CPickle unpickler on broken data.

- Issue 25924: Avoid unnecessary serialization of getaddrinfo(3) calls on
  OS X versions 10.5 or higher.  Original patch by A. Jesse Jiryu Davis.

- Issue 26406: Avoid unnecessary serialization of getaddrinfo(3) calls on
  current versions of OpenBSD and NetBSD.  Patch by A. Jesse Jiryu Davis.

IDLE
----
- Issue 5124: Paste with text selected now replaces the selection on X11.
  This matches how paste works on Windows, Mac, most modern Linux apps,
  and ttk widgets.  Original patch by Serhiy Storchaka.

- Issue 24759: Make clear in idlelib.idle_test.__init__ that the directory
  is a private implementation of test.test_idle and tool for maintainers.

- Issue 26673: When tk reports font size as 0, change to size 10.
  Such fonts on Linux prevented the configuration dialog from opening.

- Issue 27044: Add ConfigDialog.remove_var_callbacks to stop memory leaks.

- In the 'IDLE-console differences' section of the IDLE doc, clarify
  how running with IDLE affects sys.modules and the standard streams.

- Issue 25507: fix incorrect change in IOBinding that prevented printing.
  Change also prevented saving shell window with non-ascii characters.
  Augment IOBinding htest to include all major IOBinding functions.

- Issue 25905: Revert unwanted conversion of ' to ’ RIGHT SINGLE QUOTATION
  MARK in README.txt and open this and NEWS.txt with 'ascii'.
  Re-encode CREDITS.txt to utf-8 and open it with 'utf-8'.

- Issue 26417: Prevent spurious errors and incorrect defaults when
  installing IDLE 2.7 on OS X: default configuration settings are
  no longer installed from OS X specific copies.

Documentation
-------------
- Issue 26736: Used HTTPS for external links in the documentation if possible.

- Issue 6953: Rework the Readline module documentation to group related
  functions together, and add more details such as what underlying Readline
  functions and variables are accessed.

- Issue 26014: Guide users to the newer packaging documentation as was done
  for Python 3.x.  In particular, the top-level 2.7 documentation page now
  links to the newer installer and distributions pages rather than the
  legacy install and Distutils pages; these are still linked to in the
  library/distutils doc page.

Tests
-----
- Issue 21916: Added tests for the turtle module.  Patch by ingrid,
  Gregory Loyse and Jelle Zijlstra.

- Issue 25940: Changed test_ssl to use self-signed.pythontest.net.  This
  avoids relying on svn.python.org, which recently changed root certificate.

- Issue 25616: Tests for OrderedDict are extracted from test_collections
  into separate file test_ordered_dict.

Build
-----
- Issue 22359: Avoid incorrect recursive $(MAKE), and disable the rules for
  running pgen when cross-compiling.  The pgen output is normally saved with
  the source code anyway, and is still regenerated when doing a native build.
  Patch by Jonas Wagner and Xavier de Gaye.

- Issue 19450: Update Windows builds to use SQLite 3.8.11.0.

- Issue 27229: Fix the cross-compiling pgen rule for in-tree builds.  Patch
  by Xavier de Gaye.

- Issue 17603: Avoid error about nonexistant fileblocks.o file by using a
  lower-level check for st_blocks in struct stat.

- Issue 26465: Update Windows builds to use OpenSSL 1.0.2g.

- Issue 24421: Compile Modules/_math.c once, before building extensions.
  Previously it could fail to compile properly if the math and cmath builds
  were concurrent.

- Issue 25824: Fixes sys.winver to not include any architecture suffix.

- Issue 25348: Added ``--pgo`` and ``--pgo-job`` arguments to
  ``PCbuild\build.bat`` for building with Profile-Guided Optimization.  The
  old ``PCbuild\build_pgo.bat`` script is now deprecated, and simply calls
  ``PCbuild\build.bat --pgo %*``.

- Issue 25827: Add support for building with ICC to ``configure``, including
  a new ``--with-icc`` flag.

- Issue 25696: Fix installation of Python on UNIX with make -j9.

- Issue 26930: Update OS X 10.5+ 32-bit-only installer to build
  and link with OpenSSL 1.0.2h.

- Issue 26268: Update Windows builds to use OpenSSL 1.0.2f.

- Issue 25136: Support Apple Xcode 7's new textual SDK stub libraries.

Tools/Demos
-----------
- Issue 26799: Fix python-gdb.py: don't get C types once when the Python code
  is loaded, but get C types on demand. The C types can change if
  python-gdb.py is loaded before the Python executable. Patch written by Thomas
  Ilsche.

C API
-----
- Issue 26476: Fixed compilation error when use PyErr_BadInternalCall() in C++.
  Patch by Jeroen Demeyer.

Misc
----
- Issue 17500, and https://github.com/python/pythondotorg/issues/945: Remove
  unused and outdated icons.

1 files changed, 2 insertions, 2 deletions

diff --git a/lang/python27/dist.mk b/lang/python27/dist.mk
index f341c1b59ce..be265cbe99a 100644
--- a/lang/python27/dist.mk
+++ b/lang/python27/dist.mk
@@ -1,6 +1,6 @@
-# $NetBSD: dist.mk,v 1.11 2015/12/06 18:22:35 adam Exp $
+# $NetBSD: dist.mk,v 1.12 2016/07/02 15:05:43 adam Exp $
 
-PY_DISTVERSION=	2.7.11
+PY_DISTVERSION=	2.7.12
 DISTNAME=	Python-${PY_DISTVERSION}
 EXTRACT_SUFX=	.tar.xz
 DISTINFO_FILE=	${.CURDIR}/../../lang/python27/distinfo