bpo-36384: [doc] Mention CVE-2021-29921 fix in 3.8.12 by ambv · Pull Request #27824 · python/cpython
Expand Up
@@ -2248,3 +2248,16 @@ separator key, with ``&`` as the default. This change also affects
functions internally. For more details, please see their respective
documentation.
(Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.)
Notable changes in Python 3.8.12 ================================
Starting with Python 3.8.12 the :mod:`ipaddress` module no longer accepts any leading zeros in IPv4 address strings. Leading zeros are ambiguous and interpreted as octal notation by some libraries. For example the legacy function :func:`socket.inet_aton` treats leading zeros as octal notation. glibc implementation of modern :func:`~socket.inet_pton` does not accept any leading zeros.
(Originally contributed by Christian Heimes in :issue:`36384`, and backported to 3.8 by Achraf Merzouki.)
Notable changes in Python 3.8.12 ================================
Starting with Python 3.8.12 the :mod:`ipaddress` module no longer accepts any leading zeros in IPv4 address strings. Leading zeros are ambiguous and interpreted as octal notation by some libraries. For example the legacy function :func:`socket.inet_aton` treats leading zeros as octal notation. glibc implementation of modern :func:`~socket.inet_pton` does not accept any leading zeros.
(Originally contributed by Christian Heimes in :issue:`36384`, and backported to 3.8 by Achraf Merzouki.)