winget install --id Python.Python.3.8About Python 3.8
Python is a programming language that lets you work more quickly and integrate your systems more effectively.
What's new in 3.8.10
Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn deriv...
Version history
| Version | Updated | Notes |
|---|---|---|
| 3.8.10 | Unknown | Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472:... |
| 3.8.9 | Unknown | Security - bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module which could be abused to read arbitrary files on the disk (directory traversal vulnerability). Moreover, even source code of Python modu... |
| 3.8.8 | Unknown | There were no new changes in version 3.8.8. |
| 3.8.7 | Unknown | Core and Builtins - bpo-32381: Fix encoding name when running a .pyc file on Windows: PyRun_SimpleFileExFlags() now uses the correct encoding to decode the filename. - bpo-42536: Several built-in and standard library typ... |
| 3.8.6 | Unknown | Core and Builtins - bpo-41525: The output of python --help contains now only ASCII characters. Library - bpo-41817: fix tkinter.EventType Enum so all members are strings, and none are tuples - bpo-41815: Fix SQLite3 segf... |
| 3.8.5 | Unknown | Security - bpo-41304: Fixes python3x._pth being ignored on Windows, caused by the fix for bpo-29778 (CVE-2020-15801). - bpo-39603: Prevent http header injection by rejecting control characters in http.client.putrequest(…... |
| 3.8.4 | Unknown | Security - bpo-41162: Audit hooks are now cleared later during finalization to avoid missing events. - bpo-29778: Ensure python3.dll is loaded from correct locations when Python is embedded (CVE-2020-15523). Core and Bui... |
| 3.8.3 | Unknown | Core and Builtins - bpo-40527: Fix command line argument parsing: no longer write errors multiple times into stderr. - bpo-40417: Fix imp module deprecation warning when PyImport_ReloadModule is called. Patch by Robert R... |
| 3.8.2 | Unknown | Core and Builtins - bpo-39382: Fix a use-after-free in the single inheritance path of issubclass(), when the __bases__ of an object has a single reference, and so does its first item. Patch by Yonatan Goldschmidt. - bpo-... |
| 3.8.1 | Unknown | Core and Builtins - bpo-39080: Fix the value of end_col_offset for Starred Expression AST nodes when they are among the elements in the args attribute of Call AST nodes. - bpo-39031: When parsing an “elif” node, lineno a... |
| 3.8.0 | Unknown | Core and Builtins - bpo-38469: Fixed a bug where the scope of named expressions was not being resolved correctly in the presence of the global keyword. Patch by Pablo Galindo. - bpo-38379: When cyclic garbage collection... |