Issue #23529: Limit the size of decompressed data when reading from
GzipFile, BZ2File or LZMAFile. This defeats denial of service attacks
using compressed bombs (i.e. compressed payloads which decompress to a huge
size).
Patch by Martin Panter and Nikolaus Rath.
diff --git a/Doc/library/bz2.rst b/Doc/library/bz2.rst
index ed28699..1b8d9cf 100644
--- a/Doc/library/bz2.rst
+++ b/Doc/library/bz2.rst
@@ -120,6 +120,10 @@
.. versionchanged:: 3.4
The ``'x'`` (exclusive creation) mode was added.
+ .. versionchanged:: 3.5
+ The :meth:`~io.BufferedIOBase.read` method now accepts an argument of
+ ``None``.
+
Incremental (de)compression
---------------------------