Issue #23529: Limit the size of decompressed data when reading from GzipFile, BZ2File or LZMAFile. This defeats denial of service attacks using compressed bombs (i.e. compressed payloads which decompress to a huge size). Patch by Martin Panter and Nikolaus Rath.

commit: 2dbc6e6bce0a29757acddd8000d55f7c844295a2 [log] [tgz]
author: Antoine Pitrou <solipsis@pitrou.net> Sat Apr 11 00:31:01 2015 +0200
committer: Antoine Pitrou <solipsis@pitrou.net> Sat Apr 11 00:31:01 2015 +0200
tree: f1510e3a93b2527308dd6400a8b0544607e072db
parent: 2ce11d296cee8d71d2bf2451c7dba4ffa119d9d3 [diff] [blame]
diff --git a/Doc/library/bz2.rst b/Doc/library/bz2.rst
index ed28699..1b8d9cf 100644
--- a/Doc/library/bz2.rst
+++ b/Doc/library/bz2.rst

@@ -120,6 +120,10 @@
    .. versionchanged:: 3.4
       The ``'x'`` (exclusive creation) mode was added.
 
+   .. versionchanged:: 3.5
+      The :meth:`~io.BufferedIOBase.read` method now accepts an argument of
+      ``None``.
+
 
 Incremental (de)compression
 ---------------------------
commit	2dbc6e6bce0a29757acddd8000d55f7c844295a2	[log] [tgz]
author	Antoine Pitrou <solipsis@pitrou.net>	Sat Apr 11 00:31:01 2015 +0200
committer	Antoine Pitrou <solipsis@pitrou.net>	Sat Apr 11 00:31:01 2015 +0200
tree	f1510e3a93b2527308dd6400a8b0544607e072db
parent	2ce11d296cee8d71d2bf2451c7dba4ffa119d9d3 [diff] [blame]