stackless-dev
diff --git a/‎Include/patchlevel.h
Lines changed: 3 additions & 3 deletions b/‎Include/patchlevel.h
Lines changed: 3 additions & 3 deletions
diff --git a/‎Lib/pydoc_data/topics.py
Lines changed: 1 addition & 1 deletion b/‎Lib/pydoc_data/topics.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎Lib/test/test_dbm.py
Lines changed: 15 additions & 2 deletions b/‎Lib/test/test_dbm.py
Lines changed: 15 additions & 2 deletions
diff --git a/‎Lib/test/test_dbm_ndbm.py
Lines changed: 14 additions & 0 deletions b/‎Lib/test/test_dbm_ndbm.py
Lines changed: 14 additions & 0 deletions
diff --git a/‎Lib/test/test_docxmlrpc.py
Lines changed: 16 additions & 0 deletions b/‎Lib/test/test_docxmlrpc.py
Lines changed: 16 additions & 0 deletions
diff --git a/‎Lib/xmlrpc/server.py
Lines changed: 2 additions & 1 deletion b/‎Lib/xmlrpc/server.py
Lines changed: 2 additions & 1 deletion
diff --git a/‎Misc/NEWS.d/3.5.8.rst
Lines changed: 9 additions & 0 deletions b/‎Misc/NEWS.d/3.5.8.rst
Lines changed: 9 additions & 0 deletions
diff --git a/‎README
Lines changed: 2 additions & 2 deletions b/‎README
Lines changed: 2 additions & 2 deletions
@@ -19,11 +19,11 @@
 #define PY_MAJOR_VERSION	3
 #define PY_MINOR_VERSION	5
 #define PY_MICRO_VERSION	8
-#define PY_RELEASE_LEVEL	PY_RELEASE_LEVEL_GAMMA
-#define PY_RELEASE_SERIAL	2
+#define PY_RELEASE_LEVEL	PY_RELEASE_LEVEL_FINAL
+#define PY_RELEASE_SERIAL	0
 
 /* Version as a string */
-#define PY_VERSION      	"3.5.8rc2"
+#define PY_VERSION      	"3.5.8"
 /*--end constants--*/
 
 /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
 
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Autogenerated by Sphinx on Sat Oct 12 12:05:57 2019
+# Autogenerated by Sphinx on Mon Oct 28 23:07:04 2019
 topics = {'assert': 'The "assert" statement\n'
            '**********************\n'
            '\n'
 
@@ -39,8 +39,7 @@ def delete_files():
 
 
 class AnyDBMTestCase:
-    _dict = {'0': b'',
-             'a': b'Python:',
+    _dict = {'a': b'Python:',
              'b': b'Programming',
              'c': b'the',
              'd': b'way',
@@ -101,6 +100,20 @@ def test_anydbm_keys(self):
         keys = self.keys_helper(f)
         f.close()
 
+    def test_empty_value(self):
+        if getattr(dbm._defaultmod, 'library', None) == 'Berkeley DB':
+            self.skipTest("Berkeley DB doesn't distinguish the empty value "
+                          "from the absent one")
+        f = dbm.open(_fname, 'c')
+        self.assertEqual(f.keys(), [])
+        f[b'empty'] = b''
+        self.assertEqual(f.keys(), [b'empty'])
+        self.assertIn(b'empty', f)
+        self.assertEqual(f[b'empty'], b'')
+        self.assertEqual(f.get(b'empty'), b'')
+        self.assertEqual(f.setdefault(b'empty'), b'')
+        f.close()
+
     def test_anydbm_access(self):
         self.init_db()
         f = dbm.open(_fname, 'r')
 
@@ -29,6 +29,20 @@ def test_keys(self):
         self.assertEqual(self.d[b'bytes'], b'data')
         self.d.close()
 
+    def test_empty_value(self):
+        if dbm.ndbm.library == 'Berkeley DB':
+            self.skipTest("Berkeley DB doesn't distinguish the empty value "
+                          "from the absent one")
+        self.d = dbm.ndbm.open(self.filename, 'c')
+        self.assertEqual(self.d.keys(), [])
+        self.d['empty'] = ''
+        self.assertEqual(self.d.keys(), [b'empty'])
+        self.assertIn(b'empty', self.d)
+        self.assertEqual(self.d[b'empty'], b'')
+        self.assertEqual(self.d.get(b'empty'), b'')
+        self.assertEqual(self.d.setdefault(b'empty'), b'')
+        self.d.close()
+
     def test_modes(self):
         for mode in ['r', 'rw', 'w', 'n']:
             try:
 
@@ -1,5 +1,6 @@
 from xmlrpc.server import DocXMLRPCServer
 import http.client
+import re
 import sys
 from test import support
 threading = support.import_module('threading')
@@ -193,6 +194,21 @@ def test_annotations(self):
              b'method_annotation</strong></a>(x: bytes)</dt></dl>'),
             response.read())
 
+    def test_server_title_escape(self):
+        # bpo-38243: Ensure that the server title and documentation
+        # are escaped for HTML.
+        self.serv.set_server_title('test_title<script>')
+        self.serv.set_server_documentation('test_documentation<script>')
+        self.assertEqual('test_title<script>', self.serv.server_title)
+        self.assertEqual('test_documentation<script>',
+                self.serv.server_documentation)
+
+        generated = self.serv.generate_html_documentation()
+        title = re.search(r'<title>(.+?)</title>', generated).group()
+        documentation = re.search(r'<p><tt>(.+?)</tt></p>', generated).group()
+        self.assertEqual('<title>Python: test_title&lt;script&gt;</title>', title)
+        self.assertEqual('<p><tt>test_documentation&lt;script&gt;</tt></p>', documentation)
+
 
 if __name__ == '__main__':
     unittest.main()
@@ -106,6 +106,7 @@ def export_add(self, x, y):
 
 from xmlrpc.client import Fault, dumps, loads, gzip_encode, gzip_decode
 from http.server import BaseHTTPRequestHandler
+import html
 import http.server
 import socketserver
 import sys
@@ -892,7 +893,7 @@ def generate_html_documentation(self):
                                 methods
                             )
 
-        return documenter.page(self.server_title, documentation)
+        return documenter.page(html.escape(self.server_title), documentation)
 
 class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
     """XML-RPC and documentation request handler class.
 
@@ -0,0 +1,9 @@
+.. bpo: 38243
+.. date: 2019-09-25-13-21-09
+.. nonce: 1pfz24
+.. release date: 2019-10-28
+.. section: Security
+
+Escape the server title of :class:`xmlrpc.server.DocXMLRPCServer` when
+rendering the document page as HTML. (Contributed by Dong-hee Na in
+:issue:`38243`.)
@@ -1,5 +1,5 @@
-This is Python version 3.5.8rc2
-===============================
+This is Python version 3.5.8
+============================
 
 Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Python Software