Merge pull request #8519 from pytest-dev/release-6.2.3

bluetech · web-flow · commit 724e22cb0030 · 2021-04-04T00:43:05.000+03:00
Prepare release 6.2.3
diff --git a/changelog/8414.bugfix.rst b/changelog/8414.bugfix.rst
diff --git a/doc/en/announce/index.rst b/doc/en/announce/index.rst
@@ -6,6 +6,7 @@ Release announcements
    :maxdepth: 2
 
 
+   release-6.2.3
    release-6.2.2
    release-6.2.1
    release-6.2.0
diff --git a/doc/en/announce/release-6.2.3.rst b/doc/en/announce/release-6.2.3.rst
@@ -0,0 +1,19 @@
+pytest-6.2.3
+=======================================
+
+pytest 6.2.3 has just been released to PyPI.
+
+This is a bug-fix release, being a drop-in replacement. To upgrade::
+
+  pip install --upgrade pytest
+
+The full changelog is available at https://docs.pytest.org/en/stable/changelog.html.
+
+Thanks to all of the contributors to this release:
+
+* Bruno Oliveira
+* Ran Benita
+
+
+Happy testing,
+The pytest Development Team
diff --git a/doc/en/changelog.rst b/doc/en/changelog.rst
@@ -28,6 +28,24 @@ with advance notice in the **Deprecations** section of releases.
 
 .. towncrier release notes start
 
+pytest 6.2.3 (2021-04-03)
+=========================
+
+Bug Fixes
+---------
+
+- `#8414 <https://github.com/pytest-dev/pytest/issues/8414>`_: pytest used to create directories under ``/tmp`` with world-readable
+  permissions. This means that any user in the system was able to read
+  information written by tests in temporary directories (such as those created by
+  the ``tmp_path``/``tmpdir`` fixture). Now the directories are created with
+  private permissions.
+
+  pytest used silenty use a pre-existing ``/tmp/pytest-of-<username>`` directory,
+  even if owned by another user. This means another user could pre-create such a
+  directory and gain control of another user's temporary directory. Now such a
+  condition results in an error.
+
+
 pytest 6.2.2 (2021-01-25)
 =========================
 
diff --git a/doc/en/example/parametrize.rst b/doc/en/example/parametrize.rst
@@ -508,11 +508,12 @@ Running it results in some skips if we don't have all the python interpreters in
 .. code-block:: pytest
 
    . $ pytest -rs -q multipython.py
-   ssssssssssss...ssssssssssss                                          [100%]
+   sssssssssssssssssssssssssss                                          [100%]
    ========================= short test summary info ==========================
-   SKIPPED [12] multipython.py:29: 'python3.5' not found
-   SKIPPED [12] multipython.py:29: 'python3.7' not found
-   3 passed, 24 skipped in 0.12s
+   SKIPPED [9] multipython.py:29: 'python3.5' not found
+   SKIPPED [9] multipython.py:29: 'python3.6' not found
+   SKIPPED [9] multipython.py:29: 'python3.7' not found
+   27 skipped in 0.12s
 
 Indirect parametrization of optional implementations/imports
 --------------------------------------------------------------------
diff --git a/doc/en/getting-started.rst b/doc/en/getting-started.rst
@@ -28,7 +28,7 @@ Install ``pytest``
 .. code-block:: bash
 
     $ pytest --version
-    pytest 6.2.2
+    pytest 6.2.3
 
 .. _`simpletest`:
 
