Rpyc

- Fixed `CVE-2019-16328`_ which was caused by a missing protocol security check
- Fixed RPyC over RPyC for mutable parameters and extended unit testing for `346`_

.. _CVE-2019-16328: https://rpyc.readthedocs.io/en/latest/docs/security.html
.. _346: https://github.com/tomerfiliba/rpyc/issues/346

* Fix issue high-cpu polling (`191`_, `218`_)
* Fix filename argument in logging (`197`_)
* Improved log messages (`191`_, `204`_)
* Drop support for python 3.2 and py 2.5

.. _191: https://github.com/tomerfiliba/rpyc/issues/191
.. _197: https://github.com/tomerfiliba/rpyc/issues/197
.. _204: https://github.com/tomerfiliba/rpyc/issues/204
.. _218: https://github.com/tomerfiliba/rpyc/issues/218

- Fixed netref.class_factory id_pack usage per 339 and added test cases
- Name pack casted in _unbox to fix IronPython bug. Fixed 337
- Increased chunk size to improve multi-client response time and throughput of large data 329
- Added warning to _remote_tb when the major version of local and remote mismatch (332)
- OneShotServer termination was fixed by WilliamBruneau (343)
- Known issue with 3.8 for CodeType parameters (may drop Python2 support first)

* Fix refcount leakage when unboxing from cache (`196`_)
* Fix TypeError when dispatching exceptions on py2 (unicode)
* Respect ``rpyc_protocol_config`` for default Service getattr (`202`_)
* Support unix domain sockets (`100`_, `208`_)
* Use first accessible server in ``connect_by_service`` (`220`_)
* Fix deadlock problem with logging (`207`_, `212`_)
* Fix timeout problem for long commands (`169`_)

.. _100: https://github.com/tomerfiliba/rpyc/issues/100
.. _169: https://github.com/tomerfiliba/rpyc/issues/169
.. _196: https://github.com/tomerfiliba/rpyc/issues/196
.. _202: https://github.com/tomerfiliba/rpyc/issues/202
.. _207: https://github.com/tomerfiliba/rpyc/issues/207
.. _208: https://github.com/tomerfiliba/rpyc/issues/208
.. _212: https://github.com/tomerfiliba/rpyc/issues/212
.. _220: https://github.com/tomerfiliba/rpyc/issues/220

=====
Date: 2024-02-23

- `551`_ Resolves security issue that results in RCE. The fix breaks backwards compatibility for those that rely on the `__array__` attribute used by `numpy`. This RCE is only exploitable when the server-side gets the attribute `__array__` and calls it (e.g., `np.array(x)`). This issues effects all versions since major release 4.

.. _551: https://github.com/tomerfiliba-org/rpyc/issues/551

- Added connection back-off and attempts for congested workloads
- Fixed minor resource leak for ForkingServer (304)
- Cross-connection instance check for cached netref classes (316)
- Hashing fixed (324)
- New ID Pack convention breaks compatibility between a client/server >= 4.10 with a client/server < 4.10