Revisions of python39
Matej Cepl (mcepl)
committed
(revision 180)
- (bsc#1222509) Remove *.exe and *.dll files from bundled wheels.
buildservice-autocommit
accepted
request 1161042
from
Matej Cepl (mcepl)
(revision 179)
Matej Cepl (mcepl)
(revision 179)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 178)
- Add old-libexpat.patch making the test suite work with libexpat < 2.6.0 (gh#python/cpython#117187).
Matej Cepl (mcepl)
committed
(revision 176)
- Update to 3.9.19:
- Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-113659: Skip .pth files with names starting with a dot
or hidden file attribute.
- Core and Builtins
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
codecs read out of bounds
- Library
- gh-115197: urllib.request no longer resolves the hostname
before checking it against the system’s proxy bypass list
on macOS and Windows.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-81194: Fix a crash in socket.if_indextoname() with
specific value (UINT_MAX). Fix an integer overflow in
socket.if_indextoname() on 64-bit non-Windows platforms.
- gh-109858: Protect zipfile from “quoted-overlap”
zipbomb. It now raises BadZipFile when try to read an entry
that overlaps with other entry or central directory.
- gh-107077: Seems that in some conditions, OpenSSL will
return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL
when a certification verification has failed, but
the error parameters will still contain ERR_LIB_SSL
buildservice-autocommit
accepted
request 1157648
from
Factory Maintainer (factory-maintainer)
(revision 175)
Factory Maintainer (factory-maintainer)
(revision 175)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 1155683
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 174)
buildservice-autocommit
accepted
request 1153059
from
Matej Cepl (mcepl)
(revision 173)
Matej Cepl (mcepl)
(revision 173)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 172)
- Update SPEC file to build on SLE-15-SP5 (jsc#PED-7886). - (bsc#1219666, CVE-2023-6597) Add CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from gh#python/cpython!99930) fixing symlink bug in cleanup of tempfile.TemporaryDirectory. - Repurpose skip-failing-tests.patch to increase timeout for test.test_asyncio.test_tasks.TimeoutTests.test_timeout_time, which fails on slow machines in IBS (s390x). - (bsc#1215454, gh-108310) Fixed an issue where instances - Refresh all patches: - 98437-sphinx.locale._-as-gettext-in-pyspecific.patch - 99366-patch.dict-can-decorate-async.patch - Revert-gh105127-left-tests.patch - bpo-31046_ensurepip_honours_prefix.patch - decimal.patch - distutils-reproducible-compile.patch - gh-78214-marshal_stabilize_FLAG_REF.patch - python-3.3.0b1-localpath.patch - python-3.3.0b1-test-posix_fadvise.patch - python3-imp-returntype.patch - subprocess-raise-timeout.patch - support-expat-CVE-2022-25236-patched.patch - downport-Sphinx-features.patch
buildservice-autocommit
accepted
request 1152789
from
Factory Maintainer (factory-maintainer)
(revision 171)
Factory Maintainer (factory-maintainer)
(revision 171)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 170)
- Remove double definition of /usr/bin/idle%%{version} in
%%files.
buildservice-autocommit
accepted
request 1146870
from
Matej Cepl (mcepl)
(revision 169)
Matej Cepl (mcepl)
(revision 169)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 1146816
from
Daniel Garcia (dgarcia)
(revision 168)
- Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289
Matej Cepl (mcepl)
committed
(revision 167)
- Refresh CVE-2023-27043-email-parsing-errors.patch to gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043). - Thus we can remove Revert-gh105127-left-tests.patch, which is now useless.
buildservice-autocommit
accepted
request 1119266
from
Factory Maintainer (factory-maintainer)
(revision 166)
Factory Maintainer (factory-maintainer)
(revision 166)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 165)
- (bsc#1215454, gh-108310)Fixed an issue where instances
of ssl.SSLSocket were vulnerable to a bypass of the TLS
handshake and included protections (like certificate
verification) and treating sent unencrypted data as if it
were post-handshake TLS encrypted data. Security issue
reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory
P. Smith.
- Update to 3.9.17 (bsc#1212015):
* Support Expat >= 2.4.4 (jsc#SLE-21253, CVE-2022-25236)
buildservice-autocommit
accepted
request 1109203
from
Daniel Garcia (dgarcia)
(revision 164)
Daniel Garcia (dgarcia)
(revision 164)
baserev update by copy to link target
Daniel Garcia (dgarcia)
committed
(revision 163)
- Update to 3.9.18 (bsc#1214692):
- gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included
protections (like certificate verification) and treating sent
unencrypted data as if it were post-handshake TLS encrypted data.
Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by
Gregory P. Smith.
- gh-107845: tarfile.data_filter() now takes the location of
symlinks into account when determining their target, so it will no
longer reject some valid tarballs with
LinkOutsideDestinationError.
- gh-107565: Update multissltests and GitHub CI workflows to use
OpenSSL 1.1.1v, 3.0.10, and 3.1.2.
buildservice-autocommit
accepted
request 1102236
from
Matej Cepl (mcepl)
(revision 162)
Matej Cepl (mcepl)
(revision 162)
baserev update by copy to link target
Displaying revisions 1 - 20 of 181
