Revisions of python39
buildservice-autocommit
accepted
request 1031408
from
Matej Cepl (mcepl)
(revision 121)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 1031398
from
Matej Cepl (mcepl)
(revision 120)
- Add 98437-sphinx.locale._-as-gettext-in-pyspecific.patch to allow building of documentation with the latest Sphinx 5.3.0 (gh#python/cpython#98366).
Matej Cepl (mcepl)
committed
(revision 119)
Fix version number in changelog
Matej Cepl (mcepl)
committed
(revision 118)
- Update to 3.8.15: - Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. - Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. (originally filed as CVE-2022-37460, later withdrawn) - Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. - When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. - Update bundled libexpat to 2.4.9
buildservice-autocommit
accepted
request 1003029
from
Matej Cepl (mcepl)
(revision 117)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 116)
- Update to 3.9.14: - (CVE-2020-10735, bsc#1203125). Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This new limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form. - Also other bug fixes: - http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan. - Fix contextvars HAMT implementation to handle iteration over deep trees. The bug was discovered and fixed by Eli Libman. See MagicStack/immutables#84 for more details. - Fix binding of unix socket to empty address on Linux to use an available address from the abstract namespace, instead of “0”. - Suppress writing an XML declaration in open files in ElementTree.write() with encoding='unicode' and xml_declaration=None. - Fix the formatting for await x and not x in the operator precedence table when using the help() system. - Fix ensurepip environment isolation for subprocess running pip. - Fix problem with test_ssl test_get_ciphers on systems that require perfect forward secrecy (PFS) ciphers.
buildservice-autocommit
accepted
request 1000771
from
Steve Kowalik (StevenK)
(revision 115)
baserev update by copy to link target
Steve Kowalik (StevenK)
committed
(revision 114)
Correct changelog entry
Steve Kowalik (StevenK)
committed
(revision 113)
- http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. (bsc#1202624, CVE-2021-28861)
buildservice-autocommit
accepted
request 990683
from
Matej Cepl (mcepl)
(revision 112)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 111)
Restore %primary_interpreter
Matej Cepl (mcepl)
committed
(revision 110)
- Switch from %primary_interpreter to prjconf-defined %primary_python (gh#openSUSE/python-rpm-macros#127).
buildservice-autocommit
accepted
request 985337
from
Factory Maintainer (factory-maintainer)
(revision 109)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 108)
Add missing Bugzilla reference.
buildservice-autocommit
accepted
request 983632
from
Matej Cepl (mcepl)
(revision 107)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 106)
Fix changelog
Matej Cepl (mcepl)
committed
(revision 105)
Adjust support-expat-CVE-2022-25236-patched.patch
Matej Cepl (mcepl)
committed
(revision 104)
Adjust support-expat-CVE-2022-25236-patched.patch
Matej Cepl (mcepl)
committed
(revision 103)
- Fix building of documentation and the universal configuration of the %primary_interpreter. - (bsc#1196784, CVE-2022-25236) Rename patch: support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5 as it was fully patched against CVE-2022-25236.
Matej Cepl (mcepl)
committed
(revision 102)
- Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the command injection in the mailcap module.
Displaying revisions 61 - 80 of 181