Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python39

buildservice-autocommit accepted request 1031408 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 121) 
baserev update by copy to link target
Matej Cepl's avatar Matej Cepl (mcepl) accepted request 1031398 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 120) 
- Add 98437-sphinx.locale._-as-gettext-in-pyspecific.patch to
  allow building of documentation with the latest Sphinx 5.3.0
  (gh#python/cpython#98366).
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 119) 
Fix version number in changelog
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 118) 
- Update to 3.8.15:
  - Fix multiplying a list by an integer (list *= int): detect
    the integer overflow when the new allocated length is close
    to the maximum size.
  - Fix a shell code injection vulnerability in the
    get-remote-certificate.py example script. The script no
    longer uses a shell to run openssl commands. (originally
    filed as CVE-2022-37460, later withdrawn)
  - Fix command line parsing: reject -X int_max_str_digits option
    with no value (invalid) when the PYTHONINTMAXSTRDIGITS
    environment variable is set to a valid limit.
  - When ValueError is raised if an integer is larger than the
    limit, mention the sys.set_int_max_str_digits() function in
    the error message.
  - Update bundled libexpat to 2.4.9
buildservice-autocommit accepted request 1003029 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 117) 
baserev update by copy to link target
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 116) 
- Update to 3.9.14:
  - (CVE-2020-10735, bsc#1203125). Converting between int
    and str in bases other than 2 (binary), 4, 8 (octal), 16
    (hexadecimal), or 32 such as base 10 (decimal) now raises a
    ValueError if the number of digits in string form is above a
    limit to avoid potential denial of service attacks due to the
    algorithmic complexity.
    This new limit can be configured or disabled by environment
    variable, command line flag, or sys APIs. See the integer
    string conversion length limitation documentation. The
    default limit is 4300 digits in string form.
  - Also other bug fixes:
    - http.server: Fix an open redirection vulnerability in the
      HTTP server when an URI path starts with //. Vulnerability
      discovered, and initial fix proposed, by Hamza Avvan.
    - Fix contextvars HAMT implementation to handle iteration
      over deep trees. The bug was discovered and fixed by Eli
      Libman. See MagicStack/immutables#84 for more details.
    - Fix binding of unix socket to empty address on Linux to use
      an available address from the abstract namespace, instead
      of “0”.
    - Suppress writing an XML declaration in open files
      in ElementTree.write() with encoding='unicode' and
      xml_declaration=None.
    - Fix the formatting for await x and not x in the operator
      precedence table when using the help() system.
    - Fix ensurepip environment isolation for subprocess running
      pip.
    - Fix problem with test_ssl test_get_ciphers on systems that
      require perfect forward secrecy (PFS) ciphers.
buildservice-autocommit accepted request 1000771 from Steve Kowalik's avatar Steve Kowalik (StevenK) (revision 115) 
baserev update by copy to link target
Steve Kowalik's avatar Steve Kowalik (StevenK) committed (revision 114) 
Correct changelog entry
Steve Kowalik's avatar Steve Kowalik (StevenK) committed (revision 113) 
- http.server: Fix an open redirection vulnerability in the HTTP server
  when an URI path starts with //. (bsc#1202624, CVE-2021-28861)
buildservice-autocommit accepted request 990683 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 112) 
baserev update by copy to link target
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 111) 
Restore %primary_interpreter
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 110) 
- Switch from %primary_interpreter to prjconf-defined
  %primary_python (gh#openSUSE/python-rpm-macros#127).
buildservice-autocommit accepted request 985337 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 109) 
baserev update by copy to link target
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 108) 
Add missing Bugzilla reference.
buildservice-autocommit accepted request 983632 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 107) 
baserev update by copy to link target
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 106) 
Fix changelog
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 105) 
Adjust support-expat-CVE-2022-25236-patched.patch
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 104) 
Adjust support-expat-CVE-2022-25236-patched.patch
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 103) 
- Fix building of documentation and the universal configuration of the
  %primary_interpreter.
- (bsc#1196784, CVE-2022-25236) Rename patch:
  support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch
  and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5
  as it was fully patched against CVE-2022-25236.
Matej Cepl's avatar Matej Cepl (mcepl) committed (revision 102) 
- Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid
  CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the
  command injection in the mailcap module.
Displaying revisions 61 - 80 of 181
openSUSE Build Service is sponsored by
Places