Overview Repositories Revisions Requests Users Attributes Meta

Python-3 Interpreter

Edit Package python39
http://www.python.org/

Python is an interpreted, object-oriented programming language, and is often compared to Tcl, Perl, Scheme, or Java.
Python-3 is the next step in Python language evolution.

Refresh
Refresh
Source Files
Filename Size Changed
98437-sphinx.locale._-as-gettext-in-pyspecific.patch 0000002457 2.4 KB
F00251-change-user-install-location.patch 0000002388 2.33 KB
PACKAGING-NOTES 0000001126 1.1 KB
Python-3.9.16.tar.xz 0019738796 18.8 MB
Python-3.9.16.tar.xz.asc 0000000833 833 Bytes
README.SUSE 0000001683 1.64 KB
_multibuild 0000000078 78 Bytes
baselibs.conf 0000000040 40 Bytes
bluez-devel-vendor.tar.xz 0000024976 24.4 KB
bpo-31046_ensurepip_honours_prefix.patch 0000006303 6.16 KB
decimal.patch 0000001442 1.41 KB
distutils-reproducible-compile.patch 0000000390 390 Bytes
idle3.appdata.xml 0000001719 1.68 KB
idle3.desktop 0000000253 253 Bytes
import_failed.map 0000000319 319 Bytes
import_failed.py 0000000706 706 Bytes
macros.python3 0000001031 1.01 KB
no-skipif-doctests.patch 0000015693 15.3 KB
pre_checkin.sh 0000002150 2.1 KB
python-3.3.0b1-fix_date_time_compiler.patch 0000000896 896 Bytes
python-3.3.0b1-localpath.patch 0000000401 401 Bytes
python-3.3.0b1-test-posix_fadvise.patch 0000000486 486 Bytes
python.keyring 0000065279 63.7 KB
python3-imp-returntype.patch 0000002225 2.17 KB
python39.changes 0000161537 158 KB
python39.spec 0000032985 32.2 KB
skip-test_pyobject_freed_is_freed.patch 0000000486 486 Bytes
skipped_tests.py 0000001872 1.83 KB
sphinx-update-removed-function.patch 0000000744 744 Bytes
subprocess-raise-timeout.patch 0000000530 530 Bytes
support-expat-CVE-2022-25236-patched.patch 0000003072 3 KB
Revision 38 (latest revision is 56)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1041648 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 38) 
- Update to 3.9.16:
  - python -m http.server no longer allows terminal control
    characters sent within a garbage request to be printed to the
    stderr server log.
    This is done by changing the http.server
    BaseHTTPRequestHandler .log_message method to replace control
    characters with a \xHH hex escape before printing.
  - Avoid publishing list of active per-interpreter audit hooks
    via the gc module
  - The IDNA codec decoder used on DNS hostnames by socket or
    asyncio related name resolution functions no longer involves
    a quadratic algorithm. This prevents a potential CPU denial
    of service if an out-of-spec excessive length hostname
    involving bidirectional characters were decoded. Some
    protocols such as urllib http 3xx redirects potentially allow
    for an attacker to supply such a name (CVE-2015-20107).
  - Update bundled libexpat to 2.5.0
  - Port XKCP’s fix for the buffer overflows in SHA-3
    (CVE-2022-37454).
  - On Linux the multiprocessing module returns to using
    filesystem backed unix domain sockets for communication with
    the forkserver process instead of the Linux abstract socket
    namespace. Only code that chooses to use the “forkserver”
    start method is affected.
    Abstract sockets have no permissions and could allow any
    user on the system in the same network namespace (often
    the whole system) to inject code into the multiprocessing
    forkserver process. This was a potential privilege
    escalation. Filesystem based socket permissions restrict this
    to the forkserver process user as was the default in Python
    3.8 and earlier.
    This prevents Linux CVE-2022-42919.
  - The deprecated mailcap module now refuses to inject unsafe
    text (filenames, MIME types, parameters) into shell
    commands. Instead of using such text, it will warn and act
    as if a match was not found (or for test commands, as if the
    test failed).
- Removed upstreamed patches:
  - CVE-2015-20107-mailcap-unsafe-filenames.patch
  - CVE-2022-42919-loc-priv-mulitproc-forksrv.patch
  - CVE-2022-45061-DoS-by-IDNA-decode.patch
Comments 0
openSUSE Build Service is sponsored by
Places