commit 32ec6998cb60db49051b2f6956be676bf28d37cc Author: Adrian Schröter Date: Wed Sep 27 17:26:53 2023 +0200 Sync from SUSE:ALP:Source:Standard:1.0 python310 revision 598ed01124274fb45b52bac06b48e8d2 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/CVE-2023-27043-email-parsing-errors.patch b/CVE-2023-27043-email-parsing-errors.patch new file mode 100644 index 0000000..7f56225 --- /dev/null +++ b/CVE-2023-27043-email-parsing-errors.patch @@ -0,0 +1,249 @@ +--- + Doc/library/email.utils.rst | 26 +++ + Lib/email/utils.py | 63 +++++++ + Lib/test/test_email/test_email.py | 81 +++++++++- + Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst | 4 + 4 files changed, 164 insertions(+), 10 deletions(-) + +Index: Python-3.10.12/Doc/library/email.utils.rst +=================================================================== +--- Python-3.10.12.orig/Doc/library/email.utils.rst ++++ Python-3.10.12/Doc/library/email.utils.rst +@@ -67,6 +67,11 @@ of the new API. + *email address* parts. Returns a tuple of that information, unless the parse + fails, in which case a 2-tuple of ``('', '')`` is returned. + ++ .. versionchanged:: 3.12 ++ For security reasons, addresses that were ambiguous and could parse into ++ multiple different addresses now cause ``('', '')`` to be returned ++ instead of only one of the *potential* addresses. ++ + + .. function:: formataddr(pair, charset='utf-8') + +@@ -89,7 +94,7 @@ of the new API. + This method returns a list of 2-tuples of the form returned by ``parseaddr()``. + *fieldvalues* is a sequence of header field values as might be returned by + :meth:`Message.get_all `. Here's a simple +- example that gets all the recipients of a message:: ++ example that gets all the recipients of a message: + + from email.utils import getaddresses + +@@ -99,6 +104,25 @@ of the new API. + resent_ccs = msg.get_all('resent-cc', []) + all_recipients = getaddresses(tos + ccs + resent_tos + resent_ccs) + ++ When parsing fails for a single fieldvalue, a 2-tuple of ``('', '')`` ++ is returned in its place. Other errors in parsing the list of ++ addresses such as a fieldvalue seemingly parsing into multiple ++ addresses may result in a list containing a single empty 2-tuple ++ ``[('', '')]`` being returned rather than returning potentially ++ invalid output. ++ ++ Example malformed input parsing: ++ ++ .. doctest:: ++ ++ >>> from email.utils import getaddresses ++ >>> getaddresses(['alice@example.com ', 'me@example.com']) ++ [('', '')] ++ ++ .. versionchanged:: 3.12 ++ The 2-tuple of ``('', '')`` in the returned values when parsing ++ fails were added as to address a security issue. ++ + + .. function:: parsedate(date) + +Index: Python-3.10.12/Lib/email/utils.py +=================================================================== +--- Python-3.10.12.orig/Lib/email/utils.py ++++ Python-3.10.12/Lib/email/utils.py +@@ -106,12 +106,54 @@ def formataddr(pair, charset='utf-8'): + return address + + ++def _pre_parse_validation(email_header_fields): ++ accepted_values = [] ++ for v in email_header_fields: ++ s = v.replace('\\(', '').replace('\\)', '') ++ if s.count('(') != s.count(')'): ++ v = "('', '')" ++ accepted_values.append(v) ++ ++ return accepted_values ++ ++ ++def _post_parse_validation(parsed_email_header_tuples): ++ accepted_values = [] ++ # The parser would have parsed a correctly formatted domain-literal ++ # The existence of an [ after parsing indicates a parsing failure ++ for v in parsed_email_header_tuples: ++ if '[' in v[1]: ++ v = ('', '') ++ accepted_values.append(v) ++ ++ return accepted_values ++ + + def getaddresses(fieldvalues): +- """Return a list of (REALNAME, EMAIL) for each fieldvalue.""" +- all = COMMASPACE.join(str(v) for v in fieldvalues) ++ """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue. ++ ++ When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in ++ its place. ++ ++ If the resulting list of parsed address is not the same as the number of ++ fieldvalues in the input list a parsing error has occurred. A list ++ containing a single empty 2-tuple [('', '')] is returned in its place. ++ This is done to avoid invalid output. ++ """ ++ fieldvalues = [str(v) for v in fieldvalues] ++ fieldvalues = _pre_parse_validation(fieldvalues) ++ all = COMMASPACE.join(v for v in fieldvalues) + a = _AddressList(all) +- return a.addresslist ++ result = _post_parse_validation(a.addresslist) ++ ++ n = 0 ++ for v in fieldvalues: ++ n += v.count(',') + 1 ++ ++ if len(result) != n: ++ return [('', '')] ++ ++ return result + + + def _format_timetuple_and_zone(timetuple, zone): +@@ -212,9 +254,18 @@ def parseaddr(addr): + Return a tuple of realname and email address, unless the parse fails, in + which case return a 2-tuple of ('', ''). + """ +- addrs = _AddressList(addr).addresslist +- if not addrs: +- return '', '' ++ if isinstance(addr, list): ++ addr = addr[0] ++ ++ if not isinstance(addr, str): ++ return ('', '') ++ ++ addr = _pre_parse_validation([addr])[0] ++ addrs = _post_parse_validation(_AddressList(addr).addresslist) ++ ++ if not addrs or len(addrs) > 1: ++ return ('', '') ++ + return addrs[0] + + +Index: Python-3.10.12/Lib/test/test_email/test_email.py +=================================================================== +--- Python-3.10.12.orig/Lib/test/test_email/test_email.py ++++ Python-3.10.12/Lib/test/test_email/test_email.py +@@ -3288,15 +3288,90 @@ Foo + [('Al Person', 'aperson@dom.ain'), + ('Bud Person', 'bperson@dom.ain')]) + ++ def test_getaddresses_parsing_errors(self): ++ """Test for parsing errors from CVE-2023-27043""" ++ eq = self.assertEqual ++ eq(utils.getaddresses(['alice@example.org(']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org)']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org<']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org>']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org@']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org,']), ++ [('', 'alice@example.org'), ('', 'bob@example.com')]) ++ eq(utils.getaddresses(['alice@example.org;']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org:']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org.']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org"']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org[']), ++ [('', '')]) ++ eq(utils.getaddresses(['alice@example.org]']), ++ [('', '')]) ++ ++ def test_parseaddr_parsing_errors(self): ++ """Test for parsing errors from CVE-2023-27043""" ++ eq = self.assertEqual ++ eq(utils.parseaddr(['alice@example.org(']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org)']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org<']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org>']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org@']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org,']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org;']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org:']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org.']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org"']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org[']), ++ ('', '')) ++ eq(utils.parseaddr(['alice@example.org]']), ++ ('', '')) ++ + def test_getaddresses_nasty(self): + eq = self.assertEqual + eq(utils.getaddresses(['foo: ;']), [('', '')]) +- eq(utils.getaddresses( +- ['[]*-- =~$']), +- [('', ''), ('', ''), ('', '*--')]) ++ eq(utils.getaddresses(['[]*-- =~$']), [('', '')]) + eq(utils.getaddresses( + ['foo: ;', '"Jason R. Mastaler" ']), + [('', ''), ('Jason R. Mastaler', 'jason@dom.ain')]) ++ eq(utils.getaddresses( ++ [r'Pete(A nice \) chap) ']), ++ [('Pete (A nice ) chap his account his host)', 'pete@silly.test')]) ++ eq(utils.getaddresses( ++ ['(Empty list)(start)Undisclosed recipients :(nobody(I know))']), ++ [('', '')]) ++ eq(utils.getaddresses( ++ ['Mary <@machine.tld:mary@example.net>, , jdoe@test . example']), ++ [('Mary', 'mary@example.net'), ('', ''), ('', 'jdoe@test.example')]) ++ eq(utils.getaddresses( ++ ['John Doe ']), ++ [('John Doe (comment)', 'jdoe@machine.example')]) ++ eq(utils.getaddresses( ++ ['"Mary Smith: Personal Account" ']), ++ [('Mary Smith: Personal Account', 'smith@home.example')]) ++ eq(utils.getaddresses( ++ ['Undisclosed recipients:;']), ++ [('', '')]) ++ eq(utils.getaddresses( ++ [r', "Giant; \"Big\" Box" ']), ++ [('', 'boss@nil.test'), ('Giant; "Big" Box', 'bob@example.net')]) + + def test_getaddresses_embedded_comment(self): + """Test proper handling of a nested comment""" +Index: Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst +=================================================================== +--- /dev/null ++++ Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst +@@ -0,0 +1,4 @@ ++CVE-2023-27043: Prevent :func:`email.utils.parseaddr` ++and :func:`email.utils.getaddresses` from returning the realname portion of an ++invalid RFC2822 email header in the email address portion of the 2-tuple ++returned after being parsed by :class:`email._parseaddr.AddressList`. diff --git a/F00251-change-user-install-location.patch b/F00251-change-user-install-location.patch new file mode 100644 index 0000000..6923686 --- /dev/null +++ b/F00251-change-user-install-location.patch @@ -0,0 +1,58 @@ +From 910f38d9768d39d4d31426743ae4081ed1ab66b6 Mon Sep 17 00:00:00 2001 +From: Michal Cyprian +Date: Mon, 26 Jun 2017 16:32:56 +0200 +Subject: [PATCH] 00251: Change user install location + +Set values of prefix and exec_prefix in distutils install command +to /usr/local if executable is /usr/bin/python* and RPM build +is not detected to make pip and distutils install into separate location. + +Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe +--- + Lib/distutils/command/install.py | 15 +++++++++++++-- + Lib/site.py | 9 ++++++++- + 2 files changed, 21 insertions(+), 3 deletions(-) + +--- a/Lib/distutils/command/install.py ++++ b/Lib/distutils/command/install.py +@@ -441,8 +441,19 @@ class install(Command): + raise DistutilsOptionError( + "must not supply exec-prefix without prefix") + +- self.prefix = os.path.normpath(sys.prefix) +- self.exec_prefix = os.path.normpath(sys.exec_prefix) ++ # self.prefix is set to sys.prefix + /local/ ++ # if neither RPM build nor virtual environment is ++ # detected to make pip and distutils install packages ++ # into the separate location. ++ if (not (hasattr(sys, 'real_prefix') or ++ sys.prefix != sys.base_prefix) and ++ 'RPM_BUILD_ROOT' not in os.environ): ++ addition = "/local" ++ else: ++ addition = "" ++ ++ self.prefix = os.path.normpath(sys.prefix) + addition ++ self.exec_prefix = os.path.normpath(sys.exec_prefix) + addition + + else: + if self.exec_prefix is None: +--- a/Lib/site.py ++++ b/Lib/site.py +@@ -380,8 +380,15 @@ def getsitepackages(prefixes=None): + return sitepackages + + def addsitepackages(known_paths, prefixes=None): +- """Add site-packages to sys.path""" ++ """Add site-packages to sys.path ++ ++ '/usr/local' is included in PREFIXES if RPM build is not detected ++ to make packages installed into this location visible. ++ ++ """ + _trace("Processing global site-packages") ++ if ENABLE_USER_SITE and 'RPM_BUILD_ROOT' not in os.environ: ++ PREFIXES.insert(0, "/usr/local") + for sitedir in getsitepackages(prefixes): + if os.path.isdir(sitedir): + addsitedir(sitedir, known_paths) diff --git a/PACKAGING-NOTES b/PACKAGING-NOTES new file mode 100644 index 0000000..171b75c --- /dev/null +++ b/PACKAGING-NOTES @@ -0,0 +1,26 @@ +Notes for packagers of Python3 +============================== + +0. Faster build turnaround +-------------------------- + +By default, python builds with profile-guided optimization. This needs +an additional run of the test suite and it is generally slow. +PGO build takes around 50 minutes. + +For development, use "--without profileopt" option to disable PGO. This +shortens the build time to ~5 minutes including test suite. + +1. import_failed.map +---------------------- + +This is a mechanism installed as part of python3-base, that places shim modules +on python's path (through a generated zzzz-import-failed-hooks.pth file, so that +it is imported as much at the end as makes sense; and an _import_failed subdir +of /usr/lib/pythonX.Y). Then when the user tries to import a module that is part +of a subpackage, the ImportError will contain a helpful message telling them +which missing subpackage to install. + +This can sometimes cause problems on non-standard configurations, if the pth +gets included too early (for instance if you are using a script to include all +pths by hand in some strange order). Just something to look out for. diff --git a/Python-3.10.13.tar.xz b/Python-3.10.13.tar.xz new file mode 100644 index 0000000..a2f381a --- /dev/null +++ b/Python-3.10.13.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5c88848668640d3e152b35b4536ef1c23b2ca4bd2c957ef1ecbb053f571dd3f6 +size 19663088 diff --git a/Python-3.10.13.tar.xz.asc b/Python-3.10.13.tar.xz.asc new file mode 100644 index 0000000..13fa61f --- /dev/null +++ b/Python-3.10.13.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmTnVFIACgkQ/+h0BBaL +2EfANRAAng1gGOlrpC5O6dU3w37Ubbp4nqRxCgLO3jcOipafkq4PdQN0VrP8Gvbx +NGn+ELdAiBasVkgx3aZcDKCSHQT9PkMOGjNKKcv6NamMTnwp5IeVEY+uXSITxOoQ +VmLRKdnNO9PYkSfh0bB51p5+HtnbFabs6lY6NEwSg9J2ooNCChgaVEEjGJalLkKn +aCy+G9prd4KUXMonm8fqk3kj79qcEdj97CdOdEpE0EvH5oNNfKRwkD8j4nztE5mM +GeymPb9g9gY+u2Ph5bPkkNHSwgO/NVgCrAxcdJC4/tabiWBFZtmLEcEUvMmMVDdM +VAV40PHlIevzY2wm2PIZYKqqVpvyfjk3SRSfqJe7BiOMfifXpG1rYD+pB823U20c +Xzi9Z1p39406XbgOI9EE4dVWSI03kyEcnOth8pv/aYoIlSGnfH7ngST0OGoBMUZ4 +LwwOiBBgqoRJoYKERmbQ+r4hFJTkdFgFZHu9YkT5L+TwCRbVYGK6bptZGCveVn92 +j4t8gOpR+m27Sc3YWxEqp3dW3u3GWEPqtK2MDdbj3omZ00vb+Ukdq3CLLNoxP/KC +PvJsxe2coMYz0R9SbSrKujJeYeb/6P8P5QxzcqiVfWtZRc9SJ+aianaTgfcag08R +9XDTiL4thCq5uaKsYaLECaPDKMF/skQrqbbLShf5rvcvDJO783s= +=UP6h +-----END PGP SIGNATURE----- diff --git a/README.SUSE b/README.SUSE new file mode 100644 index 0000000..d20fd75 --- /dev/null +++ b/README.SUSE @@ -0,0 +1,43 @@ +Python 3 in SUSE +============== + +* Subpackages * + +Python 3 is split into several subpackages, based on external dependencies. +The main package 'python3' has soft dependencies on all subpackages needed to +assemble the standard library; however, these might not all be installed by default. + +If you attempt to import a module that is currently not installed, an ImportError is thrown, +with instructions to install the missing subpackage. Installing the subpackage might result +in installing libraries that the subpackage requires to function. + + +* ensurepip * + +The 'ensurepip' module from Python 3 standard library (PEP 453) is supposed to deploy +a bundled copy of the pip installer. This makes no sense in a managed distribution like SUSE. +Instead, you need to install package 'python3-pip'. Usually this will be installed automatically +with 'python3'. + +Using 'ensurepip' when pip is not installed will result in an ImportError with instructions +to install 'python3-pip'. + + +* Documentation * + +You can find documentation in seprarate packages: python3-doc and +python3-doc-pdf. These contan following documents: + + Tutorial, What's New in Python, Global Module Index, Library Reference, + Macintosh Module Reference, Installing Python Modules, Distributing Python + Modules, Language Reference, Extending and Embedding, Python/C API, + Documenting Python + +The python3-doc package constains many text files from source tarball. + + +* Interactive mode * + +Interactive mode is by default enhanced with of history and command completion. +If you don't like these features, you can unset the PYTHONSTARTUP variable +in your .profile or disable it system wide in /etc/profile.d/python.sh. diff --git a/Revert-gh105127-left-tests.patch b/Revert-gh105127-left-tests.patch new file mode 100644 index 0000000..0a4a541 --- /dev/null +++ b/Revert-gh105127-left-tests.patch @@ -0,0 +1,283 @@ +From 4288c623d62cf90d8e4444facb3379fb06d01140 Mon Sep 17 00:00:00 2001 +From: "Gregory P. Smith" +Date: Thu, 20 Jul 2023 20:30:52 -0700 +Subject: [PATCH] [3.12] gh-106669: Revert "gh-102988: Detect email address + parsing errors ... (GH-105127)" (GH-106733) + +This reverts commit 18dfbd035775c15533d13a98e56b1d2bf5c65f00. +Adds a regression test from the issue. + +See https://github.com/python/cpython/issues/106669.. +(cherry picked from commit a31dea1feb61793e48fa9aa5014f358352205c1d) + +Co-authored-by: Gregory P. Smith +--- + Doc/library/email.utils.rst | 26 -- + Lib/email/utils.py | 63 ------ + Lib/test/test_email/test_email.py | 96 +--------- + Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst | 5 + 4 files changed, 31 insertions(+), 159 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst + +Index: Python-3.10.13/Doc/library/email.utils.rst +=================================================================== +--- Python-3.10.13.orig/Doc/library/email.utils.rst ++++ Python-3.10.13/Doc/library/email.utils.rst +@@ -67,11 +67,6 @@ of the new API. + *email address* parts. Returns a tuple of that information, unless the parse + fails, in which case a 2-tuple of ``('', '')`` is returned. + +- .. versionchanged:: 3.12 +- For security reasons, addresses that were ambiguous and could parse into +- multiple different addresses now cause ``('', '')`` to be returned +- instead of only one of the *potential* addresses. +- + + .. function:: formataddr(pair, charset='utf-8') + +@@ -94,7 +89,7 @@ of the new API. + This method returns a list of 2-tuples of the form returned by ``parseaddr()``. + *fieldvalues* is a sequence of header field values as might be returned by + :meth:`Message.get_all `. Here's a simple +- example that gets all the recipients of a message: ++ example that gets all the recipients of a message:: + + from email.utils import getaddresses + +@@ -104,25 +99,6 @@ of the new API. + resent_ccs = msg.get_all('resent-cc', []) + all_recipients = getaddresses(tos + ccs + resent_tos + resent_ccs) + +- When parsing fails for a single fieldvalue, a 2-tuple of ``('', '')`` +- is returned in its place. Other errors in parsing the list of +- addresses such as a fieldvalue seemingly parsing into multiple +- addresses may result in a list containing a single empty 2-tuple +- ``[('', '')]`` being returned rather than returning potentially +- invalid output. +- +- Example malformed input parsing: +- +- .. doctest:: +- +- >>> from email.utils import getaddresses +- >>> getaddresses(['alice@example.com ', 'me@example.com']) +- [('', '')] +- +- .. versionchanged:: 3.12 +- The 2-tuple of ``('', '')`` in the returned values when parsing +- fails were added as to address a security issue. +- + + .. function:: parsedate(date) + +Index: Python-3.10.13/Lib/email/utils.py +=================================================================== +--- Python-3.10.13.orig/Lib/email/utils.py ++++ Python-3.10.13/Lib/email/utils.py +@@ -106,54 +106,12 @@ def formataddr(pair, charset='utf-8'): + return address + + +-def _pre_parse_validation(email_header_fields): +- accepted_values = [] +- for v in email_header_fields: +- s = v.replace('\\(', '').replace('\\)', '') +- if s.count('(') != s.count(')'): +- v = "('', '')" +- accepted_values.append(v) +- +- return accepted_values +- +- +-def _post_parse_validation(parsed_email_header_tuples): +- accepted_values = [] +- # The parser would have parsed a correctly formatted domain-literal +- # The existence of an [ after parsing indicates a parsing failure +- for v in parsed_email_header_tuples: +- if '[' in v[1]: +- v = ('', '') +- accepted_values.append(v) +- +- return accepted_values +- + + def getaddresses(fieldvalues): +- """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue. +- +- When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in +- its place. +- +- If the resulting list of parsed address is not the same as the number of +- fieldvalues in the input list a parsing error has occurred. A list +- containing a single empty 2-tuple [('', '')] is returned in its place. +- This is done to avoid invalid output. +- """ +- fieldvalues = [str(v) for v in fieldvalues] +- fieldvalues = _pre_parse_validation(fieldvalues) +- all = COMMASPACE.join(v for v in fieldvalues) ++ """Return a list of (REALNAME, EMAIL) for each fieldvalue.""" ++ all = COMMASPACE.join(str(v) for v in fieldvalues) + a = _AddressList(all) +- result = _post_parse_validation(a.addresslist) +- +- n = 0 +- for v in fieldvalues: +- n += v.count(',') + 1 +- +- if len(result) != n: +- return [('', '')] +- +- return result ++ return a.addresslist + + + def _format_timetuple_and_zone(timetuple, zone): +@@ -254,18 +212,9 @@ def parseaddr(addr): + Return a tuple of realname and email address, unless the parse fails, in + which case return a 2-tuple of ('', ''). + """ +- if isinstance(addr, list): +- addr = addr[0] +- +- if not isinstance(addr, str): +- return ('', '') +- +- addr = _pre_parse_validation([addr])[0] +- addrs = _post_parse_validation(_AddressList(addr).addresslist) +- +- if not addrs or len(addrs) > 1: +- return ('', '') +- ++ addrs = _AddressList(addr).addresslist ++ if not addrs: ++ return '', '' + return addrs[0] + + +Index: Python-3.10.13/Lib/test/test_email/test_email.py +=================================================================== +--- Python-3.10.13.orig/Lib/test/test_email/test_email.py ++++ Python-3.10.13/Lib/test/test_email/test_email.py +@@ -3288,90 +3288,32 @@ Foo + [('Al Person', 'aperson@dom.ain'), + ('Bud Person', 'bperson@dom.ain')]) + +- def test_getaddresses_parsing_errors(self): +- """Test for parsing errors from CVE-2023-27043""" +- eq = self.assertEqual +- eq(utils.getaddresses(['alice@example.org(']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org)']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org<']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org>']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org@']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org,']), +- [('', 'alice@example.org'), ('', 'bob@example.com')]) +- eq(utils.getaddresses(['alice@example.org;']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org:']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org.']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org"']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org[']), +- [('', '')]) +- eq(utils.getaddresses(['alice@example.org]']), +- [('', '')]) +- +- def test_parseaddr_parsing_errors(self): +- """Test for parsing errors from CVE-2023-27043""" +- eq = self.assertEqual +- eq(utils.parseaddr(['alice@example.org(']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org)']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org<']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org>']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org@']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org,']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org;']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org:']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org.']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org"']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org[']), +- ('', '')) +- eq(utils.parseaddr(['alice@example.org]']), +- ('', '')) ++ def test_getaddresses_comma_in_name(self): ++ """GH-106669 regression test.""" ++ self.assertEqual( ++ utils.getaddresses( ++ [ ++ '"Bud, Person" ', ++ 'aperson@dom.ain (Al Person)', ++ '"Mariusz Felisiak" ', ++ ] ++ ), ++ [ ++ ('Bud, Person', 'bperson@dom.ain'), ++ ('Al Person', 'aperson@dom.ain'), ++ ('Mariusz Felisiak', 'to@example.com'), ++ ], ++ ) + + def test_getaddresses_nasty(self): + eq = self.assertEqual + eq(utils.getaddresses(['foo: ;']), [('', '')]) +- eq(utils.getaddresses(['[]*-- =~$']), [('', '')]) ++ eq(utils.getaddresses( ++ ['[]*-- =~$']), ++ [('', ''), ('', ''), ('', '*--')]) + eq(utils.getaddresses( + ['foo: ;', '"Jason R. Mastaler" ']), + [('', ''), ('Jason R. Mastaler', 'jason@dom.ain')]) +- eq(utils.getaddresses( +- [r'Pete(A nice \) chap) ']), +- [('Pete (A nice ) chap his account his host)', 'pete@silly.test')]) +- eq(utils.getaddresses( +- ['(Empty list)(start)Undisclosed recipients :(nobody(I know))']), +- [('', '')]) +- eq(utils.getaddresses( +- ['Mary <@machine.tld:mary@example.net>, , jdoe@test . example']), +- [('Mary', 'mary@example.net'), ('', ''), ('', 'jdoe@test.example')]) +- eq(utils.getaddresses( +- ['John Doe ']), +- [('John Doe (comment)', 'jdoe@machine.example')]) +- eq(utils.getaddresses( +- ['"Mary Smith: Personal Account" ']), +- [('Mary Smith: Personal Account', 'smith@home.example')]) +- eq(utils.getaddresses( +- ['Undisclosed recipients:;']), +- [('', '')]) +- eq(utils.getaddresses( +- [r', "Giant; \"Big\" Box" ']), +- [('', 'boss@nil.test'), ('Giant; "Big" Box', 'bob@example.net')]) + + def test_getaddresses_embedded_comment(self): + """Test proper handling of a nested comment""" +Index: Python-3.10.13/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst +=================================================================== +--- Python-3.10.13.orig/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst ++++ Python-3.10.13/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst +@@ -1,3 +1,8 @@ ++Reverted the :mod:`email.utils` security improvement change released in ++3.12beta4 that unintentionally caused :mod:`email.utils.getaddresses` to fail ++to parse email addresses with a comma in the quoted name field. ++See :gh:`106669`. ++ + CVE-2023-27043: Prevent :func:`email.utils.parseaddr` + and :func:`email.utils.getaddresses` from returning the realname portion of an + invalid RFC2822 email header in the email address portion of the 2-tuple diff --git a/_multibuild b/_multibuild new file mode 100644 index 0000000..f69f5e4 --- /dev/null +++ b/_multibuild @@ -0,0 +1,4 @@ + + base + doc + diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..0ab1629 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,3 @@ +python310-base +python310 +libpython3_10-1_0 diff --git a/bluez-devel-vendor.tar.xz b/bluez-devel-vendor.tar.xz new file mode 100644 index 0000000..e902496 --- /dev/null +++ b/bluez-devel-vendor.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8f500ed7fc0680e2b4a18a3c188fcd6be5706f7ddfbc2002134f0772b3d4d4ce +size 25040 diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch new file mode 100644 index 0000000..d3a4dae --- /dev/null +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -0,0 +1,163 @@ +From 5754521af1d51aa8e445cba07a093bbc0c88596d Mon Sep 17 00:00:00 2001 +From: Zackery Spytz +Date: Mon, 16 Dec 2019 18:24:08 -0700 +Subject: [PATCH] bpo-31046: ensurepip does not honour the value of $(prefix) + +Co-Authored-By: Xavier de Gaye +--- + Doc/library/ensurepip.rst | 9 +++-- + Lib/ensurepip/__init__.py | 18 +++++++--- + Lib/test/test_ensurepip.py | 11 ++++++ + Makefile.pre.in | 4 +- + Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst | 1 + 5 files changed, 34 insertions(+), 9 deletions(-) + create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst + +--- a/Doc/library/ensurepip.rst ++++ b/Doc/library/ensurepip.rst +@@ -58,8 +58,9 @@ is at least as recent as the one availab + By default, ``pip`` is installed into the current virtual environment + (if one is active) or into the system site packages (if there is no + active virtual environment). The installation location can be controlled +-through two additional command line options: ++through some additional command line options: + ++* ``--prefix ``: Installs ``pip`` using the given directory prefix. + * ``--root ``: Installs ``pip`` relative to the given root directory + rather than the root of the currently active virtual environment (if any) + or the default root for the current Python installation. +@@ -91,7 +92,7 @@ Module API + Returns a string specifying the available version of pip that will be + installed when bootstrapping an environment. + +-.. function:: bootstrap(root=None, upgrade=False, user=False, \ ++.. function:: bootstrap(root=None, prefix=None, upgrade=False, user=False, \ + altinstall=False, default_pip=False, \ + verbosity=0) + +@@ -101,6 +102,8 @@ Module API + If *root* is ``None``, then installation uses the default install location + for the current environment. + ++ *prefix* specifies the directory prefix to use when installing. ++ + *upgrade* indicates whether or not to upgrade an existing installation + of an earlier version of ``pip`` to the available version. + +@@ -121,6 +124,8 @@ Module API + *verbosity* controls the level of output to :data:`sys.stdout` from the + bootstrapping operation. + ++ .. versionchanged:: 3.9 the *prefix* parameter was added. ++ + .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap + + .. note:: +--- a/Lib/ensurepip/__init__.py ++++ b/Lib/ensurepip/__init__.py +@@ -123,27 +123,27 @@ def _disable_pip_configuration_settings( + os.environ['PIP_CONFIG_FILE'] = os.devnull + + +-def bootstrap(*, root=None, upgrade=False, user=False, ++def bootstrap(*, root=None, prefix=None, upgrade=False, user=False, + altinstall=False, default_pip=False, + verbosity=0): + """ + Bootstrap pip into the current Python installation (or the given root +- directory). ++ and directory prefix). + + Note that calling this function will alter both sys.path and os.environ. + """ + # Discard the return value +- _bootstrap(root=root, upgrade=upgrade, user=user, ++ _bootstrap(root=root, prefix=prefix, upgrade=upgrade, user=user, + altinstall=altinstall, default_pip=default_pip, + verbosity=verbosity) + + +-def _bootstrap(*, root=None, upgrade=False, user=False, ++def _bootstrap(*, root=None, prefix=None, upgrade=False, user=False, + altinstall=False, default_pip=False, + verbosity=0): + """ + Bootstrap pip into the current Python installation (or the given root +- directory). Returns pip command status code. ++ and directory prefix). Returns pip command status code. + + Note that calling this function will alter both sys.path and os.environ. + """ +@@ -193,6 +193,8 @@ def _bootstrap(*, root=None, upgrade=Fal + args = ["install", "--no-cache-dir", "--no-index", "--find-links", tmpdir] + if root: + args += ["--root", root] ++ if prefix: ++ args += ["--prefix", prefix] + if upgrade: + args += ["--upgrade"] + if user: +@@ -268,6 +270,11 @@ def _main(argv=None): + help="Install everything relative to this alternate root directory.", + ) + parser.add_argument( ++ "--prefix", ++ default=None, ++ help="Install everything using this prefix.", ++ ) ++ parser.add_argument( + "--altinstall", + action="store_true", + default=False, +@@ -286,6 +293,7 @@ def _main(argv=None): + + return _bootstrap( + root=args.root, ++ prefix=args.prefix, + upgrade=args.upgrade, + user=args.user, + verbosity=args.verbosity, +--- a/Lib/test/test_ensurepip.py ++++ b/Lib/test/test_ensurepip.py +@@ -112,6 +112,17 @@ class TestBootstrap(EnsurepipMixin, unit + unittest.mock.ANY, + ) + ++ def test_bootstrapping_with_prefix(self): ++ ensurepip.bootstrap(prefix="/foo/bar/") ++ self.run_pip.assert_called_once_with( ++ [ ++ "install", "--no-cache-dir", "--no-index", "--find-links", ++ unittest.mock.ANY, "--prefix", "/foo/bar/", ++ "setuptools", "pip", ++ ], ++ unittest.mock.ANY, ++ ) ++ + def test_bootstrapping_with_user(self): + ensurepip.bootstrap(user=True) + +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -1278,7 +1278,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni + install|*) ensurepip="" ;; \ + esac; \ + $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ +- $$ensurepip --root=$(DESTDIR)/ ; \ ++ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \ + fi + + altinstall: commoninstall +@@ -1288,7 +1288,7 @@ altinstall: commoninstall + install|*) ensurepip="--altinstall" ;; \ + esac; \ + $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ +- $$ensurepip --root=$(DESTDIR)/ ; \ ++ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \ + fi + + commoninstall: check-clean-src @FRAMEWORKALTINSTALLFIRST@ \ +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst +@@ -0,0 +1 @@ ++A directory prefix can now be specified when using :mod:`ensurepip`. diff --git a/bpo-37596-make-set-marshalling.patch b/bpo-37596-make-set-marshalling.patch new file mode 100644 index 0000000..cb32b0e --- /dev/null +++ b/bpo-37596-make-set-marshalling.patch @@ -0,0 +1,103 @@ +From 33d95c6facdfda3c8c0feffa7a99184e4abc2f63 Mon Sep 17 00:00:00 2001 +From: Brandt Bucher +Date: Wed, 25 Aug 2021 04:14:34 -0700 +Subject: [PATCH] bpo-37596: Make `set` and `frozenset` marshalling + deterministic (GH-27926) + +--- + Lib/test/test_marshal.py | 26 ++++++++ + Misc/NEWS.d/next/Library/2021-08-23-21-39-59.bpo-37596.ojRcwB.rst | 2 + Python/marshal.c | 32 ++++++++++ + 3 files changed, 60 insertions(+) + create mode 100644 Misc/NEWS.d/next/Library/2021-08-23-21-39-59.bpo-37596.ojRcwB.rst + +--- a/Lib/test/test_marshal.py ++++ b/Lib/test/test_marshal.py +@@ -1,5 +1,6 @@ + from test import support + from test.support import os_helper ++from test.support.script_helper import assert_python_ok + import array + import io + import marshal +@@ -318,6 +319,31 @@ class BugsTestCase(unittest.TestCase): + for i in range(len(data)): + self.assertRaises(EOFError, marshal.loads, data[0: i]) + ++ def test_deterministic_sets(self): ++ # bpo-37596: To support reproducible builds, sets and frozensets need to ++ # have their elements serialized in a consistent order (even when they ++ # have been scrambled by hash randomization): ++ for kind in ("set", "frozenset"): ++ for elements in ( ++ "float('nan'), b'a', b'b', b'c', 'x', 'y', 'z'", ++ # Also test for bad interactions with backreferencing: ++ "('string', 1), ('string', 2), ('string', 3)", ++ ): ++ s = f"{kind}([{elements}])" ++ with self.subTest(s): ++ # First, make sure that our test case still has different ++ # orders under hash seeds 0 and 1. If this check fails, we ++ # need to update this test with different elements: ++ args = ["-c", f"print({s})"] ++ _, repr_0, _ = assert_python_ok(*args, PYTHONHASHSEED="0") ++ _, repr_1, _ = assert_python_ok(*args, PYTHONHASHSEED="1") ++ self.assertNotEqual(repr_0, repr_1) ++ # Then, perform the actual test: ++ args = ["-c", f"import marshal; print(marshal.dumps({s}))"] ++ _, dump_0, _ = assert_python_ok(*args, PYTHONHASHSEED="0") ++ _, dump_1, _ = assert_python_ok(*args, PYTHONHASHSEED="1") ++ self.assertEqual(dump_0, dump_1) ++ + LARGE_SIZE = 2**31 + pointer_size = 8 if sys.maxsize > 0xFFFFFFFF else 4 + +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2021-08-23-21-39-59.bpo-37596.ojRcwB.rst +@@ -0,0 +1,2 @@ ++Ensure that :class:`set` and :class:`frozenset` objects are always ++:mod:`marshalled ` reproducibly. +--- a/Python/marshal.c ++++ b/Python/marshal.c +@@ -502,9 +502,41 @@ w_complex_object(PyObject *v, char flag, + W_TYPE(TYPE_SET, p); + n = PySet_GET_SIZE(v); + W_SIZE(n, p); ++ // bpo-37596: To support reproducible builds, sets and frozensets need ++ // to have their elements serialized in a consistent order (even when ++ // they have been scrambled by hash randomization). To ensure this, we ++ // use an order equivalent to sorted(v, key=marshal.dumps): ++ PyObject *pairs = PyList_New(0); ++ if (pairs == NULL) { ++ p->error = WFERR_NOMEMORY; ++ return; ++ } + while (_PySet_NextEntry(v, &pos, &value, &hash)) { ++ PyObject *dump = PyMarshal_WriteObjectToString(value, p->version); ++ if (dump == NULL) { ++ p->error = WFERR_UNMARSHALLABLE; ++ goto anyset_done; ++ } ++ PyObject *pair = PyTuple_Pack(2, dump, value); ++ Py_DECREF(dump); ++ if (pair == NULL || PyList_Append(pairs, pair)) { ++ p->error = WFERR_NOMEMORY; ++ Py_XDECREF(pair); ++ goto anyset_done; ++ } ++ Py_DECREF(pair); ++ } ++ if (PyList_Sort(pairs)) { ++ p->error = WFERR_NOMEMORY; ++ goto anyset_done; ++ } ++ for (Py_ssize_t i = 0; i < n; i++) { ++ PyObject *pair = PyList_GET_ITEM(pairs, i); ++ value = PyTuple_GET_ITEM(pair, 1); + w_object(value, p); + } ++ anyset_done: ++ Py_DECREF(pairs); + } + else if (PyCode_Check(v)) { + PyCodeObject *co = (PyCodeObject *)v; diff --git a/distutils-reproducible-compile.patch b/distutils-reproducible-compile.patch new file mode 100644 index 0000000..4ffeda0 --- /dev/null +++ b/distutils-reproducible-compile.patch @@ -0,0 +1,30 @@ +Index: Python-3.10.5/Lib/compileall.py +=================================================================== +--- Python-3.10.5.orig/Lib/compileall.py ++++ Python-3.10.5/Lib/compileall.py +@@ -96,6 +96,12 @@ def compile_dir(dir, maxlevels=None, ddi + maxlevels = sys.getrecursionlimit() + files = _walk_dir(dir, quiet=quiet, maxlevels=maxlevels) + success = True ++ # work around https://github.com/python/cpython/issues/93317 ++ sys.intern('{') ++ sys.intern('{{') ++ sys.intern('}') ++ sys.intern('}}') ++ + if workers != 1 and ProcessPoolExecutor is not None: + # If workers == 0, let ProcessPoolExecutor choose + workers = workers or None +Index: Python-3.10.5/Lib/distutils/util.py +=================================================================== +--- Python-3.10.5.orig/Lib/distutils/util.py ++++ Python-3.10.5/Lib/distutils/util.py +@@ -436,7 +436,7 @@ byte_compile(files, optimize=%r, force=% + else: + from py_compile import compile + +- for file in py_files: ++ for file in sorted(py_files): + if file[-3:] != ".py": + # This lets us be lazy and not filter filenames in + # the "install_lib" command. diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch new file mode 100644 index 0000000..7a20a6e --- /dev/null +++ b/fix_configure_rst.patch @@ -0,0 +1,44 @@ +--- + Doc/using/configure.rst | 3 --- + Misc/NEWS | 2 +- + 2 files changed, 1 insertion(+), 4 deletions(-) + +Index: Python-3.10.12/Doc/using/configure.rst +=================================================================== +--- Python-3.10.12.orig/Doc/using/configure.rst ++++ Python-3.10.12/Doc/using/configure.rst +@@ -42,7 +42,6 @@ General Options + + See :data:`sys.int_info.bits_per_digit `. + +-.. cmdoption:: --with-cxx-main + .. cmdoption:: --with-cxx-main=COMPILER + + Compile the Python ``main()`` function and link Python executable with C++ +@@ -473,13 +472,11 @@ macOS Options + + See ``Mac/README.rst``. + +-.. cmdoption:: --enable-universalsdk + .. cmdoption:: --enable-universalsdk=SDKDIR + + Create a universal binary build. *SDKDIR* specifies which macOS SDK should + be used to perform the build (default is no). + +-.. cmdoption:: --enable-framework + .. cmdoption:: --enable-framework=INSTALLDIR + + Create a Python.framework rather than a traditional Unix install. Optional +Index: Python-3.10.12/Misc/NEWS +=================================================================== +--- Python-3.10.12.orig/Misc/NEWS ++++ Python-3.10.12/Misc/NEWS +@@ -3618,7 +3618,7 @@ C API + ----- + + - bpo-43795: The list in :ref:`stable-abi-list` now shows the public name +- :c:struct:`PyFrameObject` rather than ``_frame``. The non-existing entry ++ :c:type:`PyFrameObject` rather than ``_frame``. The non-existing entry + ``_node`` no longer appears in the list. + + - bpo-44378: :c:func:`Py_IS_TYPE` no longer uses :c:func:`Py_TYPE` to avoid diff --git a/gh-78214-marshal_stabilize_FLAG_REF.patch b/gh-78214-marshal_stabilize_FLAG_REF.patch new file mode 100644 index 0000000..d7db6f3 --- /dev/null +++ b/gh-78214-marshal_stabilize_FLAG_REF.patch @@ -0,0 +1,30 @@ +From 6c8ea7c1dacd42f3ba00440231ec0e6b1a38300d Mon Sep 17 00:00:00 2001 +From: Inada Naoki +Date: Sat, 14 Jul 2018 00:46:11 +0900 +Subject: [PATCH] Use FLAG_REF always for interned strings + +--- + Python/marshal.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +Index: Python-3.10.12/Python/marshal.c +=================================================================== +--- Python-3.10.12.orig/Python/marshal.c ++++ Python-3.10.12/Python/marshal.c +@@ -298,9 +298,14 @@ w_ref(PyObject *v, char *flag, WFILE *p) + if (p->version < 3 || p->hashtable == NULL) + return 0; /* not writing object references */ + +- /* if it has only one reference, it definitely isn't shared */ +- if (Py_REFCNT(v) == 1) ++ /* If it has only one reference, it definitely isn't shared. ++ * But we use TYPE_REF always for interned string, to PYC file stable ++ * as possible. ++ */ ++ if (Py_REFCNT(v) == 1 && ++ !(PyUnicode_CheckExact(v) && PyUnicode_CHECK_INTERNED(v))) { + return 0; ++ } + + entry = _Py_hashtable_get_entry(p->hashtable, v); + if (entry != NULL) { diff --git a/idle3.appdata.xml b/idle3.appdata.xml new file mode 100644 index 0000000..94f87a2 --- /dev/null +++ b/idle3.appdata.xml @@ -0,0 +1,35 @@ + + + + + idle3.desktop + IDLE3 + CC0 + Python-2.0 + Python 3 Integrated Development and Learning Environment + +

+ IDLE is Python’s Integrated Development and Learning Environment. + The GUI is uniform between Windows, Unix, and Mac OS X. + IDLE provides an easy way to start writing, running, and debugging + Python code. +

+

+ IDLE is written in pure Python, and uses the tkinter GUI toolkit. + It provides: +

+
    +
  • a Python shell window (interactive interpreter) with colorizing of code input, output, and error messages,
    • +
  • a multi-window text editor with multiple undo, Python colorizing, smart indent, call tips, auto completion, and other features,
    • +
  • search within any window, replace within editor windows, and search through multiple files (grep),
    • +
  • a debugger with persistent breakpoints, stepping, and viewing of global and local namespaces.
    • +
+ + https://docs.python.org/3/library/idle.html + + http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-main-window.png + http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-class-browser.png + http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-code-viewer.png + + zbyszek@in.waw.pl + diff --git a/idle3.desktop b/idle3.desktop new file mode 100644 index 0000000..1d8ffdf --- /dev/null +++ b/idle3.desktop @@ -0,0 +1,12 @@ +[Desktop Entry] +Version=1.0 +Name=IDLE 3 +GenericName=Python 3 IDE +Comment=Python 3 Integrated Development and Learning Environment +Exec=idle3 %F +TryExec=idle3 +Terminal=false +Type=Application +Icon=idle3 +Categories=Development;IDE; +MimeType=text/x-python; diff --git a/import_failed.map b/import_failed.map new file mode 100644 index 0000000..729ab2d --- /dev/null +++ b/import_failed.map @@ -0,0 +1,7 @@ +python310-curses: curses _curses _curses_panel +python310-dbm: dbm _dbm _gdbm +python310-idle: idlelib +python310-testsuite: test _ctypes_test _testbuffer _testcapi _testinternalcapi _testimportmultiple _testmultiphase xxlimited +python310-tk: tkinter _tkinter +python310-tools: turtledemo +python310: sqlite3 readline _sqlite3 nis diff --git a/import_failed.py b/import_failed.py new file mode 100644 index 0000000..fc0eaa8 --- /dev/null +++ b/import_failed.py @@ -0,0 +1,23 @@ +import sys, os +from sysconfig import get_path + +failed_map_path = os.path.join(get_path('stdlib'), '_import_failed', 'import_failed.map') + +if __spec__: + failed_name = __spec__.name +else: + failed_name = __name__ + +with open(failed_map_path) as fd: + for line in fd: + package = line.split(':')[0] + imports = line.split(':')[1] + if failed_name in imports: + raise ImportError(f"""Module '{failed_name}' is not installed. +Use: + sudo zypper install {package} +to install it.""") + +raise ImportError(f"""Module '{failed_name}' is not installed. +It is supposed to be part of python3 distribution, but missing from failed import map. +Please file a bug on the SUSE Bugzilla.""") diff --git a/macros.python3 b/macros.python3 new file mode 100644 index 0000000..ac9f5d2 --- /dev/null +++ b/macros.python3 @@ -0,0 +1,28 @@ +%have_python3 1 + +# commented out legacy macro definitions +#py3_prefix /usr +#py3_incdir /usr/include/python3.5m +#py3_ver 3.5 + +# these should now be provided by macros.python_all +#python3_sitearch /usr/lib64/python3.5/site-packages +#python3_sitelib /usr/lib/python3.5/site-packages +#python3_version 3.5 + +# hard to say if anyone ever used these? +#py3_soflags cpython-35m-x86_64-linux-gnu +#py3_abiflags m +%cpython3_soabi %(python3 -c "import sysconfig; print(sysconfig.get_config_var('SOABI'))") +%py3_soflags %cpython3_soabi + +# compilation macros that might be in use somewhere +%py3_compile(O) \ +find %1 -name '*.pyc' -exec rm -f {} ";"\ +python3 -c "import sys, os, compileall; br='%{buildroot}'; compileall.compile_dir(sys.argv[1], ddir=br and (sys.argv[1][len(os.path.abspath(br)):]+'/') or None)" %1\ +%{-O:\ +find %1 -name '*.pyo' -exec rm -f {} ";"\ +python3 -O -c "import sys, os, compileall; br='%{buildroot}'; compileall.compile_dir(sys.argv[1], ddir=br and (sys.argv[1][len(os.path.abspath(br)):]+'/') or None)" %1\ +} + + diff --git a/no-skipif-doctests.patch b/no-skipif-doctests.patch new file mode 100644 index 0000000..7a655c2 --- /dev/null +++ b/no-skipif-doctests.patch @@ -0,0 +1,653 @@ +only in patch2: +unchanged: +--- + Doc/library/turtle.rst | 82 ------------------------------------------------- + 1 file changed, 82 deletions(-) + +--- a/Doc/library/turtle.rst ++++ b/Doc/library/turtle.rst +@@ -250,7 +250,6 @@ Turtle motion + turtle is headed. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.position() + (0.00,0.00) +@@ -277,7 +276,6 @@ Turtle motion + >>> turtle.goto(0, 0) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.position() + (0.00,0.00) +@@ -296,13 +294,11 @@ Turtle motion + orientation depends on the turtle mode, see :func:`mode`. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.setheading(22) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.heading() + 22.0 +@@ -321,13 +317,11 @@ Turtle motion + orientation depends on the turtle mode, see :func:`mode`. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.setheading(22) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.heading() + 22.0 +@@ -350,13 +344,11 @@ Turtle motion + not change the turtle's orientation. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.goto(0, 0) + + .. doctest:: +- :skipif: _tkinter is None + + >>> tp = turtle.pos() + >>> tp +@@ -380,13 +372,11 @@ Turtle motion + unchanged. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.goto(0, 240) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.position() + (0.00,240.00) +@@ -402,13 +392,11 @@ Turtle motion + Set the turtle's second coordinate to *y*, leave first coordinate unchanged. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.goto(0, 40) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.position() + (0.00,40.00) +@@ -435,7 +423,6 @@ Turtle motion + =================== ==================== + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.setheading(90) + >>> turtle.heading() +@@ -448,14 +435,12 @@ Turtle motion + its start-orientation (which depends on the mode, see :func:`mode`). + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.setheading(90) + >>> turtle.goto(0, -10) + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.heading() + 90.0 +@@ -487,7 +472,6 @@ Turtle motion + calculated automatically. May be used to draw regular polygons. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.position() +@@ -516,7 +500,6 @@ Turtle motion + + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.dot() +@@ -534,7 +517,6 @@ Turtle motion + it by calling ``clearstamp(stamp_id)``. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.color("blue") + >>> turtle.stamp() +@@ -550,7 +532,6 @@ Turtle motion + Delete stamp with given *stampid*. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.position() + (150.00,-0.00) +@@ -595,7 +576,6 @@ Turtle motion + undo actions is determined by the size of the undobuffer. + + .. doctest:: +- :skipif: _tkinter is None + + >>> for i in range(4): + ... turtle.fd(50); turtle.lt(80) +@@ -628,7 +608,6 @@ Turtle motion + turtle turn instantly. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.speed() + 3 +@@ -649,7 +628,6 @@ Tell Turtle's state + Return the turtle's current location (x,y) (as a :class:`Vec2D` vector). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.pos() + (440.00,-0.00) +@@ -665,7 +643,6 @@ Tell Turtle's state + orientation which depends on the mode - "standard"/"world" or "logo". + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.goto(10, 10) + >>> turtle.towards(0,0) +@@ -677,7 +654,6 @@ Tell Turtle's state + Return the turtle's x coordinate. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.left(50) +@@ -693,7 +669,6 @@ Tell Turtle's state + Return the turtle's y coordinate. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.left(60) +@@ -710,7 +685,6 @@ Tell Turtle's state + :func:`mode`). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.left(67) +@@ -727,7 +701,6 @@ Tell Turtle's state + other turtle, in turtle step units. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.distance(30,40) +@@ -751,7 +724,6 @@ Settings for measurement + Default value is 360 degrees. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.left(90) +@@ -774,7 +746,6 @@ Settings for measurement + ``degrees(2*math.pi)``. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.left(90) +@@ -785,7 +756,6 @@ Settings for measurement + 1.5707963267948966 + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.degrees(360) +@@ -821,7 +791,6 @@ Drawing state + thickness. If no argument is given, the current pensize is returned. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.pensize() + 1 +@@ -853,7 +822,6 @@ Drawing state + attributes in one statement. + + .. doctest:: +- :skipif: _tkinter is None + :options: +NORMALIZE_WHITESPACE + + >>> turtle.pen(fillcolor="black", pencolor="red", pensize=10) +@@ -876,7 +844,6 @@ Drawing state + Return ``True`` if pen is down, ``False`` if it's up. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.penup() + >>> turtle.isdown() +@@ -917,7 +884,6 @@ Color control + newly set pencolor. + + .. doctest:: +- :skipif: _tkinter is None + + >>> colormode() + 1.0 +@@ -966,7 +932,6 @@ Color control + with the newly set fillcolor. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.fillcolor("violet") + >>> turtle.fillcolor() +@@ -1005,7 +970,6 @@ Color control + with the newly set colors. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.color("red", "green") + >>> turtle.color() +@@ -1022,7 +986,6 @@ Filling + ~~~~~~~ + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> turtle.home() +@@ -1032,7 +995,6 @@ Filling + Return fillstate (``True`` if filling, ``False`` else). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.begin_fill() + >>> if turtle.filling(): +@@ -1057,7 +1019,6 @@ Filling + above may be either all yellow or have some white regions. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.color("black", "red") + >>> turtle.begin_fill() +@@ -1074,7 +1035,6 @@ More drawing control + variables to the default values. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.goto(0,-22) + >>> turtle.left(100) +@@ -1125,7 +1085,6 @@ Visibility + drawing observably. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.hideturtle() + +@@ -1136,7 +1095,6 @@ Visibility + Make the turtle visible. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.showturtle() + +@@ -1167,7 +1125,6 @@ Appearance + deal with shapes see Screen method :func:`register_shape`. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.shape() + 'classic' +@@ -1193,7 +1150,6 @@ Appearance + ``resizemode("user")`` is called by :func:`shapesize` when used with arguments. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.resizemode() + 'noresize' +@@ -1217,7 +1173,6 @@ Appearance + of the shapes's outline. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.shapesize() + (1.0, 1.0, 1) +@@ -1242,7 +1197,6 @@ Appearance + heading of the turtle are sheared. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.shape("circle") + >>> turtle.shapesize(5,2) +@@ -1259,7 +1213,6 @@ Appearance + change the turtle's heading (direction of movement). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.reset() + >>> turtle.shape("circle") +@@ -1279,7 +1232,6 @@ Appearance + (direction of movement). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.reset() + >>> turtle.shape("circle") +@@ -1305,7 +1257,6 @@ Appearance + turtle (its direction of movement). + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.reset() + >>> turtle.shape("circle") +@@ -1334,7 +1285,6 @@ Appearance + given matrix. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle = Turtle() + >>> turtle.shape("square") +@@ -1350,7 +1300,6 @@ Appearance + can be used to define a new shape or components of a compound shape. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.shape("square") + >>> turtle.shapetransform(4, -1, 0, 2) +@@ -1375,7 +1324,6 @@ Using events + procedural way: + + .. doctest:: +- :skipif: _tkinter is None + + >>> def turn(x, y): + ... left(180) +@@ -1396,7 +1344,6 @@ Using events + ``None``, existing bindings are removed. + + .. doctest:: +- :skipif: _tkinter is None + + >>> class MyTurtle(Turtle): + ... def glow(self,x,y): +@@ -1424,7 +1371,6 @@ Using events + mouse-click event on that turtle. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.ondrag(turtle.goto) + +@@ -1452,7 +1398,6 @@ Special Turtle methods + Return the last recorded polygon. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.home() + >>> turtle.begin_poly() +@@ -1472,7 +1417,6 @@ Special Turtle methods + turtle properties. + + .. doctest:: +- :skipif: _tkinter is None + + >>> mick = Turtle() + >>> joe = mick.clone() +@@ -1485,7 +1429,6 @@ Special Turtle methods + return the "anonymous turtle": + + .. doctest:: +- :skipif: _tkinter is None + + >>> pet = getturtle() + >>> pet.fd(50) +@@ -1499,7 +1442,6 @@ Special Turtle methods + TurtleScreen methods can then be called for that object. + + .. doctest:: +- :skipif: _tkinter is None + + >>> ts = turtle.getscreen() + >>> ts +@@ -1517,7 +1459,6 @@ Special Turtle methods + ``None``, the undobuffer is disabled. + + .. doctest:: +- :skipif: _tkinter is None + + >>> turtle.setundobuffer(42) + +@@ -1527,7 +1468,6 @@ Special Turtle methods + Return number of entries in the undobuffer. + + .. doctest:: +- :skipif: _tkinter is None + + >>> while undobufferentries(): + ... undo() +@@ -1550,7 +1490,6 @@ below: + For example: + + .. doctest:: +- :skipif: _tkinter is None + + >>> s = Shape("compound") + >>> poly1 = ((0,0),(10,-5),(0,10),(-10,-5)) +@@ -1561,7 +1500,6 @@ below: + 3. Now add the Shape to the Screen's shapelist and use it: + + .. doctest:: +- :skipif: _tkinter is None + + >>> register_shape("myshape", s) + >>> shape("myshape") +@@ -1581,7 +1519,6 @@ Most of the examples in this section ref + ``screen``. + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> screen = Screen() +@@ -1598,7 +1535,6 @@ Window control + Set or return background color of the TurtleScreen. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.bgcolor("orange") + >>> screen.bgcolor() +@@ -1690,7 +1626,6 @@ Window control + distorted. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.reset() + >>> screen.setworldcoordinates(-50,-7.5,50,7.5) +@@ -1701,7 +1636,6 @@ Window control + ... left(45); fd(2) # a regular octagon + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> screen.reset() +@@ -1723,7 +1657,6 @@ Animation control + Optional argument: + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.delay() + 10 +@@ -1745,7 +1678,6 @@ Animation control + :func:`delay`). + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.tracer(8, 25) + >>> dist = 2 +@@ -1782,7 +1714,6 @@ Using screen events + must have the focus. (See method :func:`listen`.) + + .. doctest:: +- :skipif: _tkinter is None + + >>> def f(): + ... fd(50) +@@ -1803,7 +1734,6 @@ Using screen events + must have focus. (See method :func:`listen`.) + + .. doctest:: +- :skipif: _tkinter is None + + >>> def f(): + ... fd(50) +@@ -1828,7 +1758,6 @@ Using screen events + named ``turtle``: + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.onclick(turtle.goto) # Subsequently clicking into the TurtleScreen will + >>> # make the turtle move to the clicked point. +@@ -1848,7 +1777,6 @@ Using screen events + Install a timer that calls *fun* after *t* milliseconds. + + .. doctest:: +- :skipif: _tkinter is None + + >>> running = True + >>> def f(): +@@ -1930,7 +1858,6 @@ Settings and special methods + ============ ========================= =================== + + .. doctest:: +- :skipif: _tkinter is None + + >>> mode("logo") # resets turtle heading to north + >>> mode() +@@ -1945,7 +1872,6 @@ Settings and special methods + values of color triples have to be in the range 0..\ *cmode*. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.colormode(1) + >>> turtle.pencolor(240, 160, 80) +@@ -1966,7 +1892,6 @@ Settings and special methods + do with a Tkinter Canvas. + + .. doctest:: +- :skipif: _tkinter is None + + >>> cv = screen.getcanvas() + >>> cv +@@ -1978,7 +1903,6 @@ Settings and special methods + Return a list of names of all currently available turtle shapes. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.getshapes() + ['arrow', 'blank', 'circle', ..., 'turtle'] +@@ -2002,7 +1926,6 @@ Settings and special methods + coordinates: Install the corresponding polygon shape. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.register_shape("triangle", ((5,-3), (0,5), (-5,-3))) + +@@ -2018,7 +1941,6 @@ Settings and special methods + Return the list of turtles on the screen. + + .. doctest:: +- :skipif: _tkinter is None + + >>> for turtle in screen.turtles(): + ... turtle.color("red") +@@ -2080,7 +2002,6 @@ Methods specific to Screen, not inherite + center window vertically + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.setup (width=200, height=200, startx=0, starty=0) + >>> # sets window to 200x200 pixels, in upper left of screen +@@ -2096,7 +2017,6 @@ Methods specific to Screen, not inherite + Set title of turtle window to *titlestring*. + + .. doctest:: +- :skipif: _tkinter is None + + >>> screen.title("Welcome to the turtle zoo!") + +@@ -2167,7 +2087,6 @@ Public classes + Example: + + .. doctest:: +- :skipif: _tkinter is None + + >>> poly = ((0,0),(10,-5),(0,10),(-10,-5)) + >>> s = Shape("compound") +@@ -2514,7 +2433,6 @@ Changes since Python 3.0 + + + .. doctest:: +- :skipif: _tkinter is None + :hide: + + >>> for turtle in turtles(): diff --git a/pre_checkin.sh b/pre_checkin.sh new file mode 100644 index 0000000..8489f59 --- /dev/null +++ b/pre_checkin.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +export LC_ALL=C + +master=python*.spec + +# create import_failed.map from package definitions +pkgname=$(grep python_pkg_name $master |grep define |awk -F' ' '{print $3}') +MAPFILE=import_failed.map +function new_map_line () { + package=$1 + package=$(echo $1 |sed -e "s:%{python_pkg_name}:$pkgname:") + modules=$2 + if [ -z "$package" -o -z "$modules" ]; then + return + fi + if [[ "$package" =~ "-base" ]]; then + return + fi + echo "$package:$modules" >> $MAPFILE.tmp +} + +for spec in *.spec; do + basename=${spec%.spec} + package= + modules= + while read line; do + case $line in + "%files -n "*) + new_map_line $package "$modules" + package=${line#"%files -n "} + modules= + ;; + "%files "*) + new_map_line $package "$modules" + package=$basename-${line#"%files "} + modules= + ;; + "%files") + new_map_line $package "$modules" + package=$basename + modules= + ;; + "%{sitedir}/config-"*) + # ignore + ;; + "%{sitedir}/"*) + word=${line#"%{sitedir}/"} + if ! echo $word | grep -q /; then + modules="$modules $word" + fi + ;; + "%{dynlib "*"}") + word=${line#"%{dynlib "} + word=${word%"}"} + modules="$modules $word" + ;; + esac + done < $spec + new_map_line $package "$modules" +done + +cat $MAPFILE.tmp |sort -u > $MAPFILE +rm $MAPFILE.tmp + +# run test inclusion check +tar xJf Python-*.xz +python3 skipped_tests.py + +# generate baselibs.conf +VERSION=$(grep ^Version $master|awk -F':' '{print $2}' |sed -e 's/ //g') +python_version=${VERSION:0:3} # 3.3 +python_version_abitag=${python_version//./} # 33 +python_version_soname=${python_version//./_} # 3_3 +echo "$pkgname-base" > baselibs.conf +echo "$pkgname" >> baselibs.conf +echo "libpython$python_version_soname-1_0" >> baselibs.conf + diff --git a/python-3.3.0b1-fix_date_time_compiler.patch b/python-3.3.0b1-fix_date_time_compiler.patch new file mode 100644 index 0000000..9bda868 --- /dev/null +++ b/python-3.3.0b1-fix_date_time_compiler.patch @@ -0,0 +1,25 @@ +--- + Makefile.pre.in | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -784,11 +784,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ + $(DTRACE_OBJS) \ + $(srcdir)/Modules/getbuildinfo.c + $(CC) -c $(PY_CORE_CFLAGS) \ ++ -DDATE="\"`date -u -r Makefile.pre.in +"%b %d %Y"`\"" \ ++ -DTIME="\"`date -u -r Makefile.pre.in +"%T"`\"" \ + -DGITVERSION="\"`LC_ALL=C $(GITVERSION)`\"" \ + -DGITTAG="\"`LC_ALL=C $(GITTAG)`\"" \ + -DGITBRANCH="\"`LC_ALL=C $(GITBRANCH)`\"" \ + -o $@ $(srcdir)/Modules/getbuildinfo.c + ++Python/getcompiler.o: $(srcdir)/Python/getcompiler.c Makefile ++ $(CC) -c $(PY_CORE_CFLAGS) \ ++ -DCOMPILER='"[GCC]"' \ ++ -o $@ $(srcdir)/Python/getcompiler.c ++ + Modules/getpath.o: $(srcdir)/Modules/getpath.c Makefile + $(CC) -c $(PY_CORE_CFLAGS) -DPYTHONPATH='"$(PYTHONPATH)"' \ + -DPREFIX='"$(prefix)"' \ diff --git a/python-3.3.0b1-localpath.patch b/python-3.3.0b1-localpath.patch new file mode 100644 index 0000000..f6cac49 --- /dev/null +++ b/python-3.3.0b1-localpath.patch @@ -0,0 +1,11 @@ +--- a/Lib/site.py ++++ b/Lib/site.py +@@ -76,7 +76,7 @@ import _sitebuiltins + import io + + # Prefixes for site-packages; add additional prefixes like /usr/local here +-PREFIXES = [sys.prefix, sys.exec_prefix] ++PREFIXES = [sys.prefix, sys.exec_prefix, '/usr/local'] + # Enable per user site-packages directory + # set it to False to disable the feature or True to force the feature + ENABLE_USER_SITE = None diff --git a/python-3.3.0b1-test-posix_fadvise.patch b/python-3.3.0b1-test-posix_fadvise.patch new file mode 100644 index 0000000..269b5ab --- /dev/null +++ b/python-3.3.0b1-test-posix_fadvise.patch @@ -0,0 +1,15 @@ +--- + Lib/test/test_posix.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/Lib/test/test_posix.py ++++ b/Lib/test/test_posix.py +@@ -425,7 +425,7 @@ class PosixTester(unittest.TestCase): + def test_posix_fadvise(self): + fd = os.open(os_helper.TESTFN, os.O_RDONLY) + try: +- posix.posix_fadvise(fd, 0, 0, posix.POSIX_FADV_WILLNEED) ++ posix.posix_fadvise(fd, 0, 0, posix.POSIX_FADV_RANDOM) + finally: + os.close(fd) + diff --git a/python.keyring b/python.keyring new file mode 100644 index 0000000..11dccb8 --- /dev/null +++ b/python.keyring @@ -0,0 +1,109 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFq+ToQBEADRYvIVtbK6owynD3j3nxwpW2KEk/p+aDvtXmc2SR2dBcZ8sFW2 +R5vEsG8d3/D3wgv5pcL3KfNNXQYUnXVbobrFUUWQYc79qIsE3MgiPf5NVOtwKPUR +i5g9YJgKvpBxkQfqp3LYGm9ZBtwo3DVLA3yn7KsazCmAgTNFJYw7ku1XxgmIzY6K +5J30DfbJiqDqj4f9GslCCCCH3qiPnuLG/HUyVLHMpbWlaiy9NI0GcaLxjJewHj9w +W2D2lydkxe5JGo7egUkV3ILcuLVSVKA35SKY27dYqfuyqp9tAzaRbjDYjsYdHA6G +BqrNrKBn/GwlFDPrVdcvN3ZSY2wMLTxWE3Axc/FweuHxFnou/80FwX7F3JD+oEQ6 +rofmcxOBCC7J98I7HZAhP9jBn88XIS2hztbLq8d6rZJZRtcz0k61VR0ddO+TrFmf +9rMYCPgCckRtVxeFIVIabrN1IzKynLFeo040h8hSGswd6YKDOVwjJY6Oa6EmVefZ +a8QSt4+M65RSzH6SEPY008F3nJUAK6MEkzTak+tFltZNrVWu8p2xd1j9nmxAwEhZ +/lgbxLqzYgaUWmfyHeZ8yVA0MhHzdiAL8nVUEdG3KecIq0RWCJLGLWWIjd6KAJl1 +yAmhRYKK/sjPDsL3elHsFACfZbyx3o5GGQNlas1FYoPLWbaNGaJtgFTF2QARAQAB +tCtQYWJsbyBHYWxpbmRvIFNhbGdhZG8gPHBhYmxvZ3NhbEBnbWFpbC5jb20+iQJO +BBMBCgA4FiEEoDXIwZIZuoIezqhrZOYo+NaEaW0FAlq+ToQCGwMFCwkIBwMFFQoJ +CAsFFgIDAQACHgECF4AACgkQZOYo+NaEaW2bmA/+PXIap2udLoUVOHxnsIBdqYwp +sv1Aj5lfIJmNhmxPbHShwp1Jg+w4urxe+2Dj5ofKVlIo1i83bQkvnKJMDXDVuc/K +P6zqhBJ3rT4Q3qx2mzX8bIfQoJ2JHuH4lkP+I7doDcHHRyeNASyk72VdQmU4twNw +Ibn8nSNV6ThKHdoPYzVnO2rZUFcGIqH5HNsvR+B7cc1MBCHsgURYwSVhSePIFGlZ +iasdBD6QQkDSe4QWi7AcJFWFElw4kbOKJWxAWsrEk+tMXJVGRjnmL289EmPCx/vx +BqKy7Mse0yWCSRR3vB+O6TB1S5SgEyEgqlYsfGNv1qf/rfRD4KkyCbNU3LhY1Aim +vJP4pDW+KFxTk2Ks8vrx8gOSd2aFqPeO/pFDrpsF7PD62XwsfoXu4xc5V0Giw7r1 +Nai0nax7kOrldNF8TbbtRjW0jmoC7wLIDujAkwDIOroZ0CXA3N4HVHdSbrHm/urX +nyxJXupXAQNwGx64JCBcbF2fp3Kvu1VAXBEFnd01KaopthHcbG5pA50Kl2Vhe+98 +OdezUX42fHkQpQkB7HgtXfm6W1bw6YRBamrNvs1OoHBYmUjlECpe566IIu25Hc8s +x3qA+6eca7iqizyLG+WyMT8ZIYTWGAS59jxwR4esqGczbbZPSAPHFwLbGv7Wr0Rd +TPu5B0FcKpDkTd4IxQW5Ag0EWr5O2gEQAMjLe4CtbSfofmJrz5wfNkMVsZ81Gbqe +MoYd3dtkJnQYERUj8flzBj3ucaxGJ+Cuf7ybh3naPopKvEI1q0vkcgCDqrEgXK// +jKJbP28uPSMGhOG28q4PbamG55gy5FtM3ezzAxPWWKe9qBpV65GMmFy7eBQx2iJs +yiDIOOQQ4kraS+cTqNFimEXAGLCOQRNLcwIZzwAAHoW7HEpNUfVwaBD9kMlbo1ND +I60IKcNrNcmcmRxhJqfxjj8YBMwcKHO6GBE3AVpaE/+UO9zyr4TH+0YuQUgxKlPW +Dkg5XlkDo0S1GyLY5e9ckIDIlkTdDa2pOkoE2yB5MQCEga3YiHrKUVTTWaxn9XVJ +6x5ZjUF6bgSWGkrG5dUqSYoO1iDMuNVjtiujNyf/rvfj5cNxS7/lgxchhQKZHZXL +WVqxlneeVJ6s0P4+ROVG9ga2Sve7aUJ6wXIewZwulBcV2sE/W/DgxHgLBi53CUQt +vEzFzKvo48GnDqL5VYjA7l0HMYHd4GksCLi8E8U6Cgj+imXiM8voL7pHRZfs8mY8 +udR+UT4e1Scl2MYP2qBJ9/17B/X52B3s1EZdqI/r+hfOyqrhPs+dbAN0mtMPn68+ +nrvY1+nscvrSYEP6ZBlc9Hp2mgJdb6IcTvINXBEeLRjgc3pjViva443pkiFp9Axm +ecOckMKP3uSlABEBAAGJBGwEGAEKACAWIQSgNcjBkhm6gh7OqGtk5ij41oRpbQUC +Wr5O2gIbAgJACRBk5ij41oRpbcF0IAQZAQoAHRYhBM/cokWxBDzypfl4Zf/odAQW +i9hHBQJavk7aAAoJEP/odAQWi9hHr7YP/RCLre1CmOoWYpAtoa1yVCeYMDV6eQgL +B488/BEZHQE1zbrYy16XkhORob3JF/kUMjmJW7XaFF8FrWvRcdj/xaUGbOOEulKg +v+8zWfswYQRiZ4/JlwER4vRLi6fTE89MVER6Fkj2ASD4D2cifY+EztD4flV3sq3s +vIogGFaN9IvdrdeptOVGXs1RmAyoTsiS2mKQ6xsGh8B9ZAm55W8fBOGiSzLX21Xk +Ofdw53BrFQxn3cu/JgIKpdeZxgukcvEAI62B6X+YL6Na4j0eqEGLzsNtU1+xeJlo +WtVvmRwnRHGSxF6fzIZ3mk/p/aFiXAEq/xITCTY6tDv7x7pFE/RpdlJZyNJ+R5Y4 +SQiuDsylxNCa/4G5EB6q+7iVYtbEQ9MnZg2phowEE42tlj0rz8/rvDK3LH3xibot +KHIodCWKlWByxH99u2PuHUQ0c1oCVBUE1KkruMpvI236DpU/dvdq4JLSg/fWrys/ +VIjqLZgsIE5g/KO9XqngWHkLcBLh4CNAmHJ8Iia+s+/rfgsejQWB5uJb6eYg2JjB +4WP1EI0rULM6fdrCNB+MJ36wE2Lnb4bfT0phOMgjjH5/Ki7ZCbkxkOsBs4SRjiS+ +weCsmpAtMqodWY/Cnw9pWSA/qLSRD5/mKeb9SO6OZ/OPfAatwnGHsvZ2sAueC6rR +04W5BfXZWrnJUXQP/id/EKE1Ksp5fKoxSCbkKTCig+Sf5Afwe36yFN+niZBqzn5b +BgL/HIKaZM97oDHersPPANeEgS+JVlBf95iKIYnQbZP43FLVbvOuaINhBIVtFO54 +2Y7EYwl41kP7ILDElVy36KAmdQyBAfrjnZiRA70xShOxApLug1L0lxhR3YfmLwNi +RJ0V6KnYDKf0pfdhO9VFyFFWUojX1usn2SmSsXNizsNtvRqHXzPnX0rbJzZ9+N4O +9k1nxygYFG/2R/jGonVmTjRzcAHrAkNJETMWXMA7/8wRMDwluz8j+cCldey9x8Vk +JwgLGnZSbQtVpcFAnm5r/36Gt+9wc1VWMyrUrVr6Z679aqAbG7PMaeR5h5ygMj1k +VqRTYAUPSk1f8bZKRssQkQwEbp9dVIjm9SsR8VT7/tB+UuB85dABxgHfv3psJRT+ +tL8g9V7kSZqQfcLNGmvEVvr2Zl9NtxwXtsFM2OBprxCenwb+e9Ppm1LjfJG/NE72 +mAnOERfDaiLt4bqNo36Ei5sGCJ4Fx61phzNBXzkdRNM47i8J5UZRKFkE91c99BVM +HKUaY61NRK24fR0zP98ftDU82YFw0VRFJpTeBrO5ivN1MlQxUPzUWxKxMxO+20wa +UOXroEw11Tb4SRLGOla1pCl6lCUPJRy9IzadPDgTr/OTMkob/snt/XLdnV5/uQIN +BFq+TvoBEAC8Oy1g6pPWBbrCMhIq7VWY2fjylJ1fwg5BPXkOKVK1dsGYO4QD7oW9 +L0aSqcFSNFGF9Cl0Ri4TFXZC3hnG4HeSXUWApuKdBLn21H3jba36Ay1oGcGfdm0v +Zght4c6BlMVBpGCw2wIkJbUNEy6InMM+O8CCbbaH3iJkJ4141P7pODHignx5AmZI +conMui4YOhC+IXQXynVEv1Juk7erB1Nh1RcRvsA4lb44HWx49lIwe85ejOmoZ0O3 +6f9NJRer6bV0+rHWmg4IV5Q9h/Gn4IhEDZxA0DZl1RQI7dMgaMbIFbXGq7Kgzstz +EUnOoy29hXodxVmwIsMrAiQUYtwJ9hW+ESsw47+W2iPHVgviGWl7r/SgcgMYmf6m +5kiTBtwU7BQPS9G3zwwP2Rm3AA/6g39Q+tQKjOwi1I8+GZsY2On44Zly7BreBNg5 +4gJgdAGcMOYU9etr050clH3UpTYcAEtX++ahtOKhJgLIPNcIAQNlnifqvU0VYpgw +R4YpZ7hgg+AVDzC73PIM0lFI0XiDuqChbxE+K1jmLXWe5iJF0dzgVTwP+PmsifNZ +Wg3+YxSsS+hDMPQ2xPiQN49gT4JJDHcDuyhHyCGYgyMiVJCsku9KrkubbfVRivyN +ZF2Zfo3f+nbrRxsftz0yjAq8byCvb0V0XOpt4pJ/ddlug9ytRxALNwARAQABiQI2 +BBgBCgAgFiEEoDXIwZIZuoIezqhrZOYo+NaEaW0FAlq+TvoCGwwACgkQZOYo+NaE +aW3urA//UQ/cKQ7HvWjcLphzQOZc+6m5YL0wxvZkSjemU7mqjZdpacteIvRAoers +EqXHc208liIBtNfRzoreXdcXNzie65xXkrRnWoHVH/fTWy4lOnHr2CMXLeHjUgg/ +M6PYi8+sARm05YFB8nsYhlhx3IdLhcfeVVbJedQKO0yL3CK1okT30DUVq5Lq6X/K +DC6AxuJR3D6UMSoT0WLaoX8qbhAp88qLynInfBVL18d97h916WPLTPeP0eHwhwND +bYtKDCMDuKQ9XX5+QsNH0RmbxlX274LHrUMMvkLKxcfCBvP+iuqrBeIuoeVzXYJZ +j7ZJtEH79bW44eecl/CY/STFYgSQ2XGTp2BI2q60wAmtKlNhwxY5ena0FgyFl6Tm +5OBHW/Pwo+ndQJGfbrCyWkTgRay9c8er3gl3GQYIBH6X0kCiG7h/Epj0b5CHOPU5 +hCw0kEB8MB4poTIjeiY+Q01472/lQ68CL3DX158hR5d3XaPSIxAN+qFsfB1o316p +yjxhfK1MD/IfrOgjlggPPnc/KmLkCzpgdwKcZwLCdZq9hYBvF1Zs34HbaVMYbWTK +uxLowtXGU43vatCXXqmPOvl4/g4tZD6rysJDgOrHQnEHzT+Napn07s0BRC0IbbNn +FynUrkr5KMSuRz7Hg7xMApENOrb0nqdHSUJ914ZpuMIS6RhJgGu5Ag0EWr5PIAEQ +ALfh9vPD2B+miHDTMADI8aRZ7g9tnzynZYkk3+2sCiiusetsQQ+HIPJ/ASEJB7On +ane9dyT/LTRhrK9qaxgVMimk2COXB/xyh7Mnw7nJgFU0aRSbtX0vbvQz2suSzrQ6 +9mPKzan28JGoClqB0bw1vwf3VjjxHV2dgD57CmqFPv7kAC/2a56dE+etzXattZAL ++2JWTpmfQ0ePRRadtBm0VahQhnU8x0+jvAVrEawqpVW83ozYFyW/0WInM2J7jHgQ +16OosY4lj5L/DxpVxaArhRFoRfWPXfC37iE8Mou/I95isvPQIhp1wTo4jG0KM02B +oIVbp/QRNBQ6WtpOzvJs1gqQiJJTfqbKJXQ3NDEY9crpVS83HJ+Zv99PNsyNkFjG +QpU84U3ZhsI4ygjdY45mpZueqI1RVcRQdu8Hgvoo/78Q/Sir6gMGop3mVdVo2guI +kFcJrXh0Xk3ech4aVqrmKx/mPXGwOAQU0DAul4RW3fKg1QxQE7Tlw3+95Ee/+q5j +HARL0uDbCJpRO8Sl8NDEuL32n/2Ot6kQeCSHrU7KJRYAkTxkKvr8zNow7hFhHFPE +SnHvTnskI6noh0VY6NwMhmLvhm0wKkRxZPzUNc3sgLvbK1NymIZ9aKCZamzhZrmG +vnblEz/OSLwGUua465H3hM1vvBQiartj7+6ZqWIkSmBPABEBAAGJAjYEGAEKACAW +IQSgNcjBkhm6gh7OqGtk5ij41oRpbQUCWr5PIAIbIAAKCRBk5ij41oRpbWmeEACG ++axtDC8UoNp9ORiYwEWLzZWDuugE+ah7DYYGD4Vs633FXVZW3SgM/bFtJ/0Lg8CF +74jI4LMHyIjDzEjcoItwnhBLix+kUoJTvrY58GPydwekLuw1p4KXLqtRs4fsZbNQ +YTknl4jYtRWoxO98x7tun7Gq2gqmJkIB2uj630fKz5cBk6p6oDFKjzyrHe+V7BiK +3okQPaD4x7hq8OnTy7lOy92ZZAqztS4tNEb4DkYW1MpuwsJ7hbBZitc1siI+FVVb +GjVVGZz6ssXoW67Tz8+VxdWJxNLXlv27eMcj4sme5S0th/YYNA5fRRv6zuzqZAru +YNGLpYYU7JLvZJ+3lCwa5j5ycOGBF0GvsGs6gj6h+CHkjR/BgzAgWC+GgUgslt6q +aH04rWtV6rVz+Y91LcrX5P6OM4anmXD3Gp3kl35AypXb4KyASF19+11RUziD4Z7q +wQEWfbwOltNyZv2lD8s2jPr7P02axWRQUbZAEhxRmvOQev/FZPyCF6gqUo/HxRbQ +y3bzmnipyHSv1DlXNfCFCHvN8kGyZnRWARqIKRg+j9ediJgOUqlLhg6KmrTVxd5v +3Dfv52PW2UODDTM20s3cQGuX/UswzMRwPI/+P44iCMwEKdm7duM/5oisZT9Vhy7g +P15MreFZLcZvUVgjqgy0u57cstyGK1Bo9e2sFcK2fA== +=6Zb4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python310-rpmlintrc b/python310-rpmlintrc new file mode 100644 index 0000000..a844a43 --- /dev/null +++ b/python310-rpmlintrc @@ -0,0 +1 @@ +addFilter("pem-certificate.*/usr/lib.*/python.*/test/*.pem") diff --git a/python310.changes b/python310.changes new file mode 100644 index 0000000..54b552c --- /dev/null +++ b/python310.changes @@ -0,0 +1,4024 @@ +------------------------------------------------------------------- +Mon Sep 4 13:18:29 UTC 2023 - Daniel Garcia + +- Update to 3.10.13 (bsc#1214692): + - gh-108310: Fixed an issue where instances of ssl.SSLSocket were + vulnerable to a bypass of the TLS handshake and included + protections (like certificate verification) and treating sent + unencrypted data as if it were post-handshake TLS encrypted data. + Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by + Gregory P. Smith. + - gh-107845: tarfile.data_filter() now takes the location of + symlinks into account when determining their target, so it will no + longer reject some valid tarballs with + LinkOutsideDestinationError. + - gh-107565: Update multissltests and GitHub CI workflows to use + OpenSSL 1.1.1v, 3.0.10, and 3.1.2. + - gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data: + *consumed was not set. + +------------------------------------------------------------------- +Thu Aug 3 14:13:30 UTC 2023 - Matej Cepl + +- Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941) + partially reverting CVE-2023-27043-email-parsing-errors.patch, + because of the regression in gh#python/cpython#106669. + +------------------------------------------------------------------- +Wed Jul 19 11:15:39 UTC 2023 - Matej Cepl + +- Add gh-78214-marshal_stabilize_FLAG_REF.patch to marshal.c for + stabilizing FLAG_REF usage (required for reproduceability; + bsc#1213463). + +------------------------------------------------------------------- +Tue Jul 11 07:35:18 UTC 2023 - Matej Cepl + +- (bsc#1210638, CVE-2023-27043) Add + CVE-2023-27043-email-parsing-errors.patch, which detects email + address parsing errors and returns empty tuple to indicate the + parsing error (old API). + +------------------------------------------------------------------- +Wed Jun 28 16:57:46 UTC 2023 - Matej Cepl + +- Update to 3.10.12: + - gh-103142: The version of OpenSSL used in Windows and + Mac installers has been upgraded to 1.1.1u to address + CVE-2023-2650, CVE-2023-0465, CVE-2023-0466, CVE-2023-0464, + as well as CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 + fixed previously in 1.1.1t (gh-101727). + - gh-102153: urllib.parse.urlsplit() now strips leading C0 + control and space characters following the specification for + URLs defined by WHATWG in response to CVE-2023-24329 + (bsc#1208471). + - gh-99889: Fixed a security in flaw in uu.decode() that could + allow for directory traversal based on the input if no + out_file was specified. + - gh-104049: Do not expose the local on-disk + location in directory indexes produced by + http.client.SimpleHTTPRequestHandler. + - gh-103935: trace.__main__ now uses io.open_code() for files + to be executed instead of raw open(). + - gh-102953: The extraction methods in tarfile, and + shutil.unpack_archive(), have a new filter argument that + allows limiting tar features than may be surprising or + dangerous, such as creating files outside the destination + directory. See Extraction filters for details (fixing + CVE-2007-4559, bsc#1203750). +- Remove upstreamed patches: + - CVE-2023-24329-blank-URL-bypass.patch + - CVE-2007-4559-filter-tarfile_extractall.patch + +------------------------------------------------------------------- +Tue Jun 20 21:39:58 UTC 2023 - Matej Cepl + +- Add bpo-37596-make-set-marshalling.patch making marshalling of + `set` and `frozenset` deterministic (bsc#1211765). + +------------------------------------------------------------------- +Thu Apr 27 21:23:19 UTC 2023 - Matej Cepl + +- Add CVE-2007-4559-filter-tarfile_extractall.patch to fix + CVE-2007-4559 (bsc#1203750) by adding the filter for + tarfile.extractall (PEP 706). + +------------------------------------------------------------------- +Thu Apr 27 21:19:52 UTC 2023 - Matej Cepl + +- Update to 3.10.11: + - Core and Builtins + - gh-102416: Do not memoize incorrectly automatically + generated loop rules in the parser. Patch by Pablo Galindo. + - gh-102356: Fix a bug that caused a crash when deallocating + deeply nested filter objects. Patch by Marta Gómez Macías. + - gh-102397: Fix segfault from race condition in signal + handling during garbage collection. Patch by Kumar Aditya. + - gh-102126: Fix deadlock at shutdown when clearing thread + states if any finalizer tries to acquire the runtime head + lock. Patch by Kumar Aditya. + - gh-102027: Fix SSE2 and SSE3 detection in _blake2 internal + module. Patch by Max Bachmann. + - gh-101967: Fix possible segfault in + positional_only_passed_as_keyword function, when new list + created. + - gh-101765: Fix SystemError / segmentation fault in iter + __reduce__ when internal access of builtins.__dict__ keys + mutates the iter object. + - Library + - gh-102947: Improve traceback when dataclasses.fields() is + called on a non-dataclass. Patch by Alex Waygood + - gh-101979: Fix a bug where parentheses in the metavar + argument to argparse.ArgumentParser.add_argument() were + dropped. Patch by Yeojin Kim. + - gh-102179: Fix os.dup2() error message for negative fds. + - gh-101961: For the binary mode, fileinput.hookcompressed() + doesn’t set the encoding value even if the value is + None. Patch by Gihwan Kim. + - gh-101936: The default value of fp becomes io.BytesIO + if HTTPError is initialized without a designated fp + parameter. Patch by Long Vo. + - gh-101566: In zipfile, apply fix for extractall on the + underlying zipfile after being wrapped in Path. + - gh-101997: Upgrade pip wheel bundled with ensurepip (pip + 23.0.1) + - gh-101892: Callable iterators no longer raise SystemError + when the callable object exhausts the iterator but forgets + to either return a sentinel value or raise StopIteration. + - gh-97786: Fix potential undefined behaviour in corner cases + of floating-point-to-time conversions. + - gh-101517: Fixed bug where bdb looks up the source line + with linecache with a lineno=None, which causes it to fail + with an unhandled exception. + - gh-101673: Fix a pdb bug where ll clears the changes to + local variables. + - gh-96931: Fix incorrect results from + ssl.SSLSocket.shared_ciphers() + - gh-88233: Correctly preserve “extra” fields in zipfile + regardless of their ordering relative to a zip64 “extra.” + - gh-95495: When built against OpenSSL 3.0, the ssl module + had a bug where it reported unauthenticated EOFs (i.e. + without close_notify) as a clean TLS-level EOF. It now + raises SSLEOFError, matching the behavior in previous + versions of OpenSSL. The options attribute on SSLContext + also no longer includes OP_IGNORE_UNEXPECTED_EOF by + default. This option may be set to specify the previous + OpenSSL 3.0 behavior. + - gh-94440: Fix a concurrent.futures.process bug where + ProcessPoolExecutor shutdown could hang after a future has + been quickly submitted and canceled. + - Documentation + - gh-103112: Add docstring to http.client.HTTPResponse.read() + to fix pydoc output. + - gh-85417: Update cmath documentation to clarify behaviour + on branch cuts. + - gh-97725: Fix asyncio.Task.print_stack() description for + file=None. Patch by Oleg Iarygin. + - Tests + - gh-102980: Improve test coverage on pdb. + - gh-102537: Adjust the error handling strategy in + test_zoneinfo.TzPathTest.python_tzpath_context. Patch by + Paul Ganssle. + - gh-101377: Improved test_locale_calendar_formatweekday of + calendar. + - Build + - gh-102711: Fix -Wstrict-prototypes compiler warnings. +- Removed upstreamed: + - invalid-json.patch + +------------------------------------------------------------------- +Mon Mar 13 08:39:53 UTC 2023 - Matej Cepl + +- Add invalid-json.patch fixing invalid JSON in + Doc/howto/logging-cookbook.rst (somehow similar to + gh#python/cpython#102582). + +------------------------------------------------------------------- +Wed Mar 1 20:59:04 UTC 2023 - Matej Cepl + +- Update to 3.10.10: + Bug fixes and regressions handling, no change of behaviour and + no security bugs fixed. +- Add CVE-2023-24329-blank-URL-bypass.patch (CVE-2023-24329, + bsc#1208471) blocklists bypass via the urllib.parse component + when supplying a URL that starts with blank characters + +------------------------------------------------------------------- +Tue Feb 21 11:34:49 UTC 2023 - Matej Cepl + +- Add provides for readline and sqlite3 to the main Python + package. + +------------------------------------------------------------------- +Fri Jan 27 15:00:21 UTC 2023 - Thorsten Kukuk + +- Disable NIS for new products, it's deprecated and gets removed + +------------------------------------------------------------------- +Thu Dec 8 14:42:15 UTC 2022 - Matej Cepl + +- Update to 3.10.9: + - python -m http.server no longer allows terminal + control characters sent within a garbage request to be + printed to the stderr server lo This is done by changing + the http.server BaseHTTPRequestHandler .log_message method + to replace control characters with a \xHH hex escape before + printin + - Avoid publishing list of active per-interpreter + audit hooks via the gc module + - The IDNA codec decoder used on DNS hostnames by + socket or asyncio related name resolution functions no + longer involves a quadratic algorithm. This prevents a + potential CPU denial of service if an out-of-spec excessive + length hostname involving bidirectional characters were + decoded. Some protocols such as urllib http 3xx redirects + potentially allow for an attacker to supply such a name. + - Update bundled libexpat to 2.5.0 + - Port XKCP’s fix for the buffer overflows in SHA-3 + (CVE-2022-37454). + - On Linux the multiprocessing module returns + to using filesystem backed unix domain sockets for + communication with the forkserver process instead of the + Linux abstract socket namespace. Only code that chooses + to use the “forkserver” start method is affected Abstract + sockets have no permissions and could allow any user + on the system in the same network namespace (often the + whole system) to inject code into the multiprocessing + forkserver process. This was a potential privilege + escalation. Filesystem based socket permissions restrict + this to the forkserver process user as was the default in + Python 3.8 and earlier This prevents Linux CVE-2022-42919 + - Fix a reference bug in _imp.create_builtin() + after the creation of the first sub-interpreter for modules + builtins and sys. Patch by Victor Stinner. + - Fixed a bug that was causing a buffer overflow if + the tokenizer copies a line missing the newline caracter + from a file that is as long as the available tokenizer + buffer. Patch by Pablo galindo + - Update faulthandler to emit an error message with + the proper unexpected signal number. Patch by Dong-hee Na. + - Fix subscription of types.GenericAlias instances + containing bare generic types: for example tuple[A, T][int], + where A is a generic type, and T is a type variable. + - Fix detection of MAC addresses for uuid on certain + OSs. Patch by Chaim Sanders + - Print exception class name instead of its string + representation when raising errors from ctypes calls. + - Allow pdb to locate source for frozen modules in + the standard library. + - Raise ValueError instead of SystemError when + methods of uninitialized io.IncrementalNewlineDecoder objects + are called. Patch by Oren Milman. + - Fix a possible assertion failure in io.FileIO when + the opener returns an invalid file descriptor. + - Also escape s in the http.server + BaseHTTPRequestHandler.log_message so that it is technically + possible to parse the line and reconstruct what the original + data was. Without this a xHH is ambiguious as to if it is a + hex replacement we put in or the characters r”x” came through + in the original request line. + - asyncio.get_event_loop() now only emits a + deprecation warning when a new event loop was created + implicitly. It no longer emits a deprecation warning if the + current event loop was set. + - Fix bug when calling trace.CoverageResults with + valid infile. + - Fix a bug in handling class cleanups in + unittest.TestCase. Now addClassCleanup() uses separate lists + for different TestCase subclasses, and doClassCleanups() only + cleans up the particular class. + - Release the GIL when calling termios APIs to avoid + blocking threads. + - Fix ast.increment_lineno() to also cover + ast.TypeIgnore when changing line numbers. + - Fixed bug where inspect.signature() reported + incorrect arguments for decorated methods. + - Fix SystemError in ctypes when exception was not + set during __initsubclass__. + - Fix statistics.NormalDist pickle with 0 and 1 + protocols. + - Update the bundled copy of pip to version 22.3.1. + - Apply bugfixes from importlib_metadata 4.11.4, + namely: In PathDistribution._name_from_stem, avoid + including parts of the extension in the result. In + PathDistribution._normalized_name, ensure names loaded from + the stem of the filename are also normalized, ensuring + duplicate entry points by packages varying only by + non-normalized name are hidden. + - Clean up refleak on failed module initialisation in + _zoneinfo + - Clean up refleaks on failed module initialisation + in in _pickle + - Clean up refleak on failed module initialisation in + _io. + - Fix memory leak in math.dist() when both points + don’t have the same dimension. Patch by Kumar Aditya. + - Fix argument typechecks in _overlapped.WSAConnect() + and _overlapped.Overlapped.WSASendTo() functions. + - Fix internal error in the re module which in + very rare circumstances prevented compilation of a regular + expression containing a conditional expression without the + “else” branch. + - Fix asyncio.StreamWriter.drain() to call + protocol.connection_lost callback only once on Windows. + - Add a mutex to unittest.mock.NonCallableMock to + protect concurrent access to mock attributes. + - Fix hang on Windows in subprocess.wait_closed() in + asyncio with ProactorEventLoop. Patch by Kumar Aditya. + - Fix infinite loop in unittest when a + self-referencing chained exception is raised + - tkinter.Text.count() raises now an exception for + options starting with “-” instead of silently ignoring them. + - On uname_result, restored expectation that _fields + and _asdict would include all six properties including + processor. + - Update the bundled copies of pip and setuptools to + versions 22.3 and 65.5.0 respectively. + - Fix bug in urllib.parse.urlparse() that causes + certain port numbers containing whitespace, underscores, + plus and minus signs, or non-ASCII digits to be incorrectly + accepted. + - Allow venv to pass along PYTHON* variables to + ensurepip and pip when they do not impact path resolution + - On macOS, fix a crash in syslog.syslog() in + multi-threaded applications. On macOS, the libc syslog() + function is not thread-safe, so syslog.syslog() no longer + releases the GIL to call it. Patch by Victor Stinner. + - Allow BUILTINS to be a valid field name for frozen + dataclasses. + - Make sure patch.dict() can be applied on async + functions. + - To avoid apparent memory leaks when + asyncio.open_connection() raises, break reference cycles + generated by local exception and future instances (which has + exception instance as its member var). Patch by Dong Uk, + Kang. + - Prevent error when activating venv in nested fish + instances. + - Restrict use of sockets instead of pipes for stdin + of subprocesses created by asyncio to AIX platform only. + - shutil.copytree() now applies the + ignore_dangling_symlinks argument recursively. + - Fix IndexError in argparse.ArgumentParser when a + store_true action is given an explicit argument. + - Document that calling variadic functions with + ctypes requires special care on macOS/arm64 (and possibly + other platforms). + - Skip test_normalization() of test_unicodedata + if it fails to download NormalizationTest.txt file from + pythontest.net. Patch by Victor Stinner. + - Some C API tests were moved into the new + Lib/test/test_capi/ directory. + - Fix -Wimplicit-int, -Wstrict-prototypes, and + -Wimplicit-function-declaration compiler warnings in + configure checks. + - Fix -Wimplicit-int compiler warning in configure + check for PTHREAD_SCOPE_SYSTEM. + - Specify the full path to the source location for + make docclean (needed for cross-builds). + - Fix NO_MISALIGNED_ACCESSES being not defined + for the SHA3 extension when HAVE_ALIGNED_REQUIRED is + set. Allowing builds on hardware that unaligned memory + accesses are not allowed. + - Fix handling of module docstrings in + Tools/i18n/pygettext.py. + +- Remove upstreamed patches: + - 98437-sphinx.locale._-as-gettext-in-pyspecific.patch + - CVE-2015-20107-mailcap-unsafe-filenames.patch + - CVE-2022-42919-loc-priv-mulitproc-forksrv.patch + - CVE-2022-45061-DoS-by-IDNA-decode.patch + +------------------------------------------------------------------- +Wed Nov 9 18:31:23 UTC 2022 - Matej Cepl + +- Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid + CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding + extremely long domain names. + +------------------------------------------------------------------- +Thu Nov 3 21:35:28 UTC 2022 - Matej Cepl + +- Add CVE-2022-42919-loc-priv-mulitproc-forksrv.patch to avoid + CVE-2022-42919 (bsc#1204886) avoiding Linux specific local + privilege escalation via the multiprocessing forkserver start + method. + +------------------------------------------------------------------- +Fri Oct 21 10:14:03 UTC 2022 - Matej Cepl + +- Add 98437-sphinx.locale._-as-gettext-in-pyspecific.patch to + allow building of documentation with the latest Sphinx 5.3.0 + (gh#python/cpython#98366). + +------------------------------------------------------------------- +Wed Oct 19 07:12:23 UTC 2022 - Matej Cepl + +- Update to 3.10.8: + - Fix multiplying a list by an integer (list *= int): detect + the integer overflow when the new allocated length is close + to the maximum size. + - Fix a shell code injection vulnerability in the + get-remote-certificate.py example script. The script no + longer uses a shell to run openssl commands. (originally + filed as CVE-2022-37460, later withdrawn) + - Fix command line parsing: reject -X int_max_str_digits option + with no value (invalid) when the PYTHONINTMAXSTRDIGITS + environment variable is set to a valid limit. + - When ValueError is raised if an integer is larger than the + limit, mention the sys.set_int_max_str_digits() function in + the error message. + - The deprecated mailcap module now refuses to inject unsafe + text (filenames, MIME types, parameters) into shell + commands. Instead of using such text, it will warn and act + as if a match was not found (or for test commands, as if the + test failed). + - os.sched_yield() now release the GIL while calling + sched_yield(2). + - Bugfix: PyFunction_GetAnnotations() should return a borrowed + reference. It was returning a new reference. + - Fixed a missing incref/decref pair in + Exception.__setstate__(). + - Fix overly-broad source position information for chained + comparisons used as branching conditions. + - Fix undefined behaviour in _testcapimodule.c. + - At Python exit, sometimes a thread holding the GIL can + wait forever for a thread (usually a daemon thread) which + requested to drop the GIL, whereas the thread already + exited. To fix the race condition, the thread which requested + the GIL drop now resets its request before exiting. + - Fix a possible assertion failure, fatal error, or SystemError + if a line tracing event raises an exception while opcode + tracing is enabled. + - Fix undefined behaviour in C code of null pointer arithmetic. + - Do not expose KeyWrapper in _functools. + - When loading a file with invalid UTF-8 inside a multi-line + string, a correct SyntaxError is emitted. + - Disable incorrect pickling of the C implemented classmethod + descriptors. + - Fix AttributeError missing name and obj attributes in . + object.__getattribute__() bpo-42316: Document some places . + where an assignment expression needs parentheses . + - Wrap network errors consistently in urllib FTP support, so + the test suite doesn’t fail when a network is available but + the public internet is not reachable. + - Fixes AttributeError when subprocess.check_output() is used + with argument input=None and either of the arguments encoding + or errors are used. + - Avoid spurious tracebacks from asyncio when default executor + cleanup is delayed until after the event loop is closed (e.g. + as the result of a keyboard interrupt). + - Avoid a crash in the C version of + asyncio.Future.remove_done_callback() when an evil argument + is passed. + - Remove tokenize.NL check from tabnanny. + - Make Semaphore run faster. + - Fix generation of the default name of + tkinter.Checkbutton. Previously, checkbuttons in different + parent widgets could have the same short name and share + the same state if arguments “name” and “variable” are not + specified. Now they are globally unique. + - Update bundled libexpat to 2.4.9 + - Fix race condition in asyncio where process_exited() called + before the pipe_data_received() leading to inconsistent + output. + - Fixed check in multiprocessing.resource_tracker that + guarantees that the length of a write to a pipe is not + greater than PIPE_BUF. + - Corrected type annotation for dataclass attribute + pstats.FunctionProfile.ncalls to be str. + - Fix the faulthandler implementation of + faulthandler.register(signal, chain=True) if the sigaction() + function is not available: don’t call the previous signal + handler if it’s NULL. + - In inspect, fix overeager replacement of “typing.” in + formatting annotations. + - Fix asyncio.streams.StreamReaderProtocol to keep a strong + reference to the created task, so that it’s not garbage + collected + - Fix handling compiler warnings (SyntaxWarning and + DeprecationWarning) in codeop.compile_command() when checking + for incomplete input. Previously it emitted warnings and + raised a SyntaxError. Now it always returns None for + incomplete input without emitting any warnings. + - Fixed flickering of the turtle window when the tracer is + turned off. + - Allow asyncio.StreamWriter.drain() to be awaited concurrently + by multiple tasks. + - Fix broken asyncio.Semaphore when acquire is cancelled. + - Fix ast.unparse() when ImportFrom.level is None + - Improve performance of urllib.request.getproxies_environment + when there are many environment variables + - Fix ! in c domain ref target syntax via a conf.py patch, so + it works as intended to disable ref target resolution. + - Clarified the conflicting advice given in the ast + documentation about ast.literal_eval() being “safe” for use + on untrusted input while at the same time warning that it + can crash the process. The latter statement is true and is + deemed unfixable without a large amount of work unsuitable + for a bugfix. So we keep the warning and no longer claim that + literal_eval is safe. + - Update tutorial introduction output to use 3.10+ SyntaxError + invalid range. +- Remove upstreamed test-int-timing.patch. + +------------------------------------------------------------------- +Sun Sep 18 08:48:51 UTC 2022 - Andreas Schwab + +- test-int-timing.patch: gh-96710: Make the test timing more lenient for + the int/str DoS regression test. (#96717) + +------------------------------------------------------------------- +Sun Sep 11 08:32:53 UTC 2022 - Matej Cepl + +- Update to 3.10.7: + - Fix for CVE-2020-10735 (bsc#1203125) Converting between int + and str in bases other than 2 (binary), 4, 8 (octal), 16 + (hexadecimal), or 32 such as base 10 (decimal) now raises + a ValueError if the number of digits in string form is above + a limit to avoid potential denial of service attacks due to + the algorithmic complexity. + - Other bug fixes: + - Fixed a bug that caused _PyCode_GetExtra to return garbage + for negative indexes. + - Fix format string in _PyPegen_raise_error_known_location + that can lead to memory corruption on some 64bit systems. + The function was building a tuple with i (int) instead of + n (Py_ssize_t) for Py_ssize_t arguments. + - Fix misleading contents of error message when converting an + all-whitespace string to float. + - coroutine.throw() now properly initializes the frame.f_back + when resuming a stack of coroutines. This allows e.g. + traceback.print_stack() to work correctly when an exception + (such as CancelledError) is thrown into a coroutine. + - ast.parse() will no longer parse function definitions with + positional-only params when passed feature_version less + than (3, 8). + - Correct conversion of numbers.Rational’s to float. + - Fix a performance regression in logging + TimedRotatingFileHandler. Only check for special files when + the rollover time has passed. + - Fix unused localName parameter in the Attr class in + xml.dom.minidom. + - Update bundled pip to 22.2.2. + - Fail gracefully if EPERM or ENOSYS is raised when loading + crypt methods. This may happen when trying to load MD5 on + a Linux kernel with FIPS enabled. + - Improve discoverability of the higher level + concurrent.futures module by providing clearer links from + the lower level threading and multiprocessing modules. + - Update the default RFC base URL from deprecated + tools.ietf.org to datatracker.ietf.org + - Fix stylesheet not working in Windows CHM htmlhelp docs. + - The documentation now lists which members of C structs are + part of the Limited API/Stable ABI. + - Mitigate the inherent race condition from using + find_unused_port() in testSockName() by trying to find an + unused port a few times before failing. + - Build and test with OpenSSL 1.1.1q + - Document handling of extensions in Save As dialogs. + - Include prompts when saving Shell (interactive input and + output). + +------------------------------------------------------------------- +Wed Aug 17 11:08:56 UTC 2022 - Dirk Müller + +- fix import_failed.map to refer to the python 3.10 package versions + +------------------------------------------------------------------- +Tue Aug 2 17:13:37 UTC 2022 - Matej Cepl + +- Update to 3.10.6: + - gh-87389: http.server: Fix an open redirection vulnerability + in the HTTP server when an URI path starts with //. + Vulnerability discovered, and initial fix proposed, by Hamza + Avvan. (bsc#1202624, CVE-2021-28861) + - gh-92888: Fix memoryview use after free when accessing the + backing buffer in certain cases. + - gh-95355: _PyPegen_Parser_New now properly detects token + memory allocation errors. Patch by Honglin Zhu. + - gh-94938: Fix error detection in some builtin functions when + keyword argument name is an instance of a str subclass with + overloaded __eq__ and __hash__. Previously it could cause + SystemError or other undesired behavior. + - gh-94949: ast.parse() will no longer parse parenthesized + context managers when passed feature_version less than + (3, 9). Patch by Shantanu Jain. + - gh-94947: ast.parse() will no longer parse assignment + expressions when passed feature_version less than + (3, 8). Patch by Shantanu Jain. + - gh-94869: Fix the column offsets for some expressions in + multi-line f-strings ast nodes. Patch by Pablo Galindo. + - gh-91153: Fix an issue where a bytearray item assignment + could crash if it’s resized by the new value’s __index__() + method. + - gh-94329: Compile and run code with unpacking of extremely + large sequences (1000s of elements). Such code failed to + compile. It now compiles and runs correctly. + - gh-94360: Fixed a tokenizer crash when reading encoded + files with syntax errors from stdin with non utf-8 encoded + text. Patch by Pablo Galindo + - gh-94192: Fix error for dictionary literals with invalid + expression as value. + - gh-93964: Strengthened compiler overflow checks to prevent + crashes when compiling very large source files. + - gh-93671: Fix some exponential backtrace case happening with + deeply nested sequence patterns in match statements. Patch by + Pablo Galindo + - gh-93021: Fix the __text_signature__ for __get__() methods + implemented in C. Patch by Jelle Zijlstra. + - gh-92930: Fixed a crash in _pickle.c from mutating + collections during __reduce__ or persistent_id. + - gh-92914: Always round the allocated size for lists up to the + nearest even number. + - gh-92858: Improve error message for some suites with syntax + error before ‘:’ + - gh-95339: Update bundled pip to 22.2.1. + - gh-95045: Fix GC crash when deallocating _lsprof.Profiler by + untracking it before calling any callbacks. Patch by Kumar + Aditya. + - gh-95087: Fix IndexError in parsing invalid date in the email + module. + - gh-95199: Upgrade bundled setuptools to 63.2.0. + - gh-95194: Upgrade bundled pip to 22.2. + - gh-93899: Fix check for existence of os.EFD_CLOEXEC, + os.EFD_NONBLOCK and os.EFD_SEMAPHORE flags on older kernel + versions where these flags are not present. Patch by Kumar + Aditya. + - gh-95166: Fix concurrent.futures.Executor.map() to cancel the + currently waiting on future on an error - e.g. TimeoutError + or KeyboardInterrupt. + - gh-93157: Fix fileinput module didn’t support errors option + when inplace is true. + - gh-94821: Fix binding of unix socket to empty address + on Linux to use an available address from the abstract + namespace, instead of “0”. + - gh-94736: Fix crash when deallocating an instance of a + subclass of _multiprocessing.SemLock. Patch by Kumar Aditya. + - gh-94637: SSLContext.set_default_verify_paths() now releases + the GIL around SSL_CTX_set_default_verify_paths call. The + function call performs I/O and CPU intensive work. + - gh-94510: Re-entrant calls to sys.setprofile() and + sys.settrace() now raise RuntimeError. Patch by Pablo + Galindo. + - gh-92336: Fix bug where linecache.getline() fails on bad + files with UnicodeDecodeError or SyntaxError. It now returns + an empty string as per the documentation. + - gh-89988: Fix memory leak in pickle.Pickler when looking up + dispatch_table. Patch by Kumar Aditya. + - gh-94254: Fixed types of struct module to be immutable. Patch + by Kumar Aditya. + - gh-94245: Fix pickling and copying of typing.Tuple[()]. + - gh-94207: Made _struct.Struct GC-tracked in order to fix a + reference leak in the _struct module. + - gh-94101: Manual instantiation of ssl.SSLSession objects is + no longer allowed as it lead to misconfigured instances that + crashed the interpreter when attributes where accessed on + them. + - gh-84753: inspect.iscoroutinefunction(), + inspect.isgeneratorfunction(), and + inspect.isasyncgenfunction() now properly return True + for duck-typed function-like objects like instances of + unittest.mock.AsyncMock. + - This makes inspect.iscoroutinefunction() consistent with the + behavior of asyncio.iscoroutinefunction(). Patch by Mehdi + ABAAKOUK. + - gh-83499: Fix double closing of file description in tempfile. + - gh-79512: Fixed names and __module__ value of weakref classes + ReferenceType, ProxyType, CallableProxyType. It makes them + pickleable. + - gh-90494: copy.copy() and copy.deepcopy() now always raise + a TypeError if __reduce__() returns a tuple with length 6 + instead of silently ignore the 6th item or produce incorrect + result. + - gh-90549: Fix a multiprocessing bug where a global named + resource (such as a semaphore) could leak when a child + process is spawned (as opposed to forked). + - gh-79579: sqlite3 now correctly detects DML queries with + leading comments. Patch by Erlend E. Aasland. + - gh-93421: Update sqlite3.Cursor.rowcount when a DML + statement has run to completion. This fixes the row count + for SQL queries like UPDATE ... RETURNING. Patch by Erlend + E. Aasland. + - gh-91810: Suppress writing an XML declaration in open + files in ElementTree.write() with encoding='unicode' and + xml_declaration=None. + - gh-93353: Fix the importlib.resources.as_file() context + manager to remove the temporary file if destroyed late + during Python finalization: keep a local reference to the + os.remove() function. Patch by Victor Stinner. + - gh-83658: Make multiprocessing.Pool raise an exception if + maxtasksperchild is not None or a positive int. + - gh-74696: shutil.make_archive() no longer temporarily changes + the current working directory during creation of standard + .zip or tar archives. + - gh-91577: Move imports in SharedMemory methods to module + level so that they can be executed late in python + finalization. + - bpo-47231: Fixed an issue with inconsistent trailing slashes + in tarfile longname directories. + - bpo-46755: In QueueHandler, clear stack_info from LogRecord + to prevent stack trace from being written twice. + - bpo-46053: Fix OSS audio support on NetBSD. + - bpo-46197: Fix ensurepip environment isolation for subprocess + running pip. + - bpo-45924: Fix asyncio incorrect traceback when future’s + exception is raised multiple times. Patch by Kumar Aditya. + - bpo-34828: sqlite3.Connection.iterdump() now handles + databases that use AUTOINCREMENT in one or more tables. + - gh-94321: Document the PEP 246 style protocol type + sqlite3.PrepareProtocol. + - gh-86128: Document a limitation in ThreadPoolExecutor where + its exit handler is executed before any handlers in atexit. + - gh-61162: Clarify sqlite3 behavior when Using the connection + as a context manager. + - gh-87260: Align sqlite3 argument specs with the actual + implementation. + - gh-86986: The minimum Sphinx version required to build the + documentation is now 3.2. + - gh-88831: Augmented documentation of + asyncio.create_task(). Clarified the need to keep strong + references to tasks and added a code snippet detailing how to + to this. + - bpo-47161: Document that pathlib.PurePath does not collapse + initial double slashes because they denote UNC paths. + - gh-95280: Fix problem with test_ssl test_get_ciphers on + systems that require perfect forward secrecy (PFS) ciphers. + - gh-95212: Make multiprocessing test case + test_shared_memory_recreate parallel-safe. + - gh-91330: Added more tests for dataclasses to cover behavior + with data descriptor-based fields. + - gh-94208: test_ssl is now checking for supported TLS version + and protocols in more tests. + - gh-93951: In test_bdb.StateTestCase.test_skip, avoid + including auxiliary importers. + - gh-93957: Provide nicer error reporting from subprocesses in + test_venv.EnsurePipTest.test_with_pip. + - gh-57539: Increase calendar test coverage for + calendar.LocaleTextCalendar.formatweekday(). + - gh-92886: Fixing tests that fail when running with + optimizations (-O) in test_zipimport.py + - bpo-47016: Create a GitHub Actions workflow for verifying + bundled pip and setuptools. Patch by Illia Volochii and Adam + Turner. + - gh-94841: Fix the possible performance regression of + PyObject_Free() compiled with MSVC version 1932. + - gh-95511: Fix the Shell context menu copy-with-prompts bug of + copying an extra line when one selects whole lines. + - gh-95471: In the Edit menu, move Select All and add a new + separator. + - gh-95411: Enable using IDLE’s module browser with .pyw files. + - gh-89610: Add .pyi as a recognized extension for IDLE on + macOS. This allows opening stub files by double clicking on + them in the Finder. + - gh-94538: Fix Argument Clinic output to custom file + destinations. Patch by Erlend E. Aasland. + - gh-94430: Allow parameters named module and self with custom + C names in Argument Clinic. Patch by Erlend E. Aasland + - gh-94930: Fix SystemError raised when + PyArg_ParseTupleAndKeywords() is used with # in (...) but + without PY_SSIZE_T_CLEAN defined. + - gh-94864: Fix PyArg_Parse* with deprecated format units “u” + and “Z”. It returned 1 (success) when warnings are turned + into exceptions. +- Reapply patches + - bpo-31046_ensurepip_honours_prefix.patch + - fix_configure_rst.patch + - no-skipif-doctests.patch + - skip-test_pyobject_freed_is_freed.patch + +------------------------------------------------------------------- +Sun Jul 31 09:41:30 UTC 2022 - Stephan Kulow + +- Extend distutils-reproducible-compile.patch with a workaround + for non reproducible pyc files issue 93317 + +------------------------------------------------------------------- +Thu Jul 21 14:19:52 UTC 2022 - Matej Cepl + +- Switch from %primary_interpreter to prjconf-defined + %primary_python (gh#openSUSE/python-rpm-macros#127). + +------------------------------------------------------------------- +Thu Jun 9 16:43:30 UTC 2022 - Matej Cepl + +- Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid + CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the + command injection in the mailcap module. +- Fix building of documentation and the universal configuration of the + %primary_interpreter. + +------------------------------------------------------------------- +Mon Jun 6 22:29:23 UTC 2022 - Matej Cepl + +- Update to 3.10.5: + - Core and Builtins + - gh-93418: Fixed an assert where an f-string has an equal + sign ‘=’ following an expression, but there’s no trailing + brace. For example, f”{i=”. + - gh-91924: Fix __ltrace__ debug feature if the stdout + encoding is not UTF-8. Patch by Victor Stinner. + - gh-93061: Backward jumps after async for loops are no + longer given dubious line numbers. + - gh-93065: Fix contextvars HAMT implementation to handle + iteration over deep trees. + - The bug was discovered and fixed by Eli Libman. See + MagicStack/immutables#84 for more details. + - gh-92311: Fixed a bug where setting frame.f_lineno to jump + over a list comprehension could misbehave or crash. + - gh-92112: Fix crash triggered by an evil custom mro() on + a metaclass. + - gh-92036: Fix a crash in subinterpreters related to the + garbage collector. When a subinterpreter is deleted, + untrack all objects tracked by its GC. To prevent a crash + in deallocator functions expecting objects to be tracked by + the GC, leak a strong reference to these objects on + purpose, so they are never deleted and their deallocator + functions are not called. Patch by Victor Stinner. + - gh-91421: Fix a potential integer overflow in + _Py_DecodeUTF8Ex. + - bpo-47212: Raise IndentationError instead of SyntaxError + for a bare except with no following indent. Improve + SyntaxError locations for an un-parenthesized generator + used as arguments. Patch by Matthieu Dartiailh. + - bpo-47182: Fix a crash when using a named unicode character + like "\N{digit nine}" after the main interpreter has been + initialized a second time. + - bpo-47117: Fix a crash if we fail to decode characters in + interactive mode if the tokenizer buffers are + uninitialized. Patch by Pablo Galindo. + - bpo-39829: Removed the __len__() call when initializing + a list and moved initializing to list_extend. Patch by + Jeremiah Pascual. + - bpo-46962: Classes and functions that unconditionally + declared their docstrings ignoring the + --without-doc-strings compilation flag no longer do so. + - The classes affected are ctypes.UnionType, + pickle.PickleBuffer, testcapi.RecursingInfinitelyError, and + types.GenericAlias. + - The functions affected are 24 methods in ctypes. + - Patch by Oleg Iarygin. + - bpo-36819: Fix crashes in built-in encoders with error + handlers that return position less or equal than the + starting position of non-encodable characters. + - Library + - gh-93156: Accessing the pathlib.PurePath.parents sequence + of an absolute path using negative index values produced + incorrect results. + - gh-89973: Fix re.error raised in fnmatch if the pattern + contains a character range with upper bound lower than + lower bound (e.g. [c-a]). Now such ranges are interpreted + as empty ranges. + - gh-93010: In a very special case, the email package tried + to append the nonexistent InvalidHeaderError to the defect + list. It should have been InvalidHeaderDefect. + - gh-92839: Fixed crash resulting from calling + bisect.insort() or bisect.insort_left() with the key + argument not equal to None. + - gh-91581: utcfromtimestamp() no longer attempts to resolve + fold in the pure Python implementation, since the fold is + never 1 in UTC. In addition to being slightly faster in the + common case, this also prevents some errors when the + timestamp is close to datetime.min. Patch by Paul Ganssle. + - gh-92530: Fix an issue that occurred after interrupting + threading.Condition.notify(). + - gh-92049: Forbid pickling constants re._constants.SUCCESS + etc. Previously, pickling did not fail, but the result + could not be unpickled. + - bpo-47029: Always close the read end of the pipe used by + multiprocessing.Queue after the last write of buffered data + to the write end of the pipe to avoid BrokenPipeError at + garbage collection and at multiprocessing.Queue.close() + calls. Patch by Géry Ogam. + - gh-91401: Provide a fail-safe way to disable subprocess use + of vfork() via a private subprocess._USE_VFORK attribute. + While there is currently no known need for this, if you + find a need please only set it to False. File a CPython + issue as to why you needed it and link to that from + a comment in your code. This attribute is documented as + a footnote in 3.11. + - gh-91910: Add missing f prefix to f-strings in error + messages from the multiprocessing and asyncio modules. + - gh-91810: ElementTree method write() and function + tostring() now use the text file’s encoding (“UTF-8” if not + available) instead of locale encoding in XML declaration + when encoding="unicode" is specified. + - gh-91832: Add required attribute to argparse.Action repr + output. + - gh-91700: Compilation of regular expression containing + a conditional expression (?(group)...) now raises an + appropriate re.error if the group number refers to not + defined group. Previously an internal RuntimeError was + raised. + - gh-91676: Fix unittest.IsolatedAsyncioTestCase to shutdown + the per test event loop executor before returning from its + run method so that a not yet stopped or garbage collected + executor state does not persist beyond the test. + - gh-90568: Parsing \N escapes of Unicode Named Character + Sequences in a regular expression raises now re.error + instead of TypeError. + - gh-91595: Fix the comparison of character and integer + inside Tools.gdb.libpython.write_repr(). Patch by Yu Liu. + - gh-90622: Worker processes for + concurrent.futures.ProcessPoolExecutor are no longer + spawned on demand (a feature added in 3.9) when the + multiprocessing context start method is "fork" as that can + lead to deadlocks in the child processes due to a fork + happening while threads are running. + - gh-91575: Update case-insensitive matching in the re module + to the latest Unicode version. + - gh-91581: Remove an unhandled error case in the + C implementation of calls to datetime.fromtimestamp with no + time zone (i.e. getting a local time from an epoch + timestamp). This should have no user-facing effect other + than giving a possibly more accurate error message when + called with timestamps that fall on 10000-01-01 in the + local time. Patch by Paul Ganssle. + - bpo-47260: Fix os.closerange() potentially being a no-op in + a Linux seccomp sandbox. + - bpo-39064: zipfile.ZipFile now raises zipfile.BadZipFile + instead of ValueError when reading a corrupt zip file in + which the central directory offset is negative. + - bpo-47151: When subprocess tries to use vfork, it now falls + back to fork if vfork returns an error. This allows use in + situations where vfork isn’t allowed by the OS kernel. + - bpo-27929: Fix asyncio.loop.sock_connect() to only resolve + names for socket.AF_INET or socket.AF_INET6 families. + Resolution may not make sense for other families, like + socket.AF_BLUETOOTH and socket.AF_UNIX. + - bpo-43323: Fix errors in the email module if the charset + itself contains undecodable/unencodable characters. + - bpo-47101: hashlib.algorithms_available now lists only + algorithms that are provided by activated crypto providers + on OpenSSL 3.0. Legacy algorithms are not listed unless the + legacy provider has been loaded into the default OSSL + context. + - bpo-46787: Fix concurrent.futures.ProcessPoolExecutor + exception memory leak + - bpo-45393: Fix the formatting for await x and not x in the + operator precedence table when using the help() system. + - bpo-46415: Fix ipaddress.ip_{address,interface,network} + raising TypeError instead of ValueError if given invalid + tuple as address parameter. + - bpo-28249: Set doctest.DocTest.lineno to None when object + does not have __doc__. + - bpo-45138: Fix a regression in the sqlite3 trace callback + where bound parameters were not expanded in the passed + statement string. The regression was introduced in Python + 3.10 by bpo-40318. Patch by Erlend E. Aasland. + - bpo-44493: Add missing terminated NUL in sockaddr_un’s + length + - This was potentially observable when using non-abstract + AF_UNIX datagram sockets to processes written in another + programming language. + - bpo-42627: Fix incorrect parsing of Windows registry proxy + settings + - bpo-36073: Raise ProgrammingError instead of segfaulting on + recursive usage of cursors in sqlite3 converters. Patch by + Sergey Fedoseev. + - Documentation + - gh-86438: Clarify that -W and PYTHONWARNINGS are matched + literally and case-insensitively, rather than as regular + expressions, in warnings. + - gh-92240: Added release dates for “What’s New in Python + 3.X” for 3.0, 3.1, 3.2, 3.8 and 3.10 + - gh-91888: Add a new gh role to the documentation to link to + GitHub issues. + - gh-91783: Document security issues concerning the use of + the function shutil.unpack_archive() + - gh-91547: Remove “Undocumented modules” page. + - bpo-44347: Clarify the meaning of dirs_exist_ok, a kwarg of + shutil.copytree(). + - bpo-38668: Update the introduction to documentation for + os.path to remove warnings that became irrelevant after the + implementations of PEP 383 and PEP 529. + - bpo-47138: Pin Jinja to a version compatible with Sphinx + version 3.2.1. + - bpo-46962: All docstrings in code snippets are now wrapped + into PyDoc_STR() to follow the guideline of PEP 7’s + Documentation Strings paragraph. Patch by Oleg Iarygin. + - bpo-26792: Improve the docstrings of runpy.run_module() and + runpy.run_path(). Original patch by Andrew Brezovsky. + - bpo-40838: Document that inspect.getdoc(), + inspect.getmodule(), and inspect.getsourcefile() might + return None. + - bpo-45790: Adjust inaccurate phrasing in Defining Extension + Types: Tutorial about the ob_base field and the macros used + to access its contents. + - bpo-42340: Document that in some circumstances + KeyboardInterrupt may cause the code to enter an + inconsistent state. Provided a sample workaround to avoid + it if needed. + - bpo-41233: Link the errnos referenced in + Doc/library/exceptions.rst to their respective section in + Doc/library/errno.rst, and vice versa. Previously this was + only done for EINTR and InterruptedError. Patch by Yan + “yyyyyyyan” Orestes. + - bpo-38056: Overhaul the Error Handlers documentation in + codecs. + - bpo-13553: Document tkinter.Tk args. + - Tests + - gh-92886: Fixing tests that fail when running with + optimizations (-O) in test_imaplib.py. + - gh-92670: Skip + test_shutil.TestCopy.test_copyfile_nonexistent_dir test on + AIX as the test uses a trailing slash to force the OS + consider the path as a directory, but on AIX the trailing + slash has no effect and is considered as a file. + - gh-91904: Fix initialization of + PYTHONREGRTEST_UNICODE_GUARD which prevented running + regression tests on non-UTF-8 locale. + - gh-91607: Fix test_concurrent_futures to test the correct + multiprocessing start method context in several cases where + the test logic mixed this up. + - bpo-47205: Skip test for sched_getaffinity() and + sched_setaffinity() error case on FreeBSD. + - bpo-47104: Rewrite asyncio.to_thread() tests to use + unittest.IsolatedAsyncioTestCase. + - bpo-29890: Add tests for ipaddress.IPv4Interface and + ipaddress.IPv6Interface construction with tuple arguments. + Original patch and tests by louisom. + - Tools/Demos + - gh-91583: Fix regression in the code generated by Argument + Clinic for functions with the defining_class parameter. + +------------------------------------------------------------------- +Tue May 10 14:35:52 UTC 2022 - Matej Cepl + +- Refresh bluez-devel-vendor.tar.xz + +------------------------------------------------------------------- +Thu May 5 14:35:56 UTC 2022 - Matej Cepl + +- Switch primary_interpreter from python38 to python310 for + Factory (only) + +------------------------------------------------------------------- +Sat Mar 26 22:52:45 UTC 2022 - Matej Cepl + +- Update to 3.10.4: + - bpo-46968: Check for the existence of the “sys/auxv.h” header + in faulthandler to avoid compilation problems in systems + where this header doesn’t exist. Patch by Pablo Galindo + - bpo-23691: Protect the re.finditer() iterator from + re-entering. + - bpo-42369: Fix thread safety of zipfile._SharedFile.tell() to + avoid a “zipfile.BadZipFile: Bad CRC-32 for file” exception + when reading a ZipFile from multiple threads. + - bpo-38256: Fix binascii.crc32() when it is compiled to use + zlib’c crc32 to work properly on inputs 4+GiB in length + instead of returning the wrong result. The workaround prior + to this was to always feed the function data in increments + smaller than 4GiB or to just call the zlib module function. + - bpo-39394: A warning about inline flags not at the start of + the regular expression now contains the position of the flag. + - bpo-47061: Deprecate the various modules listed by PEP 594: + - aifc, asynchat, asyncore, audioop, cgi, cgitb, chunk, crypt, + imghdr, msilib, nntplib, nis, ossaudiodev, pipes, smtpd, + sndhdr, spwd, sunau, telnetlib, uu, xdrlib + - bpo-2604: Fix bug where doctests using globals would fail + when run multiple times. + - bpo-45997: Fix asyncio.Semaphore re-aquiring FIFO order. + - bpo-47022: The asynchat, asyncore and smtpd modules have been + deprecated since at least Python 3.6. Their documentation and + deprecation warnings and have now been updated to note they + will removed in Python 3.12 (PEP 594). + - bpo-46421: Fix a unittest issue where if the command was + invoked as python -m unittest and the filename(s) began with + a dot (.), a ValueError is returned. + - bpo-40296: Fix supporting generic aliases in pydoc. + +- Update to 3.10.3: + - bpo-46940: Avoid overriding AttributeError metadata + information for nested attribute access calls. Patch by Pablo + Galindo. + - bpo-46852: Rename the private undocumented + float.__set_format__() method to float.__setformat__() to fix + a typo introduced in Python 3.7. The method is only used by + test_float. Patch by Victor Stinner. + - bpo-46794: Bump up the libexpat version into 2.4.6 + - bpo-46820: Fix parsing a numeric literal immediately (without + spaces) followed by “not in” keywords, like in 1not in x. Now + the parser only emits a warning, not a syntax error. + - bpo-46762: Fix an assert failure in debug builds when a ‘<’, + ‘>’, or ‘=’ is the last character in an f-string that’s + missing a closing right brace. + - bpo-46724: Make sure that all backwards jumps use the + JUMP_ABSOLUTE instruction, rather than JUMP_FORWARD with an + argument of (2**32)+offset. + - bpo-46732: Correct the docstring for the __bool__() method. + Patch by Jelle Zijlstra. + - bpo-46707: Avoid potential exponential backtracking when + producing some syntax errors involving lots of brackets. + Patch by Pablo Galindo. + - bpo-40479: Add a missing call to va_end() in + Modules/_hashopenssl.c. + - bpo-46615: When iterating over sets internally in + setobject.c, acquire strong references to the resulting items + from the set. This prevents crashes in corner-cases of + various set operations where the set gets mutated. + - bpo-45773: Remove two invalid “peephole” optimizations from + the bytecode compiler. + - bpo-43721: Fix docstrings of getter, setter, and deleter to + clarify that they create a new copy of the property. + - bpo-46503: Fix an assert when parsing some invalid N escape + sequences in f-strings. + - bpo-46417: Fix a race condition on setting a type __bases__ + attribute: the internal function add_subclass() now gets the + PyTypeObject.tp_subclasses member after calling + PyWeakref_NewRef() which can trigger a garbage collection + which can indirectly modify PyTypeObject.tp_subclasses. Patch + by Victor Stinner. + - bpo-46383: Fix invalid signature of _zoneinfo’s module_free + function to resolve a crash on wasm32-emscripten platform. + - bpo-46070: Py_EndInterpreter() now explicitly untracks all + objects currently tracked by the GC. Previously, if an object + was used later by another interpreter, calling + PyObject_GC_UnTrack() on the object crashed if the previous + or the next object of the PyGC_Head structure became + a dangling pointer. Patch by Victor Stinner. + - bpo-46339: Fix a crash in the parser when retrieving the + error text for multi-line f-strings expressions that do not + start in the first line of the string. Patch by Pablo Galindo + - bpo-46240: Correct the error message for unclosed parentheses + when the tokenizer doesn’t reach the end of the source when + the error is reported. Patch by Pablo Galindo + - bpo-46091: Correctly calculate indentation levels for lines + with whitespace character that are ended by line continuation + characters. Patch by Pablo Galindo + - bpo-43253: Fix a crash when closing transports where the + underlying socket handle is already invalid on the Proactor + event loop. + - bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, + including bugfix for EntryPoint.extras, which was returning + match objects and not the extras strings. + - bpo-46985: Upgrade pip wheel bundled with ensurepip (pip + 22.0.4) + - bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically + determine size of signal handler stack size CPython allocates + using getauxval(AT_MINSIGSTKSZ). This changes allows for + Python extension’s request to Linux kernel to use AMX_TILE + instruction set on Sapphire Rapids Xeon processor to succeed, + unblocking use of the ISA in frameworks. + - bpo-46955: Expose asyncio.base_events.Server as + asyncio.Server. Patch by Stefan Zabka. + - bpo-23325: The signal module no longer assumes that SIG_IGN + and SIG_DFL are small int singletons. + - bpo-46932: Update bundled libexpat to 2.4.7 + - bpo-25707: Fixed a file leak in + xml.etree.ElementTree.iterparse() when the iterator is not + exhausted. Patch by Jacob Walls. + - bpo-44886: Inherit asyncio proactor datagram transport from + asyncio.DatagramTransport. + - bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() + for selector-based event loops. Patch by Thomas Grainger. + - bpo-46811: Make test suite support Expat >=2.4.5 + - bpo-46252: Raise TypeError if ssl.SSLSocket is passed to + transport-based APIs. + - bpo-46784: Fix libexpat symbols collisions with user + dynamically loaded or statically linked libexpat in embedded + Python. + - bpo-39327: shutil.rmtree() can now work with VirtualBox + shared folders when running from the guest operating-system. + - bpo-46756: Fix a bug in + urllib.request.HTTPPasswordMgr.find_user_password() and + urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() + which allowed to bypass authorization. For example, access to + URI example.org/foobar was allowed if the user was authorized + for URI example.org/foo. + - bpo-46643: In typing.get_type_hints(), support evaluating + stringified ParamSpecArgs and ParamSpecKwargs annotations. + Patch by Gregory Beauregard. + - bpo-45863: When the tarfile module creates a pax format + archive, it will put an integer representation of timestamps + in the ustar header (if possible) for the benefit of older + unarchivers, in addition to the existing full-precision + timestamps in the pax extended header. + - bpo-46676: Make typing.ParamSpec args and kwargs equal to + themselves. Patch by Gregory Beauregard. + - bpo-46672: Fix NameError in asyncio.gather() when initial + type check fails. + - bpo-46655: In typing.get_type_hints(), support evaluating + bare stringified TypeAlias annotations. Patch by Gregory + Beauregard. + - bpo-45948: Fixed a discrepancy in the C implementation of the + xml.etree.ElementTree module. Now, instantiating an + xml.etree.ElementTree.XMLParser with a target=None keyword + provides a default xml.etree.ElementTree.TreeBuilder target + as the Python implementation does. + - bpo-46521: Fix a bug in the codeop module that was + incorrectly identifying invalid code involving string quotes + as valid code. + - bpo-46581: Brings ParamSpec propagation for GenericAlias in + line with Concatenate (and others). + - bpo-46591: Make the IDLE doc URL on the About IDLE dialog + clickable. + - bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4 + - bpo-46487: Add the get_write_buffer_limits method to + asyncio.transports.WriteTransport and to the SSL transport. + - bpo-45173: Note the configparser deprecations will be removed + in Python 3.12. + - bpo-46539: In typing.get_type_hints(), support evaluating + stringified ClassVar and Final annotations inside Annotated. + Patch by Gregory Beauregard. + - bpo-46491: Allow typing.Annotated to wrap typing.Final and + typing.ClassVar. Patch by Gregory Beauregard. + - bpo-46436: Fix command-line option -d/--directory in module + http.server which is ignored when combined with command-line + option --cgi. Patch by Géry Ogam. + - bpo-41403: Make mock.patch() raise a TypeError with + a relevant error message on invalid arg. Previously it + allowed a cryptic AttributeError to escape. + - bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid + potential REDoS by limiting ambiguity in consecutive + whitespace. + - bpo-46469: asyncio generic classes now return + types.GenericAlias in __class_getitem__ instead of the same + class. + - bpo-46434: pdb now gracefully handles help when __doc__ is + missing, for example when run with pregenerated optimized + .pyc files. + - bpo-46333: The __eq__() and __hash__() methods of + typing.ForwardRef now honor the module parameter of + typing.ForwardRef. Forward references from different modules + are now differentiated. + - bpo-46246: Add missing __slots__ to + importlib.metadata.DeprecatedList. Patch by Arie Bovenberg. + - bpo-46266: Improve day constants in calendar. + - Now all constants (MONDAY … SUNDAY) are documented, tested, + and added to __all__. + - bpo-46232: The ssl module now handles certificates with bit + strings in DN correctly. + - bpo-43118: Fix a bug in inspect.signature() that was causing + it to fail on some subclasses of classes with + a __text_signature__ referencing module globals. Patch by + Weipeng Hong. + - bpo-26552: Fixed case where failing asyncio.ensure_future() + did not close the coroutine. Patch by Kumar Aditya. + - bpo-21987: Fix an issue with tarfile.TarFile.getmember() + getting a directory name with a trailing slash. + - bpo-20392: Fix inconsistency with uppercase file extensions + in MimeTypes.guess_type(). Patch by Kumar Aditya. + - bpo-46080: Fix exception in argparse help text generation if + a argparse.BooleanOptionalAction argument’s default is + argparse.SUPPRESS and it has help specified. Patch by Felix + Fontein. + - bpo-44439: Fix .write() method of a member file in ZipFile, + when the input data is an object that supports the buffer + protocol, the file length may be wrong. + - bpo-45703: When a namespace package is imported before + another module from the same namespace is created/installed + in a different sys.path location while the program is + running, calling the importlib.invalidate_caches() function + will now also guarantee the new module is noticed. + - bpo-24959: Fix bug where unittest sometimes drops frames from + tracebacks of exceptions raised in tests. + - bpo-44791: Fix substitution of ParamSpec in Concatenate with + different parameter expressions. Substitution with a list of + types returns now a tuple of types. Substitution with + Concatenate returns now a Concatenate with concatenated lists + of arguments. + - bpo-14156: argparse.FileType now supports an argument of ‘-’ + in binary mode, returning the .buffer attribute of + sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and + ‘a’ are treated equivalently to ‘w’ when argument is ‘-’. + Patch contributed by Josh Rosenberg + - bpo-46463: Fixes escape4chm.py script used when building the + CHM documentation file + - bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is + built with undefined behavior sanitizer (UBSAN): disable + UBSAN on the faulthandler_sigfpe() function. Patch by Victor + Stinner. + - bpo-46708: Prevent default asyncio event loop policy + modification warning after test_asyncio execution. + - bpo-46678: The function make_legacy_pyc in + Lib/test/support/import_helper.py no longer fails when + PYTHONPYCACHEPREFIX is set to a directory on a different + device from where tempfiles are stored. + - bpo-46616: Ensures test_importlib.test_windows cleans up + registry keys after completion. + - bpo-44359: test_ftplib now silently ignores socket errors to + prevent logging unhandled threading exceptions. Patch by + Victor Stinner. + - bpo-46542: Fix a Python crash in test_lib2to3 when using + Python built in debug mode: limit the recursion limit. Patch + by Victor Stinner. + - bpo-46576: test_peg_generator now disables compiler + optimization when testing compilation of its own C extensions + to significantly speed up the testing on non-debug builds of + CPython. + - bpo-46542: Fix test_json tests checking for RecursionError: + modify these tests to use support.infinite_recursion(). Patch + by Victor Stinner. + - bpo-13886: Skip test_builtin PTY tests on non-ASCII + characters if the readline module is loaded. The readline + module changes input() behavior, but test_builtin is not + intented to test the readline module. Patch by Victor + Stinner. + - bpo-38472: Fix GCC detection in setup.py when + cross-compiling. The C compiler is now run with LC_ALL=C. + Previously, the detection failed with a German locale. + - bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro + and pyconfig.h no longer defines reserved symbol + __CHAR_UNSIGNED__. + - bpo-45296: Clarify close, quit, and exit in IDLE. In the File + menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current + one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). + In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there + are no other windows, this also exits IDLE. + - bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch + by Alex Waygood and Terry Jan Reedy. + - bpo-46433: The internal function _PyType_GetModuleByDef now + correctly handles inheritance patterns involving static + types. + - bpo-14916: Fixed bug in the tokenizer that prevented + PyRun_InteractiveOne from parsing from the provided FD. + +------------------------------------------------------------------- +Thu Mar 24 18:55:46 UTC 2022 - David Anes + +- (bsc#1196784, CVE-2022-25236) Rename patch: + support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch + and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5 + as it was fully patched against CVE-2022-25236. + +------------------------------------------------------------------- +Tue Feb 22 05:53:06 UTC 2022 - Steve Kowalik + +- Add patch support-expat-245.patch: + * Support Expat >= 2.4.5 + +------------------------------------------------------------------- +Tue Feb 15 23:05:55 UTC 2022 - Matej Cepl + +- bsc#1195831 Obsolete older "most modern" versions of python + packages (python39 for python310 and so forth). For next + versions it is necessary just to edit the macro. + +------------------------------------------------------------------- +Tue Jan 25 16:09:25 UTC 2022 - Matej Cepl + +- Remove second superfluous BR rpm-build-python + +------------------------------------------------------------------- +Tue Jan 25 16:09:25 UTC 2022 - Matej Cepl + +- Remove second superfluous BR rpm-build-python +- Add fix_configure_rst.patch, which removes duplicate link + targets and make documentation with old Sphinx in SLE +- Skip test_capi (bsc#1195140 and bpo#37169) + +------------------------------------------------------------------- +Wed Jan 19 22:01:51 UTC 2022 - Matej Cepl + +- Update to 3.10.2: + Bugfix only + - bpo#46347 memory leak in PyEval_EvalCodeEx (especially + visible with Cython code) + - and many others + +------------------------------------------------------------------- +Wed Dec 8 13:07:25 UTC 2021 - Matej Cepl + +- Upgrade to 3.10.1 (jsc#SLE-18038): + - PEP 623 – Deprecate and prepare for the removal of the wstr + member in PyUnicodeObject. + - PEP 604 – Allow writing union types as X | Y + - PEP 612 – Parameter Specification Variables + - PEP 626 – Precise line numbers for debugging and other tools. + - PEP 618 – Add Optional Length-Checking To zip. + - bpo-12782: Parenthesized context managers are now officially + allowed. + - PEP 632 – Deprecate distutils module. + - PEP 613 – Explicit Type Aliases + - PEP 634 – Structural Pattern Matching: Specification + - PEP 635 – Structural Pattern Matching: Motivation and + Rationale + - PEP 636 – Structural Pattern Matching: Tutorial + - PEP 644 – Require OpenSSL 1.1.1 or newer + - PEP 624 – Remove Py_UNICODE encoder APIs + - PEP 597 – Add optional EncodingWarning +- Patches readjusted: + - bpo-31046_ensurepip_honours_prefix.patch + - python-3.3.0b1-fix_date_time_compiler.patch + +------------------------------------------------------------------- +Sat Dec 4 18:40:28 UTC 2021 - Matej Cepl + +- Remove pdb_adjust_breakpoints.patch and instead just adjust location + of the test breakpoint in Lib/test/test_pdb.py via sed, because we + have shortened Lib/pdb.py by removing the shebang (bpo#45964). + +------------------------------------------------------------------- +Thu Dec 2 13:51:57 UTC 2021 - Matej Cepl + +- Add pdb_adjust_breakpoints.patch fixing expectd results in + test_pdb_breakpoints_preserved_across_interactive_sessions + (bpo#45964). + +------------------------------------------------------------------- +Mon Nov 29 00:17:07 UTC 2021 - Matej Cepl + +- Remove shebangs from from python-base libraries in _libdir + (bsc#1193179). +- Readjust patches: + - bpo-31046_ensurepip_honours_prefix.patch + - decimal.patch + - python-3.3.0b1-fix_date_time_compiler.patch + +------------------------------------------------------------------- +Tue Nov 16 16:03:43 UTC 2021 - Matej Cepl + +- Move rpm-build-python construct to correct place. + +------------------------------------------------------------------- +Wed Oct 13 08:52:47 UTC 2021 - Dominique Leuenberger + +- BuildRequire rpm-build-python: The provider to inject python(abi) + has been moved there. rpm-build pulls rpm-build-python + automatically in when building anything against python3-base, but + this implies that the initial build of python3-base does not + trigger the automatic installation. + +------------------------------------------------------------------- +Tue Oct 5 22:36:51 UTC 2021 - Matej Cepl + +- Final release of 3.10.0: + Complete list on https://www.python.org/downloads/release/python-3100/, + but highlights are: + - PEP 623 – Deprecate and prepare for the removal of the wstr + member in PyUnicodeObject. + - PEP 604 – Allow writing union types as X | Y + - PEP 612 – Parameter Specification Variables + - PEP 626 – Precise line numbers for debugging and other + tools. + - PEP 618 – Add Optional Length-Checking To zip. + - PEP 632 – Deprecate distutils module. + - PEP 613 – Explicit Type Aliases + - PEP 634 – Structural Pattern Matching: Specification + - PEP 635 – Structural Pattern Matching: Motivation and + Rationale + - PEP 636 – Structural Pattern Matching: Tutorial + - PEP 644 – Require OpenSSL 1.1.1 or newer + - PEP 624 – Remove Py_UNICODE encoder APIs + - PEP 597 – Add optional EncodingWarning + - bpo-12782: Parenthesized context managers are now officially + allowed. + +------------------------------------------------------------------- +Mon Aug 30 12:48:25 UTC 2021 - Matej Cepl + +- Switch on option --with-system-libmpdec (bsc#1189356). + +------------------------------------------------------------------- +Fri Aug 27 13:15:03 UTC 2021 - Andreas Schwab + +- Reenable profileopt with qemu emulation, test_faulthandler is no longer + run during profiling + +------------------------------------------------------------------- +Thu Aug 12 15:11:39 UTC 2021 - Andreas Schwab + +- test_faulthandler is still problematic under qemu linux-user emulation, + disable it there + +------------------------------------------------------------------- +Wed Aug 11 05:57:11 UTC 2021 - Matej Cepl + +- Update to 3.10.0rc1 (the penultimate prerelease), which contains + plenty of small bugfixes among others: + - bpo#38605: from __future__ import annotations (PEP 563) used to be + on this list in previous pre-releases but it has been postponed to + Python 3.11 due to some compatibility concerns. + - bpo-44600: Fix incorrect line numbers while tracing some failed + patterns in match statements. Patch by Charles Burkland. + - plenty of modifications in types.Union + +------------------------------------------------------------------- +Wed Jul 21 13:44:48 UTC 2021 - Matej Cepl + +- Update to 3.10.0b4: + https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-0-beta-4 +- Remove python3-imp-returntype.patch which has been upstreamed. + +------------------------------------------------------------------- +Mon Jun 7 15:52:44 UTC 2021 - Matej Cepl + +- Update to 3.10.0b2: + - PEP 623 -- Deprecate and prepare for the removal of the wstr + member in PyUnicodeObject. + - PEP 604 -- Allow writing union types as X | Y + - PEP 612 -- Parameter Specification Variables + - PEP 626 -- Precise line numbers for debugging and other + tools. + - PEP 618 -- Add Optional Length-Checking To zip. + - bpo-12782: Parenthesized context managers are now officially + allowed. + - PEP 632 -- Deprecate distutils module. + - PEP 613 -- Explicit Type Aliases + - PEP 634 -- Structural Pattern Matching: Specification + - PEP 635 -- Structural Pattern Matching: Motivation and + Rationale + - PEP 636 -- Structural Pattern Matching: Tutorial + - PEP 644 -- Require OpenSSL 1.1.1 or newer + - PEP 624 -- Remove Py_UNICODE encoder APIs + - PEP 597 -- Add optional EncodingWarning +- Removed patches (assumed upstream): + - sphinx-update-removed-function.patch + +------------------------------------------------------------------- +Sat Jun 5 21:21:38 UTC 2021 - Matej Cepl + +- Revert previous skip over test_capi +- Add skip-test_pyobject_freed_is_freed.patch to skip failing + test on SLE-15. + +------------------------------------------------------------------- +Fri Jun 4 21:36:30 UTC 2021 - Dirk Müller + +- allow build with Sphinx >= 3.x + +------------------------------------------------------------------- +Wed Jun 2 13:12:04 UTC 2021 - Dan Čermák + +- Exclude test_capi on Leap (test fails there) + +------------------------------------------------------------------- +Fri May 21 15:13:59 UTC 2021 - Matej Cepl + +- Stop providing "python" symbol (bsc#1185588), which means + python2 currently. + +------------------------------------------------------------------- +Wed May 5 15:16:58 UTC 2021 - Matej Cepl + +- Update to 3.9.5: + * Security + - bpo-43434: Creating a sqlite3.Connection object now also + produces a sqlite3.connect auditing event. Previously this + event was only produced by sqlite3.connect() calls. Patch + by Erlend E. Aasland. + - bpo-43882: The presence of newline or tab characters in + parts of a URL could allow some forms of attacks. + - Following the controlling specification for URLs defined by + WHATWG urllib.parse() now removes ASCII newlines and tabs + from URLs, preventing such attacks. + - bpo-43472: Ensures interpreter-level audit hooks receive + the cpython.PyInterpreterState_New event when called + through the _xxsubinterpreters module. + - bpo-36384: ipaddress module no longer accepts any leading + zeros in IPv4 address strings. Leading zeros are ambiguous + and interpreted as octal notation by some libraries. For + example the legacy function socket.inet_aton() treats + leading zeros as octal notatation. glibc implementation of + modern inet_pton() does not accept any leading zeros. For + a while the ipaddress module used to accept ambiguous + leading zeros. + - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) + vulnerability in urllib.request.AbstractBasicAuthHandler. + The ReDoS-vulnerable regex has quadratic worst-case + complexity and it allows cause a denial of service when + identifying crafted invalid RFCs. This ReDoS issue is on + the client side and needs remote attackers to control the + HTTP server. + - bpo-42800: Audit hooks are now fired for frame.f_code, + traceback.tb_frame, and generator code/frame attribute + access. + * Core and Builtins + - bpo-43105: Importlib now resolves relative paths when + creating module spec objects from file locations. + - bpo-42924: Fix bytearray repetition incorrectly copying + data from the start of the buffer, even if the data is + offset within the buffer (e.g. after reassigning a slice at + the start of the bytearray to a shorter byte string). + * Library + - bpo-43993: Update bundled pip to 21.1.1. + - bpo-43937: Fixed the turtle module working with non-default + root window. + - bpo-43930: Update bundled pip to 21.1 and setuptools to + 56.0.0 + - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now + returns a consistent error message when cadata contains no + valid certificate. + - bpo-43607: urllib can now convert Windows paths with \\?\ + prefixes into URL paths. + - bpo-43284: platform.win32_ver derives the windows version + from sys.getwindowsversion().platform_version which in turn + derives the version from kernel32.dll (which can be of + a different version than Windows itself). Therefore change + the platform.win32_ver to determine the version using the + platform module’s _syscmd_ver private function to return an + accurate version. + - bpo-42248: [Enum] ensure exceptions raised in _missing__ + are released + - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 + to suppress deprecation warnings. Python requires OpenSSL + 1.1.1 APIs. + - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants + (OpenSSL 3.0.0) + - bpo-43789: OpenSSL 3.0.0: Don’t call the password callback + function a second time when first call has signaled an + error condition. + - bpo-43788: The header files for ssl error codes are now + OpenSSL version-specific. Exceptions will now show correct + reason and library codes. The make_ssl_data.py script has + been rewritten to use OpenSSL’s text file with error codes. + - bpo-43655: tkinter dialog windows are now recognized as + dialogs by window managers on macOS and X Window. + - bpo-43534: turtle.textinput() and turtle.numinput() create + now a transient window working on behalf of the canvas + window. + - bpo-43522: Fix problem with hostname_checks_common_name. + OpenSSL does not copy hostflags from struct SSL_CTX to + struct SSL. + - bpo-42967: Allow bytes separator argument in + urllib.parse.parse_qs and urllib.parse.parse_qsl when + parsing str query strings. Previously, this raised + a TypeError. + - bpo-43176: Fixed processing of a dataclass that inherits + from a frozen dataclass with no fields. It is now correctly + detected as an error. + - bpo-41735: Fix thread locks in zlib module may go wrong in + rare case. Patch by Ma Lin. + - bpo-36470: Fix dataclasses with InitVars and replace(). + Patch by Claudiu Popa. + - bpo-32745: Fix a regression in the handling of ctypes’ + ctypes.c_wchar_p type: embedded null characters would cause + a ValueError to be raised. Patch by Zackery Spytz. + * Documentation + - bpo-43959: The documentation on the PyContextVar C-API was + clarified. + - bpo-43938: Update dataclasses documentation to express that + FrozenInstanceError is derived from AttributeError. + - bpo-43755: Update documentation to reflect that + unparenthesized lambda expressions can no longer be the + expression part in an if clause in comprehensions and + generator expressions since Python 3.9. + - bpo-43739: Fixing the example code in + Doc/extending/extending.rst to declare and initialize the + pmodule variable to be of the right type. + * Tests + - bpo-43961: Fix + test_logging.test_namer_rotator_inheritance() on Windows: + use os.replace() rather than os.rename(). Patch by Victor + Stinner. + - bpo-43842: Fix a race condition in the SMTP test of + test_logging. Don’t close a file descriptor (socket) from + a different thread while asyncore.loop() is polling the + file descriptor. Patch by Victor Stinner. + - bpo-43811: Tests multiple OpenSSL versions on GitHub + Actions. Use ccache to speed up testing. + - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy + protocols TLS 1.0 and 1.1. Tests are failing with + TLSV1_ALERT_INTERNAL_ERROR. +- Refreshed patches: + - bpo-31046_ensurepip_honours_prefix.patch + - python-3.3.0b1-fix_date_time_compiler.patch +- Add vendorized files from bluez-devel to enable building support for + Bluetooth. + +------------------------------------------------------------------- +Sun May 2 09:20:06 UTC 2021 - Ben Greiner + +- Make sure to close the import_failed.map file after the exception + has been raised in order to avoid ResourceWarnings when the + failing import is part of a try...except block. + +------------------------------------------------------------------- +Wed Apr 28 16:39:54 UTC 2021 - Matej Cepl + +- Update to 3.9.4: + - bpo#43710: Reverted the fix for https://bugs.python.org/issue42500 + as it changed the PyThreadState struct size and broke the 3.9.x ABI + in the 3.9.3 release (visible on 32-bit platforms using binaries + compiled using an earlier version of Python 3.9.x headers). + - bpo#26053: Fixed bug where the pdb interactive run command echoed + the args from the shell command line, even if those have been + overridden at the pdb prompt. + - bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile + feature of the pydoc module which could be abused to read + arbitrary files on the disk (directory traversal + vulnerability). Moreover, even source code of Python modules + can contain sensitive data like passwords. Vulnerability + reported by David Schwörer. + - bpo#43285: ftplib no longer trusts the IP address value + returned from the server in response to the PASV command by + default. This prevents a malicious FTP server from using the + response to probe IPv4 address and port combinations on the + client network. Code that requires the former vulnerable + behavior may set a trust_server_pasv_ipv4_address attribute + on their ftplib.FTP instances to True to re-enable it. + - bpo#43439: Add audit hooks for gc.get_objects(), + gc.get_referrers() and gc.get_referents(). Patch by Pablo + Galindo. + - bpo#43660: Fix crash that happens when replacing sys.stderr + with a callable that can remove the object while an exception + is being printed. Patch by Pablo Galindo. + - bpo#43555: Report the column offset for SyntaxError for + invalid line continuation characters. Patch by Pablo Galindo. + - bpo#43517: Fix misdetection of circular imports when using + from pkg.mod import attr, which caused false positives in + non-trivial multi-threaded code. + - bpo#35883: Python no longer fails at startup with a fatal + error if a command line argument contains an invalid Unicode + character. The Py_DecodeLocale() function now escapes byte + sequences which would be decoded as Unicode characters + outside the [U+0000; U+10ffff] range. + - bpo#43406: Fix a possible race condition where + PyErr_CheckSignals tries to execute a non-Python signal + handler. + - bpo#42500: Improve handling of exceptions near recursion + limit. Converts a number of Fatal Errors in RecursionErrors. + - bpo#43433: xmlrpc.client.ServerProxy no longer ignores query + and fragment in the URL of the server. + - bpo#35930: Raising an exception raised in a “future” instance + will create reference cycles. + - bpo#43577: Fix deadlock when using ssl.SSLContext debug + callback with ssl.SSLContext.sni_callback(). + - bpo#43521: ast.unparse can now render NaNs and empty sets. + - bpo#43423: subprocess.communicate() no longer raises an + IndexError when there is an empty stdout or stderr IO buffer + during a timeout on Windows. + - bpo#27820: Fixed long-standing bug of smtplib.SMTP where + doing AUTH LOGIN with initial_response_ok=False will fail. + The cause is that SMTP.auth_login _always_ returns a password + if provided with a challenge string, thus non-compliant with + the standard for AUTH LOGIN. Also fixes bug with the test for + smtpd. + - bpo#43332: Improves the networking efficiency of http.client + when using a proxy via set_tunnel(). Fewer small send calls + are made during connection setup. + - bpo#43399: Fix ElementTree.extend not working on iterators + when using the Python implementation + - bpo#43316: The python -m gzip command line application now + properly fails when detecting an unsupported extension. It + exits with a non-zero exit code and prints an error message + to stderr. + - bpo#43260: Fix TextIOWrapper can not flush internal buffer + forever after very large text is written. + - bpo#42782: Fail fast in shutil.move() to avoid creating + destination directories on failure. + - bpo#37193: Fixed memory leak in socketserver.ThreadingMixIn + introduced in Python 3.7. + - bpo#43199: Answer “Why is there no goto?” in the Design and + History FAQ. + - bpo#43407: Clarified that a result from time.monotonic(), + time.perf_counter(), time.process_time(), or + time.thread_time() can be compared with the result from any + following call to the same function - not just the next + immediate call. + - bpo#27646: Clarify that ‘yield from ’ works with any + iterable, not just iterators. + - bpo#36346: Update some deprecated unicode APIs which are + documented as “will be removed in 4.0” to “3.12”. See PEP 623 + for detail. + - bpo#37945: Fix test_getsetlocale_issue1813() of test_locale: + skip the test if setlocale() fails. Patch by Victor Stinner. + - bpo#41561: Add workaround for Ubuntu’s custom OpenSSL + security level policy. + - bpo#43288: Fix test_importlib to correctly skip Unicode file + tests if the fileystem does not support them. + - bpo#43617: Improve configure.ac: Check for presence of + autoconf-archive package and remove our copies of M4 macros. + - bpo#42225: Document that IDLE can fail on Unix either from + misconfigured IP masquerage rules or failure displaying + complex colored (non-ascii) characters. + - bpo#43283: Document why printing to IDLE’s Shell is often + slower than printing to a system terminal and that it can be + made faster by pre-formatting a single string before + printing. + +------------------------------------------------------------------- +Fri Feb 19 16:58:38 UTC 2021 - Matej Cepl + +- Update to 3.9.2: + - bpo#42938 (bsc#1181126): Avoid static buffers when computing + the repr of ctypes.c_double and ctypes.c_longdouble + values. This issue was assigned CVE-2021-3177. + - bpo#42967 (bsc#1182379): Fix web cache poisoning + vulnerability by defaulting the query args separator to &, + and allowing the user to choose a custom separator. This + issue was assigned CVE-2021-23336. +- Upstreamed patches were removed: + - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch + - bsc1167501-invalid-alignment.patch + - skip_random_failing_tests.patch + - CVE-2019-5010-null-defer-x509-cert-DOS.patch + +------------------------------------------------------------------- +Tue Feb 9 01:37:59 UTC 2021 - Steve Kowalik + +- Add Obsoletes for python3-base when primary interpreter is set to + properly replace it during upgrades. (bsc#1181324) + +------------------------------------------------------------------- +Mon Feb 8 22:02:03 UTC 2021 - Matej Cepl + +- Update to 3.9.1: + Security bugs: + - Prevented potential DoS attack via CPU and RAM exhaustion + when processing malformed Apple Property List files in binary + format. + - The plistlib module no longer accepts entity declarations in + XML plist files to avoid XML vulnerabilities. This should not + affect users as entity declarations are not used in regular + plist files. + - Add volatile to the accumulator variable in + hmac.compare_digest, making constant-time-defeating + optimizations less likely. + Core and Builtins + - Allow assignment expressions in set literals and set + comprehensions as per PEP 572. Patch by Pablo Galindo. + - Fix a regression introduced by the new parser, where an + unparenthesized walrus operator was not allowed within + generator expressions. + - types.GenericAlias objects can now be the targets of + weakrefs. + - Fixed a bug in the PEG parser that was causing crashes in + debug mode. Now errors are checked in left-recursive rules to + avoid cases where such errors do not get handled in time and + appear as long-distance crashes in other places. + - Fixed a possible crash in the PEG parser when checking for + the ‘!=’ token in the barry_as_flufl rule. Patch by Pablo + Galindo. + - Fix handling of errors during creation of PyFunctionObject, + which resulted in operations on uninitialized memory. Patch + by Yonatan Goldschmidt. + - Fix a bug in the parser, where a curly brace following + a primary didn’t fail immediately. This led to invalid + expressions like a {b} to throw a SyntaxError with a wrong + offset, or invalid expressions ending with a curly brace like + a { to not fail immediately in the REPL. + - Fix possible buffer overflow in the new parser when checking + for continuation lines. Patch by Pablo Galindo. + - Run the parser two times. On the first run, disable all the + rules that only generate better error messages to gain + performance. If there’s a parse failure, run the parser + a second time with those enabled. + - Document the default implementation of object.__eq__. + - Fix peephole optimizer misoptimize conditional jump + + JUMP_IF_NOT_EXC_MATCH pair. + - The garbage collector now tracks all user-defined classes. + Patch by Brandt Bucher. + - Fixed potential issues with removing not completely + initialized module from sys.modules when import fails. + - Star-unpacking is now allowed for with item’s targets in the + PEG parser. + - Fixed stack overflow in issubclass() and isinstance() when + getting the __bases__ attribute leads to infinite recursion. + - When loading a native module and a load failure occurs, + prevent a possible UnicodeDecodeError when not running in + a UTF-8 locale by decoding the load error message using the + current locale’s encoding. + - Correctly count control blocks in ‘except’ in compiler. + Ensures that a syntax error, rather a fatal error, occurs for + deeply nested, named exception handlers. + Library + - types.GenericAlias will now raise a TypeError when attempting + to initialize with a keyword argument. Previously, this would + cause the interpreter to crash if the interpreter was + compiled with debug symbols. This does not affect + interpreters compiled for release. Patch by Ken Jin. + - CGIHTTPRequestHandler.run_cgi() HTTP_ACCEPT improperly + parsed. Replace the special purpose getallmatchingheaders + with generic get_all method and add relevant tests. + - inspect.findsource() now raises OSError instead of IndexError + when co_lineno of a code object is greater than the file + length. This can happen, for example, when a file is edited + after it was imported. PR by Irit Katriel. + - Fix handling of trailing comments by inspect.getsource(). + - ChainMap.__iter__ no longer calls __getitem__ on underlying + maps + - TracebackException no longer holds a reference to the + exception’s traceback object. Consequently, instances of + TracebackException for equivalent but non-equal exceptions + now compare as equal. + - We fixed an issue in pickle.whichmodule in which importing + multiprocessing could change the how pickle identifies which + module an object belongs to, potentially breaking the + unpickling of those objects. + - Clarify the error message for asyncio.IncompleteReadError + when expected is None. + - Extracting a symlink from a tarball should succeed and + overwrite the symlink if it already exists. The fix is to + remove the existing file or symlink before extraction. Based + on patch by Chris AtLee, Jeffrey Kintscher, and Senthil + Kumaran. + - Fixed tkinter.ttk.Style.map(). The function accepts now the + representation of the default state as empty sequence (as + returned by Style.map()). The structure of the result is now + the same on all platform and does not depend on the value of + wantobjects. + - Fix various issues with typing.Literal parameter handling + (flatten, deduplicate, use type to cache key). Patch provided + by Yurii Karabas. + - Fix the threading.Thread class at fork: do nothing if the + thread is already stopped (ex: fork called at Python exit). + Previously, an error was logged in the child process. + - The onerror callback from shutil.rmtree now receives correct + function when os.open fails. + - Fix os.sendfile() on illumos. + - Fixed writing binary Plist files larger than 4 GiB. + - The repr() of typing types containing Generic Alias Types + previously did not show the parameterized types in the + GenericAlias. They have now been changed to do so. + - webbrowser: Ignore NotADirectoryError when calling + xdg-settings. + - binhex.binhex() consisently writes macOS 9 line endings. + - Fix a stack overflow error for asyncio Task or Future repr(). + - The overflow occurs under some circumstances when a Task or + Future recursively returns itself. + - Fix memory leak in subprocess.Popen() in case an uid (gid) + specified in user (group, extra_groups) overflows uid_t + (gid_t). + - Improve asyncio.wait function to create the futures set just + one time. + - InvalidFileException and RecursionError are now the only + errors caused by loading malformed binary Plist file + (previously ValueError and TypeError could be raised in some + specific cases). + - Pickling heap types implemented in C with protocols 0 and + 1 raises now an error instead of producing incorrect data. + - plistlib: fix parsing XML plists with hexadecimal integer + values + - Fix an incorrectly formatted error from + _codecs.charmap_decode() when called with a mapped value + outside the range of valid Unicode code points. PR by Max + Bernstein. + - Fix pickling pure Python datetime.time subclasses. Patch by + Dean Inwood. + - Fixed a bug that was causing ctypes.util.find_library() to + return None when triying to locate a library in an + environment when gcc>=9 is available and ldconfig is not. + Patch by Pablo Galindo + - C14N 2.0 serialisation in xml.etree.ElementTree failed for + unprefixed attributes when a default namespace was defined. + - Fix a bug in the symtable module that was causing + module-scope global variables to not be reported as both + local and global. Patch by Pablo Galindo. + - str() for the type attribute of the tkinter.Event object + always returns now the numeric code returned by Tk instead of + the name of the event type. + - fix tkinter.EventType Enum so all members are strings, and + none are tuples + - Fix SQLite3 segfault when backing up closed database. Patch + contributed by Peter David McCormick. + - Fix the tarfile module to write only basename of TAR file to + GZIP compression header. + - Allow ctypes.wintypes to be imported on non-Windows systems. + - shutil.which() now ignores empty entries in PATHEXT instead + of treating them as a match. + - Fix time-of-check/time-of-action issue in + subprocess.Popen.send_signal. + - Fix --outfile for cProfile / profile not writing the output + file in the original directory when the program being + profiled changes the working directory. PR by Anthony + Sottile. + - ZipFile truncates files to avoid corruption when a shorter + comment is provided in append (“a”) mode. Patch by Jan Mazur. + - Fixed KeyError exception when flattening an email to a string + attempts to replace a non-existent Content-Transfer-Encoding + header. + Documentation + - Fix the URL for the IMAP protocol documents. + - Document __format__ functionality for IP addresses. + - Clarify that subscription expressions are also valid for + certain classes and types in the standard library, and for + user-defined classes and types if the classmethod + __class_getitem__() is provided. + - Documented generic alias type and types.GenericAlias. Also + added an entry in glossary for generic types. + - In Programming FAQ “Sequences (Tuples/Lists)” section, add + “How do you remove multiple items from a list”. + - Fix RemovedInSphinx40Warning when building the documentation. + Patch by Dong-hee Na. + - Update the refcounts info of PyType_FromModuleAndSpec. + - Fix tarfile’s extractfile documentation + - Document some restrictions on the default string + representations of numeric classes. + Tests + - Reenable test_gdb on gdb 9.2 and newer: + https://bugzilla.redhat.com/show_bug.cgi?id=1866884 bug is + fixed in gdb 10.1. + - Fix test_asyncio.test_call_later() race condition: don’t + measure asyncio performance in the call_later() unit test. + The test failed randomly on the CI. + - Include _testinternalcapi module in Windows installer for + test suite + - Fix test_logging.test_race_between_set_target_and_flush(): + the test now waits until all threads complete to avoid + leaking running threads. + - Avoid a test failure in test_lib2to3 if the module has + already imported at the time the test executes. Patch by + Pablo Galindo. + - Tests for CJK codecs no longer call eval() on content + received via HTTP. + - Fix test_site.test_license_exists_at_url(): call + urllib.request.urlcleanup() to reset the global + urllib.request._opener. Patch by Victor Stinner. + - test_ssl: skip test_min_max_version_mismatch when TLS 1.0 is + not available + - Add tests for SIGINT handling in the runpy module. + - Fixed a failure in test_tk.test_widgets.ScaleTest happening + when executing the test with Tk 8.6.10. + Build + - Fix a race condition in “make regen-all” when make -jN option + is used to run jobs in parallel. The clinic.py script now + only use atomic write to write files. Moveover, generated + files are now left unchanged if the content does not change, + to not change the file modification time. + - Update Py_UNREACHABLE to use __builtin_unreachable() if only + the compiler is able to use it. Patch by Dong-hee Na. + - Addressed three compiler warnings found by undefined behavior + sanitizer (ubsan). + IDLE + - Fix reporting offset of the RE error in searchengine. + - Get docstrings for IDLE calltips more often by using + inspect.getdoc. + - Mostly finish using ttk widgets, mainly for editor, settings, + and searches. Some patches by Mark Roseman. + - Use ‘IDLE Shell’ as shell title + - Rewrite the Calltips doc section. + - In calltips, stop reminding that ‘/’ marks the end of + positional-only arguments. + - Typing opening and closing parentheses inside the parentheses + of a function call will no longer cause unnecessary + “flashing” off and on of an existing open call-tip, e.g. when + typed in a string literal. + C API + - Fix potential crash in deallocating method objects when + dynamically allocated PyMethodDef’s lifetime is managed + through the self argument of a PyCFunction. + - Py_FileSystemDefaultEncodeErrors and Py_UTF8Mode are + available again in limited API. +- Readjustet and reapplied patches: + - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch + - bpo-31046_ensurepip_honours_prefix.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - skip_random_failing_tests.patch + - sphinx-update-removed-function.patch + +------------------------------------------------------------------- +Fri Jan 29 17:22:48 UTC 2021 - Matej Cepl + +- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing + bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in + _ctypes/callproc.c, which may lead to remote code execution. + +------------------------------------------------------------------- +Tue Jan 5 09:15:36 UTC 2021 - Matej Cepl + +- (bsc#1180125) We really don't Require python-rpm-macros package. + Unnecessary dependency. + +------------------------------------------------------------------- +Wed Dec 16 16:08:42 UTC 2020 - Matej Cepl + +- Make python39-doc building again +- Add no-skipif-doctests.patch, because SLE-15 version of Sphinx + doesn't know about skipif directive in doctests. + +------------------------------------------------------------------- +Sat Dec 12 14:29:33 UTC 2020 - Matej Cepl + +- Update sphinx-update-removed-function.patch patch to the latest + version in python36. + +------------------------------------------------------------------- +Thu Dec 10 00:26:51 UTC 2020 - Benjamin Greiner + +- Last try before this results in an editwar: + * remove importlib_resources and importlib-metadata + provides/obsoletes + * import importlib_resources is not the same as + import importlib.resources, same for metadata + * The backport packages from PyPI needed for older flavors are + specified as such for setuptools or in pyproject.toml. If a + package requires them they typically add them with a python + version qualifier and the packages have their own version + numbers. + +------------------------------------------------------------------- +Sat Dec 5 16:55:12 UTC 2020 - Matej Cepl + +- Add patch sphinx-update-removed-function.patch to no longer call + a now removed function and to make documentation build independent of + the Sphinx version (bsc#1179630, gh#python/cpython#13236). + +------------------------------------------------------------------- +Fri Nov 13 17:20:08 UTC 2020 - Matej Cepl + +- Don't require packages which break build on SLE-15 although we really + don't need them (python3-python-docs-theme and + python3-sphinxcontrib-qthelp). + +------------------------------------------------------------------- +Fri Oct 9 16:05:50 UTC 2020 - Dominique Leuenberger + +- Fix build with RPM 4.16: error: bare words are no longer + supported, please use "...": x86 == ppc. + +------------------------------------------------------------------- +Tue Oct 6 07:30:56 UTC 2020 - Matej Cepl + +- Update to the final version 3.9.0: + Complete changelog with all (many) + changes from previous version is on + https://docs.python.org/release/3.9.0/whatsnew/3.9.html + Changes from the previous RC versions (not that many) are on + https://docs.python.org/release/3.9.0/whatsnew/changelog.html#changelog + +------------------------------------------------------------------- +Fri Sep 25 06:58:03 UTC 2020 - Dominique Leuenberger + +- Buildrequire timezone only for general flavor. It's used in this + flavor for the test suite. + +------------------------------------------------------------------- +Wed Sep 2 14:39:44 UTC 2020 - Matej Cepl + +- Update to 3.9.0rc1: + * Core and Builtins + - bpo-38156: Handle interrupts that come after EOF + correctly in PyOS_StdioReadline. + * Library + - bpo-41497: Fix potential UnicodeDecodeError in dis + module. + - bpo-41490: Update ensurepip to install pip 20.2.1 and + setuptools 49.2.1. + - bpo-41467: On Windows, fix asyncio recv_into() return + value when the socket/pipe is closed (BrokenPipeError): + return 0 rather than an empty byte string (b''). + - bpo-41425: Make tkinter doc example runnable. + - bpo-41384: Raise TclError instead of TypeError when an + unknown option is passed to tkinter.OptionMenu. + - bpo-38731: Fix NameError in command-line interface of + py_compile. + - bpo-41317: Use add_done_callback() in + asyncio.loop.sock_accept() to unsubscribe reader early on + cancellation. + - bpo-41364: Reduce import overhead of uuid. + - bpo-41341: Recursive evaluation of typing.ForwardRef in + get_type_hints. + - bpo-41182: selector: use DefaultSelector based upon + implementation + - bpo-40726: Handle cases where the end_lineno is None on + ast.increment_lineno(). + * Documentation + - bpo-41045: Add documentation for debug feature of + f-strings. + - bpo-41314: Changed the release when from __future__ + import annotations becomes the default from 4.0 to 3.10 + (following a change in PEP 563). + * Windows + - bpo-41492: Fixes the description that appears in UAC + prompts. + - bpo-40948: Improve post-install message to direct people + to the “py” command. + - bpo-41412: The installer will now fail to install on + Windows 7 and Windows 8. Further, the UCRT dependency is + now always downloaded on demand. + - bpo-40741: Update Windows release to include SQLite + 3.32.3. + * IDLE + - bpo-41468: Improve IDLE run crash error message (which + users should never see). + - bpo-41373: Save files loaded with no line ending, as when + blank, or different line endings, by setting its line + ending to the system default. Fix regression in 3.8.4 and + 3.9.0b4. + +------------------------------------------------------------------- +Tue Sep 1 10:15:06 UTC 2020 - Matej Cepl + +- Synchronize formatting and fixes with python38. + +------------------------------------------------------------------- +Thu Aug 20 15:41:28 UTC 2020 - Andreas Schwab + +- Increase testsuite timeout to account for super long running + test_peg_generator + +------------------------------------------------------------------- +Tue Jul 21 09:53:06 UTC 2020 - Callum Farmer + +- Removed CVE-2019-20907_tarfile-inf-loop.patch: fixed in upstream +- Removed recursion.tar: contained in upstream +- Update to 3.9.0b5: + - bpo-41304: Fixes python3x._pth being ignored on Windows, caused + by the fix for bpo-29778 (CVE-2020-15801). + - bpo-41162: Audit hooks are now cleared later during + finalization to avoid missing events. + - bpo-29778: Ensure python3.dll is loaded from correct locations + when Python is embedded (CVE-2020-15523). + - bpo-39603: Prevent http header injection by rejecting control + characters in http.client.putrequest(…). + - bpo-41295: Resolve a regression in CPython 3.8.4 where defining + “__setattr__” in a multi-inheritance setup and + calling up the hierarchy chain could fail if builtins/extension + types were involved in the base types. + - bpo-41247: Always cache the running loop holder when running + asyncio.set_running_loop. + - bpo-41252: Fix incorrect refcounting in + _ssl.c’s _servername_callback(). + - bpo-41215: Use non-NULL default values in the PEG parser + keyword list to overcome a bug that was ' + preventing Python from being properly compiled when using the + XLC compiler. Patch by Pablo Galindo. + - bpo-41218: Python 3.8.3 had a regression where compiling with + ast.PyCF_ALLOW_TOP_LEVEL_AWAIT would + aggressively mark list comprehension with CO_COROUTINE. Now only + list comprehension making use of async/await will tagged as so. + - bpo-41175: Guard against a NULL pointer dereference within + bytearrayobject triggered by the bytearray() + bytearray() operation. + - bpo-39960: The “hackcheck” that prevents sneaking around a type’s + __setattr__() by calling the superclass method was + rewritten to allow C implemented heap types. + - bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the + C implementation raises now UnpicklingError instead of crashing. + - bpo-39017: Avoid infinite loop when reading specially crafted + TAR files using the tarfile module (CVE-2019-20907, bsc#1174091). + - bpo-41235: Fix the error handling in ssl.SSLContext.load_dh_params(). + - bpo-41207: In distutils.spawn, restore expectation that + DistutilsExecError is raised when the command is not found. + - bpo-39168: Remove the __new__ method of typing.Generic. + - bpo-41194: Fix a crash in the _ast module: it can no longer be + loaded more than once. It now uses a global state rather than a module state. + - bpo-39384: Fixed email.contentmanager to allow set_content() to set a + null string. + - bpo-41300: Save files with non-ascii chars. + Fix regression released in 3.9.0b4 and 3.8.4. + - bpo-37765: Add keywords to module name completion list. + Rewrite Completions section of IDLE doc. + - bpo-40170: Revert PyType_HasFeature() change: it reads + again directly the PyTypeObject.tp_flags + member when the limited C API is not used, rather than always calling + PyType_GetFlags() which hides implementation details. + +------------------------------------------------------------------- +Mon Jul 20 12:06:41 UTC 2020 - Matej Cepl + +- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 + (CVE-2019-20907, bpo#39017) avoiding possible infinite loop + in specifically crafted tarball. + Add recursion.tar as a testing tarball for the patch. + +------------------------------------------------------------------- +Fri Jul 17 07:07:19 UTC 2020 - Callum Farmer + +- Changed bpo-31046_ensurepip_honours_prefix.patch to include fix from py3.8 + +------------------------------------------------------------------- +Thu Jul 16 21:45:50 UTC 2020 - Callum Farmer + +- Spec file fixes +- Re-added subprocess-raise-timeout.patch: now compatible +- Removed bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch: contained in upstream + +------------------------------------------------------------------- +Wed Jul 15 09:10:42 UTC 2020 - Tomáš Chvátal + +- Fix minor issues found in the staging. + +------------------------------------------------------------------- +Wed Jul 15 06:13:33 UTC 2020 - Tomáš Chvátal + +- Do not set ourselves as primary interpreter + +------------------------------------------------------------------- +Tue Jul 14 20:45:11 UTC 2020 - Matej Cepl + +- Update to 3.9.0b4: + - PEP 584, Union Operators in dict + - PEP 585, Type Hinting Generics In Standard Collections + - PEP 593, Flexible function and variable annotations + - PEP 602, Python adopts a stable annual release cadence + - PEP 615, Support for the IANA Time Zone Database in the + Standard Library + - PEP 616, String methods to remove prefixes and suffixes + - PEP 617, New PEG parser for CPython + - bpo#38379, garbage collection does not block on resurrected + objects; + - bpo#38692, os.pidfd_open added that allows process + management without races and signals; + - bpo#39926, Unicode support updated to version 13.0.0; + - bpo#1635741, when Python is initialized multiple times in + the same process, it does not leak memory anymore; + - A number of Python builtins (range, tuple, set, frozenset, + list, dict) are now sped up using PEP 590 vectorcall; + - A number of Python modules (_abc, audioop, _bz2, _codecs, + _contextvars, _crypt, _functools, _json, _locale, operator, + resource, time, _weakref) now use multiphase initialization + as defined by PEP 489; + - A number of standard library modules (audioop, ast, grp, + _hashlib, pwd, _posixsubprocess, random, select, struct, + termios, zlib) are now using the stable ABI defined by + PEP 384. +- Remove upstreamed patches: + - F00102-lib64.patch + - SUSE-FEDORA-multilib.patch + - OBS_dev-shm.patch + - subprocess-raise-timeout.patch + - bpo36302-sort-module-sources.patch + - bpo40784-Fix-sqlite3-deterministic-test.patch + +------------------------------------------------------------------- +Fri Jul 10 10:55:15 UTC 2020 - Tomáš Chvátal + +- Update pre_checkin.sh and regenerate + +------------------------------------------------------------------- +Fri Jul 10 10:11:39 UTC 2020 - Tomáš Chvátal + +- Convert few dependencies to their pkgconfig counterparts + +------------------------------------------------------------------- +Fri Jul 10 10:08:48 UTC 2020 - Tomáš Chvátal + +- Remove release requirement on libpython, it is not really needed + to be equal as the abi changes with versions + +------------------------------------------------------------------- +Fri Jul 10 10:07:50 UTC 2020 - Tomáš Chvátal + +- Add provides python3-bla on all the subpkgs in case we are + primary provider of the functionality + +------------------------------------------------------------------- +Fri Jul 10 10:02:01 UTC 2020 - Tomáš Chvátal + +- Remove unversioned files from devel subpkg too +- Remove main python3 files from -base based whether we are + primary interpreter or not +- Fix idle to be co-installable +- Add condition to be primary to provide/obsolete python3-* +- Fix doc to build in versioned folder so the pythons can be + installed next to each other + +------------------------------------------------------------------- +Fri Jul 10 07:57:10 UTC 2020 - Tomáš Chvátal + +- Revert the full versioning of calls on the macros. These + are generic so they should really just call python3 X + +------------------------------------------------------------------- +Fri Jul 10 07:56:11 UTC 2020 - Tomáš Chvátal + +- For the doc package we can build with generic flavor, we don't + need the our-interpreter based one + +------------------------------------------------------------------- +Fri Jul 10 07:18:53 UTC 2020 - Tomáš Chvátal + +- Add provides for pytohn3X-typing/etc to allow BR on those still + to work when needed + +------------------------------------------------------------------- +Fri Jul 10 07:14:33 UTC 2020 - Tomáš Chvátal + +- Change macros.python3 to use full versioned 3.8 instead of just 3 + for python interpreter + +------------------------------------------------------------------- +Wed Jul 1 11:50:19 UTC 2020 - Tomáš Chvátal + +- Reduce some now unused conditionals + +------------------------------------------------------------------- +Wed Jul 1 11:00:40 UTC 2020 - Tomáš Chvátal + +- Redux the -base dependencies to match up pre-merge layout + +------------------------------------------------------------------- +Wed Jul 1 09:24:39 UTC 2020 - Tomáš Chvátal + +- Generate baselibs in pre-checkin too + +------------------------------------------------------------------- +Wed Jul 1 09:14:33 UTC 2020 - Tomáš Chvátal + +- Generate the importlib-failed using pre_checking again +- Add back the information about skipped tests on the pre_checkin + output + +------------------------------------------------------------------- +Tue Jun 30 07:11:19 UTC 2020 - Tomáš Chvátal + +- Use %python_pkg_name instead of hardcoding python3 where + applicable +- Sort out preamble with spec-cleaner + +------------------------------------------------------------------- +Mon Jun 29 14:36:10 UTC 2020 - Matej Cepl + +- Calculate required variables instead of relying on their continuous manual update + +------------------------------------------------------------------- +Thu Jun 25 10:44:08 UTC 2020 - Tomáš Chvátal + +- Fix the -base module build again to generate only the deps + we need + +------------------------------------------------------------------- +Wed Jun 17 18:42:51 UTC 2020 - Matej Cepl + +- Replace OBS_dev-shm.patch with the upstream PR#20944 + +------------------------------------------------------------------- +Thu Jun 10 14:30:15 UTC 2020 - Tomáš Chvátal + +- Use the %{python_pkg_name} on more places to allow easier + multiversioning +- Switch to _multibuild approach for easier maintenance of this + package. All is now in one spec file with 3 conditionals: + * bcond_with base + * bcond_with doc + * bcond_with general + +------------------------------------------------------------------- +Mon Jun 8 14:26:00 UTC 2020 - Matej Cepl + +- add requires python3-base on libpython subpackage (bsc#1167008) + +------------------------------------------------------------------- +Fri Jun 5 06:08:12 UTC 2020 - Dirk Mueller + +- build against Sphinx 2.x until python is compatible with + Sphinx 3.x (see gh#python/cpython#19397, bpo#40204) + +------------------------------------------------------------------- +Fri May 29 19:59:01 UTC 2020 - Andreas Stieger + +- Fix build with SQLite 3.32 (bpo#40783) + add bpo40784-Fix-sqlite3-deterministic-test.patch + +------------------------------------------------------------------- +Sun May 17 15:37:35 UTC 2020 - Callum Farmer + +- Update to version 3.8.3: + - Complete list of changes is available at + https://docs.python.org/release/3.8.3/whatsnew/changelog.html#python-3-8-3-final, + but most of them are just bugfixes. + - Removed patch CVE-2020-8492-urllib-ReDoS.patch: contained in upstream + +------------------------------------------------------------------- +Thu Apr 16 12:06:01 UTC 2020 - Matej Cepl + +- Add #!BuildIgnore: gdk-pixbuf-loader-rsvg to python3 SPEC + +------------------------------------------------------------------- +Thu Mar 26 15:36:55 UTC 2020 - Matej Cepl + +- Add patch bsc1167501-invalid-alignment.patch + (bsc#1167501, bpo#40052) to fix alignment in abstract.h header file. + +------------------------------------------------------------------- +Wed Mar 11 11:09:41 UTC 2020 - Andreas Schwab + +- Update list of skipped tests for qemu linux-user build, test_setegid + (test.test_os.PosixUidGidTests) is confusing it + +------------------------------------------------------------------- +Thu Mar 5 18:40:29 UTC 2020 - Matej Cepl + +- Update to 3.8.2: + - Complete list of changes is available at + https://docs.python.org/release/3.8.2/whatsnew/changelog.html#python-3-8-2-final, + but most of them are just bugfixes. + - Updated patches: + - F00102-lib64.patch + - OBS_dev-shm.patch + - SUSE-FEDORA-multilib.patch + - subprocess-raise-timeout.patch + +------------------------------------------------------------------- +Sun Feb 9 00:14:24 CET 2020 - Matej Cepl + +- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug + "Python urrlib allowed an HTTP server to conduct Regular + Expression Denial of Service (ReDoS)" (bsc#1162367) + +------------------------------------------------------------------- +Sat Feb 8 22:21:10 CET 2020 - Matej Cepl + +- Add Requires: libpython%{so_version} == %{version}-%{release} + to python3-base to keep both packages always synchronized + (bsc#1162224). + +------------------------------------------------------------------- +Mon Feb 3 20:27:54 UTC 2020 - Tomáš Chvátal + +- Do not pull in bluez in base again, explain the cycle, + it needs to be solved by bluez maintainer for us by providing + just the headers separately + +------------------------------------------------------------------- +Mon Feb 3 19:54:25 UTC 2020 - Tomáš Chvátal + +- Reame idle icons to idle3 in order to not conflict with python2 + variant of the package + * renamed the icons + * renamed icon load in desktop file + +------------------------------------------------------------------- +Thu Jan 16 09:50:03 UTC 2020 - Tomáš Chvátal + +- Add importlib_resources provide/obsolete as it is integral + part of the lang since 3.7 release + +------------------------------------------------------------------- +Mon Jan 13 11:10:47 UTC 2020 - Martin Liška + +- Add -fno-semantic-interposition as it brings speed up: + https://fedoraproject.org/wiki/Changes/PythonNoSemanticInterpositionSpeedup + +------------------------------------------------------------------- +Thu Dec 19 16:25:26 CET 2019 - Matej Cepl + +- Update to 3.8.1: + - This is mainly bugfix release and no significant changes to + API are expected. The full changelog is available on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-1 + - Remove bpo-38688_shutil.copytree_prevent-infinite-recursion.patch, + which is included in the upstream tarball. + +------------------------------------------------------------------- +Thu Dec 19 14:57:32 CET 2019 - Matej Cepl + +- Add bpo-31046_ensurepip_honours_prefix.patch which makes + ensurepip to honour the value of $(prefix). Proposed fix for + bpo#31046.. + +------------------------------------------------------------------- +Tue Dec 10 11:07:16 UTC 2019 - Tomáš Chvátal + +- Move bluez-devel dependency to base as it is needed for + socket.AF_BLUETOOTH and otherwise does not work + +------------------------------------------------------------------- +Mon Dec 2 16:52:32 CET 2019 - Matej Cepl + +- Reintroduce QtHelp with the help of the new BR + python-sphinxcontrib-qthelp. + +------------------------------------------------------------------- +Mon Oct 21 18:51:00 UTC 2019 - Stefan Brüns + +- Fix SUSE-FEDORA-multilib.patch, the platform agnostic infix for + library installation is "lib", not "dir". + +------------------------------------------------------------------- +Thu Oct 17 14:19:20 UTC 2019 - Stefan Brüns + +- Move idle subpackage build from python3-base to python3. + appstream-glib required for packaging introduces considerable + extra dependencies and a build loop via rust/librsvg. +- Correct installation of idle IDE icons: + + idle.png is not the target directory + + non-GNOME-specific icons belong into icons/hicolor +- Add required Name key to idle3 desktop file + +------------------------------------------------------------------- +Tue Oct 15 16:39:12 CEST 2019 - Matej Cepl + +- Update to the final release 3.8.0. . + - New Features: + - Assignment expressions + - Positional-only parameters + - Parallel filesystem cache for compiled bytecode files + - Debug build uses the same ABI as release build + - f-strings support = for self-documenting expressions and + debugging + - PEP 578: Python Runtime Audit Hooks + - PEP 587: Python Initialization Configuration + - Vectorcall: a fast calling protocol for CPython + - Pickle protocol 5 with out-of-band data buffers + - New modules: + - importlib.metadata + - Improved modules: + - ast asyncio, builtins, collections, curses, ctypes, + datetime, functools, gc, gettext, gzip, idelib and IDLE, + inspect, io, json.tool, math, mmap, multiprocessing, os, + os.path, pathlib, pickle, plistlib, py_compile, shlex, + shutil, socket, ssl, statistics, sys, tarfile, threading, + tokenize, tkinter, time, typing, unicodedata, unittest, + venv, weakref, xml + - C API improvements + - bdist_winnst command has been deprecated (use bdist_wheel) +- https://docs.python.org/3.8/whatsnew/3.8.html remains rest of + changes including documentation on how to port your programs to + the current version of Python. + +------------------------------------------------------------------- +Mon Oct 14 15:02:08 CEST 2019 - Matej Cepl + +- Add idle3.appdata.xml and idle3.desktop (originally from + Fedora) to make Idle3 full GUI desktop application. + (bsc#1153830) + +------------------------------------------------------------------- +Wed Oct 9 19:09:16 UTC 2019 - Michael Gorse + +- Drop intltool from BuildRequires. Doesn't appear to be used. + +------------------------------------------------------------------- +Wed Oct 9 10:37:59 UTC 2019 - Tomáš Chvátal + +- Add folder version to allow tarball downloads even for beta/rc + releases + +------------------------------------------------------------------- +Tue Oct 8 14:53:54 CEST 2019 - Matej Cepl + +- Revert patches from Fedora (F00102-lib64.patch and + F00251-change-user-install-location.patch) into their original + prisitine Fedora versions, SUSE-FEDORA-multilib.patch refreshed + accordingly. + +------------------------------------------------------------------- +Mon Oct 7 14:33:30 UTC 2019 - Matej Cepl + +- Correct quotation of platsubdir in Lib/distutils/command/install.py + +------------------------------------------------------------------- +Thu Oct 3 13:59:57 CEST 2019 - Matej Cepl + +- Replace python-3.6.0-multilib.patch with two patches from + Fedora (F00102-lib64.patch and + F00251-change-user-install-location.patch), and our own + SUSE-FEDORA-multilib.patch to allow better cooperation with + Fedora and better upstreaming. +- Add OBS_dev-shm.patch fixing bpo#38377 + +------------------------------------------------------------------- +Thu Oct 3 08:39:18 UTC 2019 - Tomáš Chvátal + +- Pull in just gettext and let solver to sort out between: + gettext-runtime-mini and gettext-runtime + +------------------------------------------------------------------- +Wed Oct 2 15:00:09 CEST 2019 - Matej Cepl + +- Update to 3.8.0rc1. Overall changes from 3.7: + - PEP 572, Assignment expressions + - PEP 570, Positional-only arguments + - PEP 587, Python Initialization Configuration (improved + embedding) + - PEP 590, Vectorcall: a fast calling protocol for CPython + - PEP 578, Runtime audit hooks + - PEP 574, Pickle protocol 5 with out-of-band data + - Typing-related: PEP 591 (Final qualifier), PEP 586 (Literal + types), and PEP 589 (TypedDict) + - Parallel filesystem cache for compiled bytecode + - Debug builds share ABI as release builds, also the 'm' ABI + tag was removed (irrelevant since 3.4), bpo#36707 + - f-strings support a handy = specifier for debugging + - continue is now legal in finally: blocks + - on Windows, the default asyncio event loop is now + ProactorEventLoop + - on macOS, the spawn start method is now used by default in + multiprocessing + - multiprocessing can now use shared memory segments to avoid + pickling costs between processes + - typed_ast is merged back to CPython + - LOAD_GLOBAL is now 40% faster + - pickle now uses Protocol 4 by default, improving performance +- Refreshed patches: + - CVE-2019-5010-null-defer-x509-cert-DOS.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - python-3.6.0-multilib.patch + - subprocess-raise-timeout.patch + +------------------------------------------------------------------- +Wed Sep 25 09:46:41 UTC 2019 - Bernhard Wiedemann + +- Add bpo36302-sort-module-sources.patch (boo#1041090) + +------------------------------------------------------------------- +Tue Sep 10 13:43:18 UTC 2019 - Tomáš Chvátal + +- Try harder obsoleting importlib-metadata + +------------------------------------------------------------------- +Sat Aug 31 00:16:47 CEST 2019 - Matej Cepl + +- Update to 3.8.0b4: + Many bugfixes, full list on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-0-beta-4 + +------------------------------------------------------------------- +Thu Aug 29 06:28:15 UTC 2019 - Guillaume GARDET + +- Re-enable test_threading on aarch64 + +------------------------------------------------------------------- +Sat Aug 17 13:21:15 UTC 2019 - John Vandenberg + +- Remove xrpm from subpackage tk description + +------------------------------------------------------------------- +Tue Aug 6 14:24:55 CEST 2019 - Matej Cepl + +- Update to 3.8.0b3: + Many bugfixes, full list on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-0-beta-3 +- Patches reapplied: + - python-3.3.0b1-fix_date_time_compiler.patch + - python-3.3.0b1-test-posix_fadvise.patch + - python-3.6.0-multilib.patch + - subprocess-raise-timeout.patch + +------------------------------------------------------------------- +Tue Jul 23 13:20:49 UTC 2019 - Matej Cepl + +- Add Provides: python3-importlib-metadata + +------------------------------------------------------------------- +Sun Jul 7 19:08:48 CEST 2019 - Matej Cepl + +- Update to 3.8.0b2: + Many bugfixes, full list on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-0-beta-2 +- Patches included in upstream: + - bpo-37169_PyObject_IsFreed.patch +- Patches reapplied: + - 00251-change-user-install-location.patch + - distutils-reproducible-compile.patch + - python-3.3.0b1-localpath.patch + - python-3.6.0-multilib.patch + +------------------------------------------------------------------- +Tue Jul 2 09:03:04 UTC 2019 - Andreas Schwab + +- Update list of skipped tests for qemu linux-user build +- Don't do profiling in qemu linux-user build + +------------------------------------------------------------------- +Wed Jun 5 12:19:09 CEST 2019 - Matej Cepl + +- Update to 3.8.0b1 (changes since 3.7.*): + - PEP 572, Assignment expressions + - PEP 570, Positional-only arguments + - PEP 587, Python Initialization Configuration (improved embedding) + - PEP 590, Vectorcall: a fast calling protocol for CPython + - PEP 578, Runtime audit hooks + - PEP 574, Pickle protocol 5 with out-of-band data + - Typing-related: PEP 591 (Final qualifier), PEP 586 (Literal + types), and PEP 589 (TypedDict) + - Parallel filesystem cache for compiled bytecode + - Debug builds share ABI as release builds + - f-strings support a handy = specifier for debugging + - continue is now legal in finally: blocks + - multiprocessing can now use shared memory segments to avoid + pickling costs between processes + - typed_ast is merged back to CPython + - LOAD_GLOBAL is now 40% faster + - pickle now uses Protocol 4 by default, improving performance +- Remove patches which were included in the upstream: + - 00251-change-user-install-location.patch + - 00316-mark-bdist_wininst-unsupported.patch + - CVE-2019-9947-no-ctrl-char-http.patch + - raise_SIGING_not_handled.patch + +------------------------------------------------------------------- +Wed May 22 10:53:03 UTC 2019 - Martin Liška + +- Set _lto_cflags to nil as the package is using LTO via --enable-lto. + That will prevent to propage LTO for Python modules that are + built in a separate package. + +------------------------------------------------------------------- +Sat May 4 21:29:20 CEST 2019 - Matej Cepl + +- Update to 3.8.0.a3: + - PEP 572: Assignment Expressions. + - Other (mostly small) changes are on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-0-alpha-3 + +------------------------------------------------------------------- +Mon Apr 29 15:40:34 CEST 2019 - Matej Cepl + +- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch + Address the issue by disallowing URL paths with embedded + whitespace or control characters through into the underlying + http client request. Such potentially malicious header + injection URLs now cause a ValueError to be raised. + +------------------------------------------------------------------- +Wed Apr 10 10:22:58 CEST 2019 - Matej Cepl + +- Fix metadata of patches. +- Rename boo1071941-make-install-in-sep-loc.patch to + 00251-change-user-install-location.patch which is the original + name, so it can be looked up in the Fedora VCS. + +------------------------------------------------------------------- +Tue Apr 9 04:55:24 UTC 2019 - John Vandenberg + +- Mark distutils bdist_wininst command unsupported + with 00316-mark-bdist_wininst-unsupported.patch +- Remove Windows bdist_wininst executables from runtime package + +------------------------------------------------------------------- +Tue Apr 9 01:21:45 CEST 2019 - Matej Cepl + +- Update to 3.7.3, which is the maintenance release without any + significant changes in API. + - Updated patches: + - CVE-2019-5010-null-defer-x509-cert-DOS.patch + - distutils-reproducible-compile.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - python-3.6.0-multilib.patch + - raise_SIGING_not_handled.patch + +------------------------------------------------------------------ +Wed Mar 20 14:59:58 UTC 2019 - Matěj Cepl + +- Remove building of Qt Develop help files. + +------------------------------------------------------------------- +Fri Mar 15 15:10:30 CET 2019 - Matej Cepl + +- Return distutils-reproducible-compile.patch which is still + missing (still unfinished bpo#29708). + +------------------------------------------------------------------- +Mon Feb 25 23:30:56 CET 2019 - Matej Cepl + +- Update to 3.8.0a2: + * List of all (mostly small) changes are on + https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-0-alpha-2 + +------------------------------------------------------------------- +Tue Feb 12 10:25:52 CET 2019 - Matej Cepl + +- Build nis module again. + +------------------------------------------------------------------- +Tue Feb 12 10:06:17 CET 2019 - Matej Cepl + +- Update to 3.8.0a1: + * The most visible change so far is probably the + implementation of PEP 572: Assignment Expressions. For + a detailed list of changes, see: + https://docs.python.org/3.8/whatsnew/changelog.html + * Recover building of nis module properly in python3 package +- Update patches: + * CVE-2019-5010-null-defer-x509-cert-DOS.patch + * python-3.3.0b1-fix_date_time_compiler.patch + * python-3.3.0b1-test-posix_fadvise.patch + * python-3.6.0-multilib.patch + * raise_SIGING_not_handled.patch + +------------------------------------------------------------------- +Wed Jan 30 18:07:49 CET 2019 - mcepl@suse.com + +- Put LICENSE file where it belongs (bsc#1121852) + +------------------------------------------------------------------- +Sat Jan 19 16:19:38 CET 2019 - mcepl@suse.com + +- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch + fixing bpo-35746. + An exploitable denial-of-service vulnerability exists in the + X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. + A specially crafted X509 certificate can cause a NULL pointer + dereference, resulting in a denial of service. An attacker can + initiate or accept TLS connections using crafted certificates + to trigger this vulnerability. + +------------------------------------------------------------------- +Tue Jan 8 12:51:01 UTC 2019 - Tomáš Chvátal + +- Do not require full gettext in order to avoid pulling in the + glib2 as a dependency + +------------------------------------------------------------------- +Tue Jan 8 12:25:27 UTC 2019 - Tomáš Chvátal + +- Update to 3.7.2: + * bugfix release: + https://docs.python.org/3.7/whatsnew/changelog.html#changelog + +------------------------------------------------------------------- +Wed Jan 2 12:51:48 CET 2019 - mcepl@suse.com + +- Stop applying python-3.6.0-multilib-new.patch (which is still + WIP), and apply the old proven python-3.6.0-multilib.patch + instead. + +------------------------------------------------------------------- +Wed Dec 19 19:29:44 UTC 2018 - Todd R + +- Use upstream-recommended %{_rpmconfigdir}/macros.d directory + for the rpm macros. + +------------------------------------------------------------------- +Mon Dec 17 17:24:49 CET 2018 - mcepl@suse.com + +- Upgrade to 3.7.2rc1: + * bugfix release, for the full list of all changes see + https://docs.python.org/3.7/whatsnew/changelog.html#changelog +- Make run of the test suite more verbose + +------------------------------------------------------------------- +Tue Dec 11 01:52:45 UTC 2018 - Jan Engelhardt + +- Write summaries without em dashes. + +------------------------------------------------------------------- +Mon Dec 3 13:27:54 UTC 2018 - Matěj Cepl + +- Remove python-3.3.0b1-curses-panel.patch it is unnecessary anymore. +- Add boo1071941-make-install-in-sep-loc.patch to make pip and + distutils in user environment install into separate location + (boo#1071941) + + Set values of prefix and exec_prefix in distutils install + command to /usr/local if executable is /usr/bin/python* and RPM + build is not detected to make pip and distutils install into + separate location +- Remove finally python-3.3.3-skip-distutils-test_sysconfig_module.patch +- Remove distutils-reproducible-compile.patch which doesn't make + really much difference in reproducibility (see + gh#python/cpython#8057 and discussion there). + +------------------------------------------------------------------- +Sat Dec 1 00:14:28 CET 2018 - mcepl@suse.com + +- Rename Stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch + to bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch + +------------------------------------------------------------------- +Wed Nov 7 12:10:41 CET 2018 - mcepl@suse.com + +- Add dependency on bluez-devel to build support for Bluetooth + (boo#1109998) + +------------------------------------------------------------------- +Tue Nov 6 13:52:45 CET 2018 - mcepl@suse.com + +- Add devhelp subpackage and split qthelp into another + subpackage. + +------------------------------------------------------------------- +Wed Oct 24 12:38:00 UTC 2018 - Matěj Cepl + +- Remove python-3.0b1-record-rpm.patch and + Python-3.0b1-record-rpm.patch, as they are not needed anymore + +------------------------------------------------------------------- +Tue Oct 23 14:14:16 UTC 2018 - Matej Cepl + +- Switch off test_threading for optimization builds. + +------------------------------------------------------------------- +Mon Oct 22 14:41:59 CEST 2018 - mcepl@suse.com + +- Update to python-3.7.1. This is just a brief overview, complete + changelog available at + https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-1-final: + Library + bpo-34970: Protect tasks weak set manipulation in asyncio.all_tasks() +- Patches already accepted upstream are removed: + * 00307-allow-to-call-Py_Main-after-Py_Initialize.patch + * 00308-tls-1.3.patch +- New patches added: + * Stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch + * raise_SIGING_not_handled.patch +- All other patches refreshed via quilt. + +------------------------------------------------------------------- +Mon Oct 22 12:22:19 UTC 2018 - Matej Cepl + +- Add raise_SIGING_not_handled.patch to fix bsc#1094814 + +------------------------------------------------------------------- +Wed Oct 17 14:04:35 UTC 2018 - Tomáš Chvátal + +- Add patch to fix importlib return types: + * python3-imp-returntype.patch + +------------------------------------------------------------------- +Mon Oct 15 13:46:32 CEST 2018 - mcepl@suse.com + +- bpo-34022 still not completely fixed, so we have to keep + excluding test_cmd_line_script, + test_multiprocessing_main_handling, and test_runpy from the + test suite. + +------------------------------------------------------------------- +Sun Oct 14 15:57:24 UTC 2018 - Matej Cepl + +- Update to python 3.7.1~rc2: + Core and Builtins + bpo-34879: Fix a possible null pointer dereference in + bytesobject.c. Patch by Zackery Spytz. + bpo-34854: Fixed a crash in compiling string annotations + containing a lambda with a keyword-only argument that + doesn’t have a default value. + bpo-34320: Fix dict(od) didn’t copy iteration order of + OrderedDict. + Library + bpo-34769: Fix for async generators not finalizing when event + loop is in debug mode and garbage collector runs in another + thread. + bpo-34922: Fixed integer overflow in the digest() and + hexdigest() methods for the SHAKE algorithm in the hashlib + module. + bpo-34900: Fixed unittest.TestCase.debug() when used to call + test methods with subtests. Patch by Bruno Oliveira. + bpo-34871: Fix inspect module polluted sys.modules when parsing + __text_signature__ of callable. + bpo-34872: Fix self-cancellation in C implementation of + asyncio.Task + bpo-34819: Use a monotonic clock to compute timeouts in + Executor.map() and as_completed(), in order to prevent + timeouts from deviating when the system clock is adjusted. + bpo-34334: In QueueHandler, clear exc_text from LogRecord to + prevent traceback from being written twice. + bpo-6721: Acquire the logging module’s commonly used internal + locks while fork()ing to avoid deadlocks in the child + process. + bpo-34172: Fix a reference issue inside multiprocessing.Pool + that caused the pool to remain alive if it was deleted + without being closed or terminated explicitly. + Documentation + bpo-32174: chm document displays non-ASCII charaters properly on + some MBCS Windows systems. + Tests + bpo-32962: Fixed test_gdb when Python is compiled with flags + -mcet -fcf-protection -O0. + C API + bpo-34910: Ensure that PyObject_Print() always returns -1 on + error. Patch by Zackery Spytz. + +------------------------------------------------------------------- +Fri Oct 12 20:46:58 CEST 2018 - mcepl@suse.com + +- Add Stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch to + fix problems with SOURCE_DATE_EPOCH variable (bpo-34022) + +------------------------------------------------------------------- +Mon Sep 17 09:44:02 UTC 2018 - Tomáš Chvátal + +- Add patch to fix build with tls1.3 supported openssl + * 00308-tls-1.3.patch +- Add patch to fix Py_Main calls after Py_initialize + * 00307-allow-to-call-Py_Main-after-Py_Initialize.patch + +------------------------------------------------------------------- +Mon Sep 3 15:22:42 UTC 2018 - Matěj Cepl + +- Add -fwrapv to OPTS, which is default for python3 anyway + See for example https://github.com/zopefoundation/persistent/issues/86 + for bugs which are caused by avoiding it. + +------------------------------------------------------------------- +Tue Jul 10 11:12:32 UTC 2018 - mcepl@suse.com + +- Fix ownership of _contextvars, _queue, and _xxtestfuzz + +------------------------------------------------------------------- +Tue Jul 3 15:04:48 UTC 2018 - mcepl@suse.com + +- Switch off LTO for distros with older GCC +- Fix %files + +------------------------------------------------------------------- +Fri Jun 29 14:20:03 UTC 2018 - tchvatal@suse.com + +- Add dependency over libuuid-devel + +------------------------------------------------------------------- +Thu Jun 28 10:42:15 UTC 2018 - mimi.vx@gmail.com + +- update to python 3.7.0 + Complete overview of changes is available on + https://docs.python.org/3/whatsnew/3.7.html, these are just + highlights: + * PEP 563, postponed evaluation of type annotations. + * async and await are now reserved keywords. + * New library modules: + contextvars: PEP 567 – Context Variables + dataclasses: PEP 557 – Data Classes + importlib.resources + * New built-in features: + PEP 553, the new breakpoint() function. + * Python data model improvements: + PEP 562, customization of access to module attributes. + PEP 560, core support for typing module and generic types. + the insertion-order preservation nature of dict objects + has been declared to be an official part of the Python + language spec. + * Significant improvements in the standard library: + The asyncio module has received new features, significant + usability and performance improvements. + The time module gained support for functions with + nanosecond resolution. + * CPython implementation improvements: + Avoiding the use of ASCII as a default text encoding: + PEP 538, legacy C locale coercion + PEP 540, forced UTF-8 runtime mode + PEP 552, deterministic .pycs + the new development runtime mode + PEP 565, improved DeprecationWarning handling + * C API improvements: + PEP 539, new C API for thread-local storage + * Documentation improvements: + PEP 545, Python documentation translations + New documentation translations: Japanese, French, and Korean. +- drop python3-sorted_tar.patch +- drop 0001-allow-for-reproducible-builds-of-python-packages.patch +- refresh python-3.6.0-multilib-new.patch +- refresh subprocess-raise-timeout.patch + * new C API for thread-local storage + * Deterministic pyc files + * Built-in breakpoint() + * Data Classes + * Core support for typing module and generic types + * Customization of access to module attributes + * Postponed evaluation of annotations + * Time functions with nanosecond resolution + * Improved DeprecationWarning handling + * Context Variables + * Avoiding the use of ASCII as a default text encoding + (PEP 538, legacy C locale coercion and PEP 540, forced UTF-8 runtime mode) + * The insertion-order preservation nature of dict objects is now + an official part of the Python language spec. + * Notable performance improvements in many areas. + +------------------------------------------------------------------- +Thu May 17 18:26:42 UTC 2018 - hpj@urpla.net + +- disable lto with gcc versions below 7 (results in link failures) + +------------------------------------------------------------------- +Mon Apr 30 15:23:24 UTC 2018 - jengelh@inai.de + +- Use faster find subcommand execution strategies. + +------------------------------------------------------------------- +Fri Apr 20 16:17:29 UTC 2018 - tchvatal@suse.com + +- Do not mention the testsuite disabling in opts as it was moved to + main pkg so base is test-free + +------------------------------------------------------------------- +Tue Apr 17 08:36:08 UTC 2018 - tchvatal@suse.com + +- As we run in main python package do not generate the pre_checkin + from both now + +------------------------------------------------------------------- +Mon Apr 16 14:11:56 UTC 2018 - tchvatal@suse.com + +- Move the tests from base to generic package wrt bsc#1088573 + * We still fail the whole distro if python3 is not build + * The other archs than x86_64 took couple of hours to unblock + build of other software, this way we work around the issue +- Some tests are still run in -base for the LTO tweaking, but at + least it is not run twice + +------------------------------------------------------------------- +Sat Mar 31 19:41:12 UTC 2018 - mimi.vx@gmail.com + +- update to 3.6.5 + * bugfix release + * see Misc/NEWS for details +- drop ctypes-pass-by-value.patch +- drop fix-localeconv-encoding-for-LC_NUMERIC.patch +- refresh python-3.6.0-multilib-new.patch + +------------------------------------------------------------------ +Wed Mar 7 09:16:39 UTC 2018 - adam@mizerski.pl + +- Created %so_major and %so_minor macros +- Put Tools/gdb/libpython.py script into proper place and ship it with devel + subpackage. + +------------------------------------------------------------------- +Tue Feb 20 15:04:56 UTC 2018 - schwab@suse.de + +- ctypes-pass-by-value.patch: Fix pass by value for structs on aarch64 + +------------------------------------------------------------------- +Tue Feb 20 14:28:00 UTC 2018 - bwiedemann@suse.com + +- Add python3-sorted_tar.patch (boo#1081750) + +------------------------------------------------------------------- +Tue Feb 20 14:08:57 UTC 2018 - tchvatal@suse.com + +- Drop python3-tk and python3-idle recommends to reduce python3 + always pulling X stack bsc#1081751 + +------------------------------------------------------------------- +Wed Feb 7 09:10:03 UTC 2018 - tchvatal@suse.com + +- Add patch to fix glibc 2.27 fail bsc#1079761: + * fix-localeconv-encoding-for-LC_NUMERIC.patch + +------------------------------------------------------------------- +Mon Feb 5 17:14:43 UTC 2018 - normand@linux.vnet.ibm.com + +- Update skip_random_failing_tests.patch (for PowerPC) + to avoid test_call_later failure + +------------------------------------------------------------------- +Wed Jan 24 14:35:58 UTC 2018 - jmatejek@suse.com + +- move XML modules and python3-xml provide to python3-base + (fixes bsc#1077230) +- move ensurepip to base + +------------------------------------------------------------------- +Thu Jan 18 12:31:47 UTC 2018 - normand@linux.vnet.ibm.com + +- Add skip_random_failing_tests.patch only for PowerPC + +------------------------------------------------------------------- +Wed Jan 3 12:18:51 UTC 2018 - jmatejek@suse.com + +- update to 3.6.4 + * bugfix release, over a hundred bugs fixed + * see Misc/NEWS for details +- drop upstreamed python3-ncurses-6.0-accessors.patch +- drop PYTHONSTARTUP hooks that cause spurious startup errors + * fixes bsc#1070738 + * the relevant feature (REPL history) is now built into Python itself + +------------------------------------------------------------------- +Sat Dec 2 11:11:46 UTC 2017 - dimstar@opensuse.org + +- Install 2to3-%{python_version} executable (override defattr of + the -tools package). 2to3 (unversioned) is a symlink and does not + carry permissions (bsc#1070853). + +------------------------------------------------------------------- +Thu Nov 16 11:02:18 UTC 2017 - mimi.vx@gmail.com + +- move 2to3 to python3-tools package + +------------------------------------------------------------------- +Wed Oct 11 13:15:23 UTC 2017 - jmatejek@suse.com + +- update to 3.6.3 + * bugfix release, over a hundred bugs fixed + * see Misc/NEWS for details +- drop upstreamed 0001-3.6-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3093.patch + +------------------------------------------------------------------- +Wed Sep 20 09:54:05 UTC 2017 - dmueller@suse.com + +- drop python-2.7-libffi-aarch64.patch: this patches the intree + copy of libffi which is unused/deleted in the line afterwards +- fix build against system libffi: include flags weren't set + so it actually used the in-tree libffi headers. + +------------------------------------------------------------------- +Thu Sep 14 13:23:10 UTC 2017 - vcizek@suse.com + +- Fix test broken with OpenSSL 1.1 (bsc#1042670) + * add 0001-3.6-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3093.patch + +------------------------------------------------------------------- +Tue Sep 5 11:47:05 UTC 2017 - jengelh@inai.de + +- Update RPM group for python documentation. + +------------------------------------------------------------------- +Thu Aug 31 08:39:31 UTC 2017 - schwab@suse.de + +- fix missing %{?armsuffix} + +------------------------------------------------------------------- +Wed Aug 30 13:41:38 UTC 2017 - jmatejek@suse.com + +- distutils-reproducible-compile.patch: ensure distutils order files + before compiling, which works around bsc#1049186 + +------------------------------------------------------------------- +Thu Aug 17 08:59:05 CEST 2017 - kukuk@suse.de + +- Add libnsl-devel build requires for glibc obsoleting libnsl + +------------------------------------------------------------------- +Thu Aug 3 16:09:26 UTC 2017 - jmatejek@suse.com + +- update to 3.6.2 + * bugfix release, over a hundred bugs fixed + * see Misc/NEWS for details +- drop upstreamed test-socket-aead-kernel49.patch +- add Provides: python3-typing (fixes bsc#1050653) +- drop duplicate Provides: python3 + +------------------------------------------------------------------- +Mon Jun 26 12:10:07 UTC 2017 - jmatejek@suse.com + +- drop db-devel from requirements + +------------------------------------------------------------------- +Tue Jun 20 09:26:52 UTC 2017 - asn@cryptomilk.org + +- Add missing link to python library in config dir (bsc#1040164) + +------------------------------------------------------------------- +Thu Mar 23 12:42:59 UTC 2017 - jmatejek@suse.com + +- update to 3.6.1 + * bugfix release, over a hundred bugs fixed + * never add import location's parent directory to sys.path + * switch to git for version control, build changes related to that + * fix "failed to get random numbers" on old kernels (bsc#1029902) + * several crashes and memory leaks corrected + * f-string are no longer accepted as docstrings + +------------------------------------------------------------------- +Mon Mar 13 14:04:22 UTC 2017 - jmatejek@suse.com + +- prevent regenerating AST at build-time more robustly +- add "--without profileopt" and "--without testsuite" options to python3-base + to allow short circuiting when working on the package + +------------------------------------------------------------------- +Sat Feb 25 20:55:57 UTC 2017 - bwiedemann@suse.com + +- Add 0001-allow-for-reproducible-builds-of-python-packages.patch + upstream https://github.com/python/cpython/pull/296 + +------------------------------------------------------------------- +Wed Feb 8 12:30:20 UTC 2017 - jmatejek@suse.com + +- reenable test_socket with AEAD patch (test-socket-aead-kernel49.patch) +- reintroduce %py3_soflags macro (and better named %cpython3_soabi equivalent) + +------------------------------------------------------------------- +Wed Jan 11 14:57:07 UTC 2017 - jmatejek@suse.com + +- update to 3.6.0 + * PEP 498 Formated string literals + * PEP 515 Underscores in numeric literals + * PEP 526 Syntax for variable annotations + * PEP 525 Asynchronous generators + * PEP 530 Asynchronous comprehensions + * PEP 506 New "secrets" module for safe key generation + * less memory consumed by dicts + * dtrace and systemtap support + * improved asyncio module + * better defaults for ssl + * new hashing algorithms in hashlib + * bytecode format changed to allow more optimizations + * "async" and "await" are on track to be reserved words + * StopIteration from generators is deprecated + * support for openssl < 1.0.2 is deprecated + * os.urandom now blocks when getrandom() blocks + * huge number of new features, bugfixes and optimizations + * see https://docs.python.org/3.6/whatsnew/3.6.html for details +- rework multilib patch: drop Python-3.5.0-multilib.patch, implement + upstreamable python-3.6.0-multilib-new.patch +- refresh python-3.3.0b1-localpath.patch, subprocess-raise-timeout.patch +- drop upstreamed Python-3.5.1-fix_lru_cache_copying.patch +- finally drop python-2.6b1-canonicalize2.patch that was not applied in source + and only kept around in case we needed it in the future. (which we don't, as it seems) +- update import_failed map and baselibs +- build ctypes against system libffi + (buildrequire libffi-devel in python3-base) +- add new key to keyring (signed by keys already in keyring) +- introduced common configure section between python3 and python3-base +- moved pyconfig.h and Makefile to devel subpackage as distutils no longer + need it at runtime +- added python-rpm-macros dependency, regenerated macros file, drop macros.python3.py + because it is not used now +- improve summaries and descriptions (fixes bsc#917607) +- enabled Link-Time Optimization, see what happens +- including skipped_tests.py in pre_checkin.sh run +- run specs through spec-cleaner, rearrange sections + +------------------------------------------------------------------- +Fri Apr 22 17:20:29 UTC 2016 - jmatejek@suse.com + +- move _hashlib and _ssl modules and tests to python3-base +- recommend python3 + +------------------------------------------------------------------- +Tue Mar 15 15:05:23 UTC 2016 - schwab@suse.de + +- Skip test_asyncio under qemu_user_space_build + +------------------------------------------------------------------- +Mon Mar 7 20:38:11 UTC 2016 - toddrme2178@gmail.com + +- Add Python-3.5.1-fix_lru_cache_copying.patch + Fix copying the lru_cache() wrapper object. + Fixes deep-copying lru_cache regression, which worked on + previous versions of python but fails on python 3.5. + This fixes a bunch of packages in devel:languages:python3. + See: https://bugs.python.org/issue25447 + +------------------------------------------------------------------- +Sun Jan 24 00:44:08 UTC 2016 - arichardson.kde@gmail.com + +- Build the docs in .qch format as well + +------------------------------------------------------------------- +Wed Dec 9 07:35:20 UTC 2015 - toddrme2178@gmail.com + +- update to 3.5.1 + * bugfix-only release, dozens of bugs fixed +- Drop upstreamed Python-3.5.0-_Py_atomic_xxx-symbols.patch +- "Python3" to "Python 3" in summary + * This seems cleaner and fixes and rpmlint warning + +------------------------------------------------------------------- +Wed Oct 14 20:21:52 UTC 2015 - toddrme2178@gmail.com + +- Add Python-3.5.0-_Py_atomic_xxx-symbols.patch + This fixes a build error for many packages that use the Python, + C-API. + This patch is already accepted upstream and is slated to appear in + python 3.5.1. + +------------------------------------------------------------------- +Tue Sep 29 15:53:24 UTC 2015 - jmatejek@suse.com + +- update to 3.5.0 + * coroutines with async/await syntax + * matrix multiplication operator `@` + * unpacking generalizations + * new modules `typing` and `zipapp` + * type annotations + * .pyo files replaced by custom suffixes for optimization levels in __pycache__ + * support for memory BIO in ssl module + * performance improvements in several modules + * and many more +- removals and behavior changes + * deprecated `__version__` is removed + * support for .pyo files was removed + * system calls are auto-retried on EINTR + * bare generator expressions in function calls now cause SyntaxError + (change "f(x for x in i)" to "f((x for x in i))" to fix) + * removed undocumented `format` member of private `PyMemoryViewObject` struct + * renamed `PyMemAllocator` to `PyMemAllocatorEx` +- redefine %dynlib macro to reflect that modules now have arch+os as part of name +- module `time` is now built-in +- dropped upstreamed patches: + python-3.4.1-fix-faulthandler.patch + python-3.4.3-test-conditional-ssl.patch + python-fix-short-dh.patch (also dropped dh2048.pem required for this patch) +- updated patch Python-3.3.0b2-multilib.patch to Python-3.5.0-multilib.patch +- python-ncurses-6.0-accessors.patch taken from python 2 to fix build failure + with new gcc + ncurses + +------------------------------------------------------------------- +Wed Sep 9 11:51:22 UTC 2015 - dimstar@opensuse.org + +- Add python3-ncurses-6.0-accessors.patch: Fix build with + NCurses 6.0 and OPAQUE_WINDOW set to 1. + +------------------------------------------------------------------- +Mon Aug 24 17:02:08 UTC 2015 - jmatejek@suse.com + +- improve import_failed hook to do the right thing when invoking + missing modules with "python3 -m modulename" (boo#942751) + +------------------------------------------------------------------- +Thu Jul 23 22:08:10 UTC 2015 - fisiu@opensuse.org + +- Build with --enable-loadable-sqlite-extensions to make it works + as geospatial database. + +------------------------------------------------------------------- +Wed Jul 1 07:07:26 UTC 2015 - dimstar@opensuse.org + +- Fix source list for previous change (add dh2048.pem). + +------------------------------------------------------------------- +Wed Jun 24 06:54:30 UTC 2015 - meissner@suse.com + +- dh2048.pem: added generated 2048 dh parameter set to fix + ssl test (bsc#935856) +- python-fix-short-dh.patch: replace the 512 bits dh parameter set + by 2048 bits to fix build with new openssl 1.0.2c (bsc#935856) + +------------------------------------------------------------------- +Tue May 19 14:59:30 UTC 2015 - schwab@suse.de + +- ctypes-libffi-aarch64.patch: remove upstreamed patch +- python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for + aarch64 + +------------------------------------------------------------------- +Thu May 14 10:58:36 UTC 2015 - jmatejek@suse.com + +- drop the PDF subpackage + (removes the massive texlive dependency, and most likely nobody is + using the PDFs anyway) + +------------------------------------------------------------------- +Thu May 14 09:53:29 UTC 2015 - jmatejek@suse.com + +- python-3.4.3-test-conditional-ssl.patch - restore tests failing because + test_urllib was unconditionally importing ssl (without really needing it) +- restore functionality of multilib patch +- drop libffi-ppc64le.diff because upstream completely changed everything + yet again (sorry ppc64 folks :| ) + + +------------------------------------------------------------------- +Fri May 1 15:11:21 UTC 2015 - mailaender@opensuse.org + +- Update to version 3.4.3 +- Drop upstreamed CVE-2014-4650-CGIHTTPServer-traversal.patch + (bpo#21766) + +------------------------------------------------------------------- +Wed Mar 25 10:57:28 UTC 2015 - rguenther@suse.com + +- Add python-3.4.1-fix-faulthandler.patch, upstream patch for bogus + faulthandler which fails with GCC 5. + +------------------------------------------------------------------- +Sun Jan 11 13:01:30 UTC 2015 - p.drouand@gmail.com + +- asyncio has been merged in python3 main package; provide and + obsolete it +- Remove obsolete AUTHORS section +- Remove redundant %clean section + +------------------------------------------------------------------- +Sat Oct 18 20:14:54 UTC 2014 - crrodriguez@opensuse.org + +- Only pkgconfig(x11) is required for build, not the whole + set of packages provided by xorg-x11-devel metapackage. + +------------------------------------------------------------------- +Mon Oct 13 13:38:20 UTC 2014 - jmatejek@suse.com + +- add %python3_version rpm macro for Fedora compatibility +- add missing argument in import_failed, rename Novell Bugzilla + to SUSE Bugzilla + +------------------------------------------------------------------- +Thu Jul 31 17:24:59 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jul 23 16:31:02 UTC 2014 - jmatejek@suse.com + +- CVE-2014-4650-CGIHTTPServer-traversal.patch: CGIHTTPServer file + disclosure and directory traversal through URL-encoded characters + (CVE-2014-4650, bnc#885882) + +------------------------------------------------------------------- +Tue Jul 22 13:55:57 UTC 2014 - jmatejek@suse.com + +- drop python-3.4.1-SUSE-ensurepip.patch for compatibility reasons, + reinstate bundled copies of pip and setuptools + (fixes bnc#885662) +- add more files as sources to silence the validator + +------------------------------------------------------------------- +Wed May 21 11:01:56 UTC 2014 - jmatejek@suse.com + +- update to 3.4.1 + * bugfix-only release, over 300 bugs fixed +- drop upstreamed python-3.4.0rc2-sqlite-3.8.4-tests.patch +- drop upstreamed CVE-2014-2667-mkdir.patch +- include Python release manager keyring and signature file + for the source archive (thus renumbering of source files) + (see https://www.python.org/download/#openpgp-public-keys ) +- move ensurepip to python3, because it transitively requires ssl + +------------------------------------------------------------------- +Fri Apr 4 16:21:40 UTC 2014 - jmatejek@suse.com + +- CVE-2014-2667-mkdir.patch: race condition with reseting umask + in os.makedirs + (CVE-2014-2667, bnc#871152) +- updated multilib patch to include ~/.local/lib64 (bnc#637176) + +------------------------------------------------------------------- +Wed Mar 26 15:24:46 UTC 2014 - jmatejek@suse.com + +- raise timeout value for test_subprocess to 10s (might fix + intermittent build failures in OBS) + +------------------------------------------------------------------- +Mon Mar 24 17:29:31 UTC 2014 - dmueller@suse.com + +- remove blacklisting of test_posix on aarch64: qemu bug is fixed + +------------------------------------------------------------------- +Mon Mar 17 18:26:58 UTC 2014 - jmatejek@suse.com + +- update to 3.4.0 final +- drop upstreamed python-3.4rc2-importlib.patch + +------------------------------------------------------------------- +Sun Mar 16 16:33:25 UTC 2014 - schwab@suse.de + +- Only build with profile-opt if profiling is enabled +- Update test exclusion lists: + * test_ctypes no longer fails on arm + * test_io no longer fails on ppc* + * test_multiprocessing has been split in multiple tests + * test_posix and test_signal fail due to qemu bugs + +------------------------------------------------------------------- +Fri Mar 14 20:26:03 UTC 2014 - andreas.stieger@gmx.de + +- Fix build with SQLite 3.8.4 [bnc#867887], fixing SQLite tests, + adding python-2.7.6-sqlite-3.8.4-tests.patch + +------------------------------------------------------------------- +Thu Feb 27 14:08:40 UTC 2014 - jmatejek@suse.com + +- update to 3.4.0 rc2 + * pre-release bugfixes + * improvements to asyncio library +- drop upstreamed tracemalloc_gcov.patch +- python-3.4rc2-importlib.patch fixes backwards-incompatibility + in the reworked importlib module that blocks build of vim + +------------------------------------------------------------------- +Fri Jan 17 18:45:27 UTC 2014 - jmatejek@suse.com + +- initial commit of 3.4.0 beta 3 + * new stdlib modules: pathlib, enum, statistics, tracemalloc + * asynchronous IO with new asyncio module + * introspection data for builtins + * subprocesses no longer inherit open file descriptors + * standardized metadata for packages + * internal hashing changed to SipHash + * new pickle protocol + * improved handling of codecs + * TLS 1.2 support + * major speed improvements for internal unicode handling + * many bugfixes and optimizations +- see porting guide at: + http://docs.python.org/3.4/whatsnew/3.4.html#porting-to-python-3-4 +- moved several modules to -testsuite subpackage +- updated list of binary extensions, refreshed patches +- tracemalloc_gcov.patch fixes profile-based optimization build +- updated packages and pre_checkin.sh to use ~-version notation + for prereleases +- fix-shebangs part of build process moved to common %prep +- drop python-3.3.2-no-REUSEPORT.patch (upstreamed) +- update baselibs for new soname + +- TODOs: + * require python-pip, make ensurepip work with zypper + +------------------------------------------------------------------- +Wed Dec 4 13:21:26 UTC 2013 - matz@suse.de + +- add ppc64le (ELFv2) support for libffi copy for ctypes module +- Adjust Python-3.3.0b2-multilib.patch for ppc64le (make sys.lib be + "lib64"). +- added patches: + * libffi-ppc64le.diff +------------------------------------------------------------------- +Tue Dec 3 09:51:43 UTC 2013 - adrian@suse.de + +- add ppc64le rules + +------------------------------------------------------------------- +Fri Nov 22 13:17:23 UTC 2013 - speilicke@suse.com + +- Add python-3.3.3-skip-distutils-test_sysconfig_module.patch: + + Disable global and distutils sysconfig comparison test, we deviate + from the default depending on optflags + +------------------------------------------------------------------- +Tue Nov 19 14:28:41 UTC 2013 - jmatejek@suse.com + +- update to 3.3.3 + * bugfix-only release + * many SSL-related fixes + * upstream fix for CVE-2013-4238 + * upstream fixes for CVE-2013-1752 +- move example module xxlimited to python3-testsuite +- drop CVE-2013-4238_py33.patch - it is upstreamed +- remove --with-wide-unicode config option, it is now the default + (and only) choice +- don't touch anything between make and makeinstall +- drop python-3.2b2-buildtime-generate.patch - the issue was caused + by touching things between make and makeinstall +- link pycache entries for import_failed hooks properly + +------------------------------------------------------------------- +Tue Oct 15 17:44:08 UTC 2013 - crrodriguez@opensuse.org + +- build with -DOPENSSL_LOAD_CONF for the same reasons + described in the python2 package. + +------------------------------------------------------------------- +Fri Aug 16 11:35:15 UTC 2013 - jmatejek@suse.com + +- handle NULL bytes in certain fields of SSL certificates + (CVE-2013-4238, bnc#834601) + +------------------------------------------------------------------- +Thu Aug 8 14:54:49 UTC 2013 - dvaleev@suse.com + +- Exclue test_faulthandler from tests on powerpc due to bnc#831629 + +------------------------------------------------------------------- +Thu Jun 13 15:05:34 UTC 2013 - jmatejek@suse.com + +- update to 3.3.2 + * bugfix-only release + * fixes several regressions introduced in 3.3.1 +- switch to xz compression +- move _lzma module to python3-base +- python-3.3.2-no-REUSEPORT.patch to fix build on kernels without SO_REUSEPORT + +------------------------------------------------------------------- +Mon Apr 29 22:32:43 UTC 2013 - schwab@suse.de + +- Readd missing bits from ctypes-libffi-aarch64.patch + +------------------------------------------------------------------- +Sat Apr 13 07:56:51 UTC 2013 - idonmez@suse.com + +- Update to version 3.3.1 + * Fix the –enable-profiling configure switch. + * In IDLE, close the replace dialog after it is used. +- Too many bugfixes to list here, + see See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS +- Refresh Python-3.3.0b2-multilib.patch +- Refresh python-3.2b2-buildtime-generate.patch +- Drop upstream patches: ctypes-libffi-aarch64.patch, + python-3.2.3rc2-pypirc-secure.patch, python-3.3.0-getdents64.patch + +------------------------------------------------------------------- +Mon Apr 8 11:25:30 UTC 2013 - speilicke@suse.com + +- Exclude sqlite/test and tk/test directories from the respective + sub-packages. These are owned by the testsuite sub-package already + +------------------------------------------------------------------- +Fri Apr 5 12:59:20 UTC 2013 - idonmez@suse.com + +- Add Source URL, see https://en.opensuse.org/title=SourceUrls + +------------------------------------------------------------------- +Wed Apr 3 15:36:04 UTC 2013 - jmatejek@suse.com + +- remove spurious modification of python-3.3.0b1-localpath.patch + that would force installation into /usr/local. + this fixes bnc#809831 + +------------------------------------------------------------------- +Thu Mar 28 18:38:51 UTC 2013 - jmatejek@suse.com + +- replace broken movetogetdents64.diff patch with a correct one + from upstream repo (python-3.3.0-getdents64.patch) + +------------------------------------------------------------------- +Fri Mar 1 07:42:21 UTC 2013 - dmueller@suse.com + +- add ctypes-libffi-aarch64.patch: + * import aarch64 support for libffi in _ctypes module +- add aarch64 to the list of lib64 based archs +- add movetogetdents64.diff: + * port to getdents64, as SYS_getdents is not implemented everywhere + +------------------------------------------------------------------- +Tue Feb 26 08:57:55 UTC 2013 - saschpe@suse.de + +- /etc/rpm/macros.python3 is no %config, it is not meant to be changed + by users. +- Add rpmlintrc with some obvious filters + +------------------------------------------------------------------- +Mon Jan 28 18:14:39 UTC 2013 - jmatejek@suse.com + +- update baselibs for new version of libpython3 + +------------------------------------------------------------------- +Thu Nov 29 17:02:37 UTC 2012 - jmatejek@suse.com + +- fix include path in macros (bnc#787526) +- implement failed import handlers for modules that live in + subpackages - e.g. "import ssl" will now throw a sensible error + message telling you to install "python3" + +------------------------------------------------------------------- +Wed Nov 28 17:02:07 UTC 2012 - jmatejek@suse.com + +- merge python3-xml into python3 +- merge python3-2to3 library into python3-base + and the 2to3 binary into python3-devel + (python3-devel is now in conflict with python-2to3, which + will be dropped) +- enable --with-system-expat for python3, making the xml modules + (and thus python3) depend on expat +- reconfigure tests to disable network and GUI resources, which + the upstream apparently thought is a good idea to enable by default. + this fixes build failures in Factory +- add lzma-devel to build the _lzma module +- moved %dynlib macro definition to common section + +------------------------------------------------------------------- +Mon Nov 5 20:01:46 UTC 2012 - coolo@suse.com + +- buildrequire timezone for the test suite + +------------------------------------------------------------------- +Mon Oct 29 18:21:45 UTC 2012 - dmueller@suse.com + +- disable more checks for qemu builds as they use syscalls not + implemented yet + +------------------------------------------------------------------- +Thu Oct 25 08:14:36 UTC 2012 - Rene.vanPaassen@gmail.com + +- exclude test_math for SLE 11; math library fails on negative + gamma function values close to integers and 0, probably + due to imprecision in -lm on SLE_11_SP2. + +------------------------------------------------------------------- +Tue Oct 16 12:15:34 UTC 2012 - coolo@suse.com + +- buildrequire libbz2-devel explicitly + +------------------------------------------------------------------- +Mon Oct 8 14:33:08 UTC 2012 - jmatejek@suse.com + +- remove distutils.cfg (bnc#658604) + * this changes default prefix for distutils to /usr + * see ML for details: +http://lists.opensuse.org/opensuse-packaging/2012-09/msg00254.html + +------------------------------------------------------------------- +Mon Oct 1 08:53:03 UTC 2012 - idonmez@suse.com + +- Update to final 3.3.0 release + * See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS + +------------------------------------------------------------------- +Thu Sep 27 12:35:01 UTC 2012 - idonmez@suse.com + +- Correct dependency for python3-testsuite, + python3-tkinter -> python3-tk + +------------------------------------------------------------------- +Thu Aug 23 13:08:11 UTC 2012 - jmatejek@suse.com + +- update to 3.3.0 RC1 + +------------------------------------------------------------------- +Fri Aug 3 12:09:34 UTC 2012 - jmatejek@suse.com + +- update to 3.3.0 beta 1 + * flexible string representation, no longer distinguishing + between wide and narrow Unicode builds + * importlib-based import system + * virtualenv support in core + * namespace packages + * explicit Unicode literals for easier porting + * key-sharing dict implementation reduces memory footprint + of OO code + * hash randomization on by default + * many other new bugfixes and features, check NEWS for details + +- pre_checkin.sh now autofills various version strings in specs +- ship hashlib's fallback modules - those uselessly take up space + when real _hashlib.so from python3 is present, but the space wasted + is only 114kB and it provides python3-base with a working hashlib + module. + (also, this fixes bnc#743787) + +------------------------------------------------------------------- +Fri Jul 27 09:02:41 UTC 2012 - dvaleev@suse.com + +- skip test_io on ppc +- drop test_io ppc patch + +------------------------------------------------------------------- +Thu Jun 28 07:57:58 UTC 2012 - saschpe@suse.de + +- Satisfy source_validator by uncommenting an otherwise unused "Patch" + line + +------------------------------------------------------------------- +Tue Jun 12 15:39:08 UTC 2012 - adrian@suse.de + +- fix logic of checks exclusion + +------------------------------------------------------------------- +Fri May 18 11:50:27 UTC 2012 - idonmez@suse.com + +- update to 3.2.3 + * No changes since rc2 + +------------------------------------------------------------------- +Thu Mar 29 15:44:33 UTC 2012 - jmatejek@suse.com + +- update to 3.2.3rc2 + * fixes several security issues: + * CVE-2012-0845, bnc#747125 + * CVE-2012-1150, bnc#751718 + * CVE-2011-4944, bnc#754447 + * CVE-2011-3389, bnc#754677 +- fix for insecure .pypirc (CVE-2011-4944, bnc#754447) +- disable test_gdb because it is broken by our gdb + +------------------------------------------------------------------- +Thu Feb 16 12:33:12 UTC 2012 - dvaleev@suse.com + +- skip broken test_io test on ppc + +------------------------------------------------------------------- +Wed Jan 18 15:49:47 UTC 2012 - jmatejek@suse.com + +- update to 3.2.2 + * bugfix-only release + * reports "linux2" as sys.platform regardless of Linux kernel +- added pre_checkin.sh to copy common spec sections to python3.spec +- added PACKAGING-NOTES with some helpful info for packagers + +------------------------------------------------------------------- +Sun Dec 25 13:25:01 UTC 2011 - idonmez@suse.com + +- Use system ffi, included one is broken see + http://bugs.python.org/issue11729 and + http://bugs.python.org/issue12081 + +------------------------------------------------------------------- +Fri Dec 9 17:19:55 UTC 2011 - jmatejek@suse.com + +- license.opensuse.org-compatible license headers + +------------------------------------------------------------------- +Fri Dec 2 16:46:44 UTC 2011 - coolo@suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Thu Nov 24 12:42:25 UTC 2011 - agraf@suse.com + +- fix ARM build (exclude some test cases which break for us) + +------------------------------------------------------------------- +Tue Aug 16 17:02:22 UTC 2011 - termim@gmail.com + +- use sysconfig module to get py3_incdir, py3_abiflags, + py3_soflags, python3_sitelib and python3_sitearch + +------------------------------------------------------------------- +Mon Jul 18 16:22:31 UTC 2011 - jmatejek@novell.com + +- update to 3.2.1 + * bugfix-only release, no major changes +- fix build on linux3 platform +- remove upstreamed pybench patch +- install /usr/lib directories in all cases to prevent spurious + "directory not owned" in dependent packages + +------------------------------------------------------------------- +Wed Jun 15 14:16:38 UTC 2011 - jmatejek@novell.com + +- replaced dynamic so version with manual so version, because + autobuild does not support autogeneration + +------------------------------------------------------------------- +Tue May 24 13:39:06 UTC 2011 - jmatejek@novell.com + +- generate macros.python3 at compile-time with fixed values +- don't include bogus values in pyconfig.h, as they can break + third-party packages (bnc#673071) + +------------------------------------------------------------------- +Tue May 17 12:52:51 UTC 2011 - jmatejek@novell.com + +- added Obsoletes: python3 < 3.1 so that the transition from + non-split to split packages goes smoothly + +------------------------------------------------------------------- +Fri May 13 12:38:19 UTC 2011 - jmatejek@novell.com + +- fixed RPM macros to use python3 instead of python +- updated to build --with-wide-unicode (for compatibility with + fedora and our own python 2.x series) + +------------------------------------------------------------------- +Thu Apr 21 03:39:25 UTC 2011 - termim@gmail.com + +- fix python3-base build failure due to pybench.py crash by + python-3.2-pybench.patch +- move pyconfig.h from python3-devel to python3-base package to + make python3-base functional again + +------------------------------------------------------------------- +Wed Mar 23 04:26:28 UTC 2011 - termim@gmail.com + +- update to python 3.2 + * stable ABI, ABI-tagged .so files + * concurrent.futures and many other new or upgraded modules + * PYC repository directories ( __pycache__ ) + * python WSGI 1.0.1 + * Unicode 6.0.0 support + * a great number of bugfixes and assorted improvements + +------------------------------------------------------------------- +Tue Feb 8 19:42:17 CET 2011 - matejcik@suse.cz + +- update to python 3.2 RC2 +- renamed python3-demo to python3-tools, because the demo part + became much smaller than the tools part +- added rpm macros + +------------------------------------------------------------------- +Tue Jan 18 14:13:04 UTC 2011 - jmatejek@novell.com + +- update to python 3.2 beta 2, see NEWS for details +- split off -base package with less dependencies, and a shlib-policy + compliant libpython3 package +- mostly rewritten the spec file with more detailed comments +- cleaned up lists of patches + diff --git a/python310.spec b/python310.spec new file mode 100644 index 0000000..2894f5e --- /dev/null +++ b/python310.spec @@ -0,0 +1,1041 @@ +# +# spec file +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%global flavor @BUILD_FLAVOR@%{nil} +%if "%{flavor}" == "doc" +%define psuffix -documentation +%bcond_without doc +%bcond_with base +%bcond_with general +%endif +%if "%{flavor}" == "base" +%define psuffix -core +%bcond_with doc +%bcond_without base +%bcond_with general +%endif +%if "%{flavor}" == "" +%define psuffix %{nil} +%bcond_with doc +%bcond_with base +%bcond_without general +%endif + +%define python_pkg_name python310 +%if "%{python_pkg_name}" == "%{primary_python}" +%define primary_interpreter 1 +%else +%define primary_interpreter 0 +%endif + +%if 0%{?sle_version} && 0%{?suse_version} < 1550 +# Obsoleting previous "latest" Python versions +# Next versions will get more lines like for older versions +%define obsolete_python_versioned() \ +Obsoletes: python39%{?1:-%{1}} +%else +%define obsolete_python_versioned() %{nil} +%endif + +# Setting up variables +%define _version %(c=%{version}; echo ${c/[a-z]*/}) +%define tar_suffix %(c=%{_version}; echo ${c#%{_version}}) +%define python_version %(echo %{_version}|cut -d. -f1-2) +# based on the current source tarball +%define python_version_abitag %(c=%{python_version}; echo ${c//./}) +# FIXME %%define python_version_soname %%(c=%%{python_version}; echo ${c//./_}) +%define python_version_soname 3_10 +%if 0%(test -n "%{tar_suffix}" && echo 1) +%define _version %(echo "%{_version}~%{tar_suffix}") +%define tarversion %{version} +%else +%define tarversion %{version} +%endif +# We don't process beta signs well +%define folderversion %{tarversion} +%define tarname Python-%{tarversion} +%define sitedir %{_libdir}/python%{python_version} +# three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 +%define abi_kind %{nil} +# python ABI version - used in some file names +%define python_abi %{python_version}%{abi_kind} +# soname ABI tag defined in PEP 3149 +%define abi_tag %{python_version_abitag}%{abi_kind} +# version part of "libpython" package +%define so_major 1 +%define so_minor 0 +%define so_version %{python_version_soname}%{abi_kind}-%{so_major}_%{so_minor} +# rpm and python have different ideas about what is an arch-dependent name, so: +%if "%{__isa_name}" == "ppc" +%define archname %(echo %{_arch} | sed s/ppc/powerpc/) +%else +%define archname %{_arch} +%endif +# our arm has Hardware-Floatingpoint +%if "%{_arch}" == "arm" +%define armsuffix hf +%endif +# Decide whether we want to use mpdecimal +%if 0%{?suse_version} >= 1550 +%bcond_without mpdecimal +%else +%bcond_with mpdecimal +%endif +# pyexpat.cpython-35m-x86_64-linux-gnu +# pyexpat.cpython-35m-powerpc64le-linux-gnu +# pyexpat.cpython-35m-armv7-linux-gnueabihf +# _md5.cpython-38m-x86_64-linux-gnu.so +%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so +%bcond_without profileopt +Name: %{python_pkg_name}%{psuffix} +Version: 3.10.13 +Release: 0 +Summary: Python 3 Interpreter +License: Python-2.0 +URL: https://www.python.org/ +Source0: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz +Source1: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz.asc +Source2: baselibs.conf +Source3: README.SUSE +Source7: macros.python3 +Source8: import_failed.py +Source9: import_failed.map +Source10: pre_checkin.sh +Source11: skipped_tests.py +Source19: idle3.desktop +Source20: idle3.appdata.xml +# content of bluez-devel: +# 1. sudo zypper --pkg-cache-dir /tmp install -f -d --no-recommends bluez-devel +# 2. rpm2cpio /tmp/*/*/bluez-devel-*.rpm|cpio -idu +# 3. mkdir Vendor && mv usr/include/* Vendor/ +# 4. tar cJf bluez-devel-vendor.tar.xz Vendor/ +Source21: bluez-devel-vendor.tar.xz +Source98: python310-rpmlintrc +# Tarball is signed by the GPG key of Pablo Galindo Salgado (0x64E628F8D684696D) +# https://keybase.io/pablogsal/pgp_keys.asc?fingerprint=a035c8c19219ba821ecea86b64e628f8d684696d +Source99: python.keyring +# The following files are not used in the build. +# They are listed here to work around missing functionality in rpmbuild, +# which would otherwise exclude them from distributed src.rpm files. +Source100: PACKAGING-NOTES +# PATCH-FEATURE-UPSTREAM F00251-change-user-install-location.patch bsc#[0-9]+ mcepl@suse.com +# Fix installation in /usr/local (boo#1071941), originally from Fedora +# https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch +# Set values of prefix and exec_prefix in distutils install command +# to /usr/local if executable is /usr/bin/python* and RPM build +# is not detected to make pip and distutils install into separate location +Patch02: F00251-change-user-install-location.patch +# PATCH-FEATURE-UPSTREAM distutils-reproducible-compile.patch gh#python/cpython#8057 mcepl@suse.com +# Improve reproduceability +Patch06: distutils-reproducible-compile.patch +# support finding packages in /usr/local, install to /usr/local by default +Patch07: python-3.3.0b1-localpath.patch +# replace DATE, TIME and COMPILER by fixed definitions to aid reproducible builds +Patch08: python-3.3.0b1-fix_date_time_compiler.patch +# POSIX_FADV_WILLNEED throws EINVAL. Use a different constant in test +Patch09: python-3.3.0b1-test-posix_fadvise.patch +# Raise timeout value for test_subprocess +Patch15: subprocess-raise-timeout.patch +# PATCH-FEATURE-UPSTREAM bpo-31046_ensurepip_honours_prefix.patch bpo#31046 mcepl@suse.com +# ensurepip should honour the value of $(prefix) +Patch29: bpo-31046_ensurepip_honours_prefix.patch +# PATCH-FIX-SLE no-skipif-doctests.patch jsc#SLE-13738 mcepl@suse.com +# SLE-15 version of Sphinx doesn't know about skipif directive in doctests. +Patch33: no-skipif-doctests.patch +# PATCH-FIX-SLE skip-test_pyobject_freed_is_freed.patch mcepl@suse.com +# skip a test failing on SLE-15 +Patch34: skip-test_pyobject_freed_is_freed.patch +# PATCH-FIX-SLE fix_configure_rst.patch bpo#43774 mcepl@suse.com +# remove duplicate link targets and make documentation with old Sphinx in SLE +Patch35: fix_configure_rst.patch +# PATCH-FIX-UPSTREAM bpo-46811 gh#python/cpython#7da97f61816f mcepl@suse.com +# NOTE: SUSE version of expat 2.4.4 is patched in SUSE for CVE-2022-25236 +Patch36: support-expat-CVE-2022-25236-patched.patch +# PATCH-FIX-UPSTREAM bpo-37596-make-set-marshalling.patch bsc#1211765 mcepl@suse.com +# Make `set` and `frozenset` marshalling deterministic +Patch38: bpo-37596-make-set-marshalling.patch +# PATCH-FIX-UPSTREAM gh-78214-marshal_stabilize_FLAG_REF.patch bsc#1213463 mcepl@suse.com +# marshal: Stabilize FLAG_REF usage +Patch39: gh-78214-marshal_stabilize_FLAG_REF.patch +# PATCH-FIX-UPSTREAM CVE-2023-27043-email-parsing-errors.patch bsc#1210638 mcepl@suse.com +# Detect email address parsing errors and return empty tuple to +# indicate the parsing error (old API), from gh#python/cpython!105127 +# Patch carries a REGRESSION (gh#python/cpython#106669), so it has been also partially REVERTED +Patch40: CVE-2023-27043-email-parsing-errors.patch +# PATCH-FIX-UPSTREAM Revert-gh105127-left-tests.patch bsc#1210638 mcepl@suse.com +# Partially revert previous patch +Patch41: Revert-gh105127-left-tests.patch +BuildRequires: autoconf-archive +BuildRequires: automake +BuildRequires: fdupes +BuildRequires: gmp-devel +BuildRequires: lzma-devel +BuildRequires: netcfg +BuildRequires: openssl-devel +BuildRequires: pkgconfig +BuildRequires: xz +BuildRequires: pkgconfig(bzip2) +BuildRequires: pkgconfig(expat) +BuildRequires: pkgconfig(libffi) +BuildRequires: pkgconfig(uuid) +BuildRequires: pkgconfig(zlib) +#!BuildIgnore: gdk-pixbuf-loader-rsvg +%if 0%{?suse_version} >= 1550 +# The provider for python(abi) is in rpm-build-python +BuildRequires: rpm-build-python +%endif +%if 0%{?suse_version} >= 1500 && 0%{?suse_version} < 1599 +BuildRequires: pkgconfig(libnsl) +BuildRequires: pkgconfig(libtirpc) +%endif +%if %{with mpdecimal} +BuildRequires: mpdecimal-devel +%endif +%if %{with doc} +%if 0%{?sle_version} && 0%{?sle_version} <= 150300 +BuildRequires: python3-Sphinx +%else +BuildRequires: python3-Sphinx >= 3.2.0 +%endif +%if 0%{?suse_version} >= 1500 +BuildRequires: python3-python-docs-theme >= 2022.1 +%endif +%endif +%if %{with general} +# required for idle3 (.desktop and .appdata.xml files) +BuildRequires: appstream-glib +BuildRequires: gcc-c++ +BuildRequires: gdbm-devel +BuildRequires: gettext +BuildRequires: readline-devel +BuildRequires: sqlite-devel +BuildRequires: timezone +BuildRequires: update-desktop-files +BuildRequires: pkgconfig(ncurses) +BuildRequires: pkgconfig(tk) +BuildRequires: pkgconfig(x11) +Requires: %{python_pkg_name}-base = %{version} +Provides: %{python_pkg_name}-readline +Provides: %{python_pkg_name}-sqlite3 +Recommends: %{python_pkg_name}-curses +Recommends: %{python_pkg_name}-dbm +Recommends: %{python_pkg_name}-pip +%obsolete_python_versioned +%if %{primary_interpreter} +Provides: python3 = %{python_version} +Provides: python3-readline +Provides: python3-sqlite3 +%endif +%endif + +%description +Python 3 is modern interpreted, object-oriented programming language, +often compared to Tcl, Perl, Scheme, or Java. You can find an overview +of Python in the documentation and tutorials included in the python3-doc +package. + +This package supplies rich command line features provided by readline, +and sqlite3 support for the interpreter core, thus forming a so called +"extended" runtime. +Installing "python3" is sufficient for the vast majority of usecases. +In addition, recommended packages provide UI toolkit support (python3-curses, +python3-tk), legacy UNIX database bindings (python3-dbm), and the IDLE +development environment (python3-idle). + +%package -n %{python_pkg_name}-tk +Summary: TkInter, a Python Tk Interface +Requires: %{python_pkg_name} = %{version} +%obsolete_python_versioned tk +%if %{primary_interpreter} +Provides: python3-tk = %{version} +%endif + +%description -n %{python_pkg_name}-tk +Python interface to Tk. Tk is the GUI toolkit that comes with Tcl. + +%package -n %{python_pkg_name}-curses +Summary: Python Interface to the (N)Curses Library +Requires: %{python_pkg_name} = %{version} +%obsolete_python_versioned curses +%if %{primary_interpreter} +Provides: python3-curses +%endif + +%description -n %{python_pkg_name}-curses +An easy to use interface to the (n)curses CUI library. CUI stands for +Console User Interface. + +%package -n %{python_pkg_name}-dbm +Summary: Python Interface to the GDBM Library +Requires: %{python_pkg_name} = %{version} +%obsolete_python_versioned dbm +%if %{primary_interpreter} +Provides: python3-dbm +%endif + +%description -n %{python_pkg_name}-dbm +An easy to use interface for Unix DBM databases, and more specifically, +the GNU implementation GDBM. + +%package -n %{python_pkg_name}-idle +Summary: An Integrated Development Environment for Python +Requires: %{python_pkg_name} = %{version} +Requires: %{python_pkg_name}-tk +%obsolete_python_versioned idle +%if %{primary_interpreter} +Provides: python3-idle = %{version} +%endif + +%description -n %{python_pkg_name}-idle +IDLE is a Tkinter based integrated development environment for Python. +It features a multi-window text editor with multiple undo, Python +colorizing, and many other things, as well as a Python shell window and +a debugger. + +%package -n %{python_pkg_name}-doc +Summary: Package Documentation for Python 3 +Enhances: %{python_pkg_name} = %{python_version} +%obsolete_python_versioned doc +%if %{primary_interpreter} +Provides: python3-doc = %{version} +%endif + +%description -n %{python_pkg_name}-doc +Tutorial, Global Module Index, Language Reference, Library Reference, +Extending and Embedding Reference, Python/C API Reference, Documenting +Python, and Macintosh Module Reference in HTML format. + +%package -n %{python_pkg_name}-doc-devhelp +Summary: Additional Package Documentation for Python 3 in devhelp format +%obsolete_python_versioned doc-devhelp +%if %{primary_interpreter} +Provides: python3-doc-devhelp = %{version} +%endif + +%description -n %{python_pkg_name}-doc-devhelp +Tutorial, Global Module Index, Language Reference, Library Reference, +Extending and Embedding Reference, Python/C API Reference, Documenting +Python, and Macintosh Module Reference in format for devhelp. + +%package -n %{python_pkg_name}-base +Summary: Python 3 Interpreter and Stdlib Core +Requires: libpython%{so_version} = %{version} +Recommends: %{python_pkg_name} = %{version} +%obsolete_python_versioned base +#Recommends: python3-ensurepip +# python 3.1 didn't have a separate python-base, so it is wrongly +# not a conflict to have python3-3.1 and python3-base > 3.1 +Obsoletes: python3 < 3.2 +# no Provides, because python3 is obviously provided by package python3 +# python 3.4 provides asyncio +Provides: %{python_pkg_name}-asyncio = %{version} +%obsolete_python_versioned asyncio +# python 3.6 provides typing +Provides: %{python_pkg_name}-typing = %{version} +%obsolete_python_versioned typing +# python3-xml was merged into python3, now moved into -base +Provides: %{python_pkg_name}-xml = %{version} +%if %{primary_interpreter} +Provides: python3-asyncio = %{version} +Obsoletes: python3-asyncio < %{version} +Provides: python3-base = %{version} +Obsoletes: python3-base < %{version} +Provides: python3-typing = %{version} +Obsoletes: python3-typing < %{version} +Provides: python3-xml = %{version} +Obsoletes: python3-xml < %{version} +%endif + +%description -n %{python_pkg_name}-base +Python is an interpreted, object-oriented programming language, and is +often compared to Tcl, Perl, Scheme, or Java. You can find an overview +of Python in the documentation and tutorials included in the python-doc +package. + +This package contains the interpreter core and most commonly used modules +from the standard library. This is sufficient for many usecases, but it +excludes components that depend on external libraries, most notably XML, +database and UI toolkits support. + +%package -n %{python_pkg_name}-tools +Summary: Python Utility and Demonstration Scripts +Requires: %{python_pkg_name}-base = %{version} +Provides: %{python_pkg_name}-2to3 = %{version} +Provides: %{python_pkg_name}-demo = %{version} +%obsolete_python_versioned tools +%if %{primary_interpreter} +Provides: python3-2to3 = %{version} +Provides: python3-demo = %{version} +Provides: python3-tools = %{version} +Obsoletes: python3-2to3 < %{version} +Obsoletes: python3-demo < %{version} +%endif + +%description -n %{python_pkg_name}-tools +A number of scripts that are useful for building, testing or extending Python, +and a set of demonstration programs. + +%package -n %{python_pkg_name}-devel +Summary: Include Files and Libraries Mandatory for Building Python Modules +Requires: %{python_pkg_name}-base = %{version} +%obsolete_python_versioned devel +%if %{primary_interpreter} +Provides: python3-devel = %{version} +%endif + +%description -n %{python_pkg_name}-devel +The Python programming language's interpreter can be extended with +dynamically loaded extensions and can be embedded in other programs. + +This package contains header files, a static library, and development +tools for building Python modules, extending the Python interpreter or +embedding Python in applications. + +This also includes the Python distutils, which were in the Python +package up to version 2.2.2. + +%package -n %{python_pkg_name}-testsuite +Summary: Unit tests for Python and its standard library +Requires: %{python_pkg_name} = %{version} +Requires: %{python_pkg_name}-tk = %{version} +%obsolete_python_versioned testsuite +%if %{primary_interpreter} +Provides: python3-testsuite = %{version} +%endif + +%description -n %{python_pkg_name}-testsuite +Unit tests that are useful for verifying integrity and functionality +of the installed Python interpreter and standard library. +They are a documented part of stdlib, as a module 'test'. + +%package -n libpython%{so_version} +Summary: Python Interpreter shared library +Requires: %{python_pkg_name}-base >= %{version} + +%description -n libpython%{so_version} +Python is an interpreted, object-oriented programming language, and is +often compared to Tcl, Perl, Scheme, or Java. You can find an overview +of Python in the documentation and tutorials included in the python-doc +(HTML) or python-doc-pdf (PDF) packages. + +This package contains libpython3.2 shared library for embedding in +other applications. + +%prep +%setup -q -n %{tarname} +%patch02 -p1 +%patch06 -p1 +%patch07 -p1 +%patch08 -p1 +%patch09 -p1 +%patch15 -p1 +%patch29 -p1 +%if 0%{?sle_version} && 0%{?sle_version} <= 150300 +%patch33 -p1 +%patch34 -p1 +%endif +%patch35 -p1 +%patch36 -p1 +%patch38 -p1 +%patch39 -p1 +%patch40 -p1 +%patch41 -p1 + +# drop Autoconf version requirement +sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac + +%if %{primary_interpreter} +# fix shebangs - convert /usr/local/bin/python and /usr/bin/env/python to /usr/bin/python3 +for dir in Lib Tools; do + # find *.py, filter to files that contain bad shebangs + # break up "/""usr" like this to prevent replacing with %%{_prefix} + find $dir -name '*.py' -type f -print0 \ + | xargs -0 grep -lE '^#! *(/''usr/.*bin/(env +)?)?python' \ + | xargs sed -r -i -e '1s@^#![[:space:]]*(/''usr/(local/)?bin/(env +)?)?python([0-9]+(\.[0-9]+)?)?@#!%{_bindir}/python3@' +done +%else +# For non-primary Python, just don't bother (bsc#1193179) and remove all +# those shebangs +for dir in Lib Tools; do + find $dir -name '*.py' -type f -exec sed -i '1{/^#!.*python/ d}' '{}' \; +done +# We shortened the file Lib/pdb.py so we have to move the test breakpoint location +sed -i -e '/Breakpoint 3 at ...pdb.py:94/s/94/93/' Lib/test/test_pdb.py +%endif + +# drop in-tree libffi and expat +rm -r Modules/_ctypes/libffi* Modules/_ctypes/darwin +rm -r Modules/expat + +# drop duplicate README from site-packages +rm Lib/site-packages/README.txt + +# Add vendored bluez-devel files +tar xvf %{SOURCE21} + +%build +%if %{with doc} +TODAY_DATE=`date -r %{SOURCE0} "+%%B %%d, %%Y"` +# TODO use not date of tarball but date of latest patch + +cd Doc +sed -i "s/^today = .*/today = '$TODAY_DATE'/" conf.py +%make_build -j1 html + +# Build also devhelp files +sphinx-build -a -b devhelp . build/devhelp +rm -rfv build/devhelp/.doctrees +%else +%define _lto_cflags %{nil} +# use rpm_opt_flags +export OPT="%{optflags} -DOPENSSL_LOAD_CONF -fwrapv $(pkg-config --cflags-only-I libffi) -fno-semantic-interposition" + +touch -r %{SOURCE0} Makefile.pre.in + +autoreconf -fvi + +%if 0%{?sles_version} +sed -e 's/-fprofile-correction//' -i Makefile.pre.in +%endif + +export CFLAGS="%{optflags} -IVendor/" + +%configure \ + --with-platlibdir=%{_lib} \ + --docdir=%{_docdir}/python \ + --enable-ipv6 \ + --enable-shared \ + --with-ensurepip=no \ + --with-system-ffi \ + --with-system-expat \ + --with-lto \ +%if %{with profileopt} + --enable-optimizations \ +%endif +%if %{with mpdecimal} + --with-system-libmpdec \ +%endif + --enable-loadable-sqlite-extensions + +# prevent make from trying to rebuild PYTHON_FOR_GEN stuff +# %%make_build -t Python/Python-ast.c \ + # Include/Python-ast.h \ + # Objects/typeslots.inc \ + # Python/opcode_targets.h \ + # Include/opcode.h +%make_build + +%if %{with general} +%make_build +%endif +%if %{with base} +%if %{with profileopt} + target=profile-opt +%else + target=all +%endif +LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH \ + %make_build $target +%endif +%endif + +%check +%if %{with general} +# exclude test_gdb -- it doesn't run in buildservice anyway, and fails on missing debuginfos +# when you install gdb into your test env +EXCLUDE="test_gdb" +# we patch out the message to recommend zypper in and thus this would fail +EXCLUDE="$EXCLUDE test_pydoc" + +%ifarch %{arm} s390x +# test_multiprocessing_forkserver is racy +EXCLUDE="$EXCLUDE test_multiprocessing_forkserver" +%endif +%ifarch ppc ppc64 ppc64le +# exclue test_faulthandler due to bnc#831629 +EXCLUDE="$EXCLUDE test_faulthandler" +%endif +# some tests break in QEMU +%if 0%{?qemu_user_space_build} +EXCLUDE="$EXCLUDE test_faulthandler test_multiprocessing_forkserver test_multiprocessing_spawn test_os test_posix test_signal test_socket test_subprocess" +%endif + +# This test (part of test_uuid) requires real network interfaces +# so that ifconfig output has "HWaddr ". Some kvm instances +# done have any such interface breaking the uuid module. +EXCLUDE="$EXCLUDE test_uuid" + +# bsc#1195140 and bpo#37169 - test_capi is failing on openSUSE, and not sure why +EXCLUDE="$EXCLUDE test_capi" + +# Limit virtual memory to avoid spurious failures +if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then + ulimit -v 10000000 || : +fi + +export PYTHONPATH="$(pwd -P)/Lib" +# Use timeout, like make target buildbottest +# We cannot run tests parallel, because osc build environment doesn’t +# have /dev/shm +%make_build -j1 test TESTOPTS="-u curses -v -x $EXCLUDE --timeout=3000" +# use network, be verbose: +#make test TESTOPTS="-l -u network -v" +%endif + +%install +%if %{with doc} +export PDOCS=%{buildroot}%{_docdir}/python%{python_version} +mkdir -p $PDOCS +# generated docs +rm Doc/build/*/.buildinfo +cp -r Doc/build/html $PDOCS +# misc +install -d -m 755 $PDOCS/Misc +rm Misc/README.AIX +for i in Misc/* ; do + [ -f $i ] && install -c -m 644 $i $PDOCS/Misc/ +done +# devhelp +mkdir -p %{buildroot}%{_datadir}/gtk-doc/html +cp -r Doc/build/devhelp %{buildroot}%{_datadir}/gtk-doc/html/Python%{python_version} +rm -rf %{buildroot}%{_datadir}/gtk-doc/html/Python%{python_version}/.doctrees +%endif +%if %{with general} +%make_install + +# clean out stuff that is in python-base and subpackages + +find %{buildroot}%{_bindir} -mindepth 1 -not -name "*idle3*" -print -delete +rm %{buildroot}%{_libdir}/lib* +rm -r %{buildroot}%{_libdir}/pkgconfig +rm -r %{buildroot}%{_mandir}/* +rm -r %{buildroot}%{_includedir}/* + +rm -r %{buildroot}%{sitedir}/config* +find %{buildroot}%{sitedir} -name "*.egg-info" -delete +rm -r %{buildroot}%{sitedir}/__pycache__ +rm -r %{buildroot}%{sitedir}/site-packages +rm %{buildroot}%{sitedir}/*.* + +for module in \ + asyncio ctypes collections concurrent distutils email encodings \ + ensurepip html http \ + importlib json logging multiprocessing pydoc_data unittest \ + urllib venv wsgiref lib2to3 test turtledemo \ + xml xmlrpc zoneinfo +do + rm -r %{buildroot}%{sitedir}/$module +done + +for library in \ + array _asyncio audioop binascii _bisect _bz2 cmath _codecs_* \ + _contextvars _crypt _csv _ctypes _datetime _decimal fcntl grp \ + _hashlib _heapq _json _lsprof _lzma math mmap _multibytecodec \ + _multiprocessing _opcode ossaudiodev _pickle _posixshmem \ + _posixsubprocess _queue _random resource select _ssl _socket spwd \ + _statistics _struct syslog termios _testbuffer _testimportmultiple \ + _testmultiphase unicodedata zlib _ctypes_test _testinternalcapi _testcapi \ + _testclinic xxlimited xxlimited_35 \ + _xxtestfuzz _xxsubinterpreters _elementtree pyexpat _md5 _sha1 \ + _sha256 _sha512 _blake2 _sha3 _uuid _zoneinfo +do + eval rm "%{buildroot}%{sitedir}/lib-dynload/$library.*" +done + +# Idle is not packaged in base due to the appstream-glib dependency +# move idle config into /etc +install -d -m 755 %{buildroot}%{_sysconfdir}/idle%{python_version} +( + cd %{buildroot}/%{sitedir}/idlelib/ + for file in *.def ; do + mv $file %{buildroot}%{_sysconfdir}/idle%{python_version}/ + ln -sf %{_sysconfdir}/idle%{python_version}/$file %{buildroot}/%{sitedir}/idlelib/ + done +) + +# keep just idle3.X +rm %{buildroot}%{_bindir}/idle3 + +# install idle icons +for size in 16 32 48 ; do + install -m 644 -D Lib/idlelib/Icons/idle_${size}.png \ + %{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle%{python_version}.png +done + +# install idle desktop file +cp %{SOURCE19} idle%{python_version}.desktop +sed -i -e 's:idle3:idle%{python_version}:g' idle%{python_version}.desktop +install -m 644 -D -t %{buildroot}%{_datadir}/applications idle%{python_version}.desktop +%suse_update_desktop_file idle%{python_version} + +cp %{SOURCE20} idle%{python_version}.appdata.xml +sed -i -e 's:idle3.desktop:idle%{python_version}.desktop:g' idle%{python_version}.appdata.xml +install -m 644 -D -t %{buildroot}%{_datadir}/metainfo idle%{python_version}.appdata.xml +appstream-util validate-relax --nonet %{buildroot}%{_datadir}/metainfo/idle%{python_version}.appdata.xml + +%fdupes %{buildroot}/%{_libdir}/python%{python_version} +%endif +%if %{with base} +%make_install + +# remove .a +find %{buildroot} -name "*.a" -delete + +# install "site-packages" and __pycache__ for third parties +install -d -m 755 %{buildroot}%{sitedir}/site-packages +install -d -m 755 %{buildroot}%{sitedir}/site-packages/__pycache__ +# and their 32bit counterparts explicitly +mkdir -p %{buildroot}%{_prefix}/lib/python%{python_version}/site-packages/__pycache__ + +# cleanup parts that don't belong +for dir in curses dbm sqlite3 tkinter idlelib; do + find "%{buildroot}/%{sitedir}/$dir"/* -maxdepth 0 -name "test" -o -exec rm -rf {} + +done +rm -fv %{buildroot}%{dynlib nis} + +# overwrite the copied binary with a link +ln -sf python%{python_version} %{buildroot}%{_bindir}/python3 + +# decide to ship python3 or just python3.X +%if !%{primary_interpreter} +# base +rm %{buildroot}%{_bindir}/python3 +rm %{buildroot}%{_bindir}/pydoc3 +rm %{buildroot}%{_mandir}/man1/python3.1 +# devel +rm %{buildroot}%{_bindir}/python3-config +rm %{buildroot}%{_libdir}/libpython3.so +rm %{buildroot}%{_libdir}/pkgconfig/{python3,python3-embed}.pc +%endif + +# link shared library instead of static library that tools expect +ln -s ../../libpython%{python_abi}.so %{buildroot}%{_libdir}/python%{python_version}/config-%{python_abi}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}/libpython%{python_abi}.so + +# delete idle3, which has to many packaging dependencies for base +rm %{buildroot}%{_bindir}/idle3* + +# delete the generic 2to3 binary if we are not primary +%if !%{primary_interpreter} +rm %{buildroot}%{_bindir}/2to3 +%endif + +# replace duplicate .pyo/.pyc with hardlinks +%fdupes %{buildroot}/%{sitedir} + +# documentation +export PDOCS=%{buildroot}%{_docdir}/%{name} +install -d -m 755 $PDOCS +install -c -m 644 %{SOURCE3} $PDOCS/ +install -c -m 644 README.rst $PDOCS/ + +# tools +for x in `find Tools/ \( -not -name Makefile \) -print | sort` ; do + test -d $x && ( install -c -m 755 -d $PDOCS/$x ) \ + || ( install -c -m 644 $x $PDOCS/$x ) +done +# gdb script is shipped with devel subpackage +rm -r $PDOCS/Tools/gdb +# clean up the bat files +find "$PDOCS" -name "*.bat" -delete + +# put gdb helper script into place +install -m 755 -D Tools/gdb/libpython.py %{buildroot}%{_datadir}/gdb/auto-load/%{_libdir}/libpython%{python_abi}.so.%{so_major}.%{so_minor}-gdb.py + +# install devel files to /config +#cp Makefile Makefile.pre.in Makefile.pre $RPM_BUILD_ROOT%{sitedir}/config-%{python_abi}/ + +# RPM macros +%if %{primary_interpreter} +mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d/ +install -m 644 %{SOURCE7} %{buildroot}%{_rpmconfigdir}/macros.d/ # macros.python3 +%endif + +# import_failed hooks +FAILDIR=%{buildroot}/%{sitedir}/_import_failed +mkdir $FAILDIR +install -m 644 %{SOURCE8} %{SOURCE9} $FAILDIR # import_failed.* +LD_LIBRARY_PATH=. ./python -c "from py_compile import compile; compile('$FAILDIR/import_failed.py', dfile='%{sitedir}/_import_failed/import_failed.py')" +LD_LIBRARY_PATH=. ./python -O -c "from py_compile import compile; compile('$FAILDIR/import_failed.py', dfile='%{sitedir}/_import_failed/import_failed.py')" +( + cd $FAILDIR + while read package modules; do + for module in $modules; do + ln import_failed.py $module.py + pushd __pycache__ + for i in import_failed*; do + ln $i "$module${i#import_failed}" + done + popd + done + done < %{SOURCE9} +) +echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-import-failed-hooks.pth +%endif + +%if %{with general} +%files -n %{python_pkg_name}-tk +%defattr(644, root, root, 755) +%{sitedir}/tkinter +%exclude %{sitedir}/tkinter/test +%{dynlib _tkinter} + +%files -n %{python_pkg_name}-curses +%defattr(644, root, root, 755) +%{sitedir}/curses +%{dynlib _curses} +%{dynlib _curses_panel} + +%files -n %{python_pkg_name}-dbm +%defattr(644, root, root, 755) +%{sitedir}/dbm +%{dynlib _dbm} +%{dynlib _gdbm} + +%files -n %{python_pkg_name} +%defattr(644, root, root, 755) +%dir %{sitedir} +%dir %{sitedir}/lib-dynload +%{sitedir}/sqlite3 +%exclude %{sitedir}/sqlite3/test +%{dynlib readline} +%{dynlib _sqlite3} +%if 0%{?suse_version} >= 1500 && 0%{?suse_version} < 1599 +%{dynlib nis} +%endif + +%files -n %{python_pkg_name}-idle +%defattr(644, root, root, 755) +%{sitedir}/idlelib +%dir %{_sysconfdir}/idle%{python_version} +%config %{_sysconfdir}/idle%{python_version}/* +%doc Lib/idlelib/NEWS.txt +%doc Lib/idlelib/README.txt +%doc Lib/idlelib/TODO.txt +%doc Lib/idlelib/extend.txt +%doc Lib/idlelib/ChangeLog +%{_bindir}/idle%{python_version} +%{_datadir}/applications/idle%{python_version}.desktop +%{_datadir}/metainfo/idle%{python_version}.appdata.xml +%{_datadir}/icons/hicolor/*/apps/idle%{python_version}.png +%dir %{_datadir}/icons/hicolor +%dir %{_datadir}/icons/hicolor/16x16 +%dir %{_datadir}/icons/hicolor/32x32 +%dir %{_datadir}/icons/hicolor/48x48 +%dir %{_datadir}/icons/hicolor/*/apps +%attr(755, root, root) %{_bindir}/idle%{python_version} +# endif for if general +%endif + +%if %{with doc} +%files -n %{python_pkg_name}-doc +%dir %{_docdir}/python%{python_version} +%doc %{_docdir}/python%{python_version}/Misc +%doc %{_docdir}/python%{python_version}/html + +%files -n %{python_pkg_name}-doc-devhelp +%dir %{_datadir}/gtk-doc +%dir %{_datadir}/gtk-doc/html +%doc %{_datadir}/gtk-doc/html/Python%{python_version} +%endif + +%if %{with base} +%post -n libpython%{so_version} -p /sbin/ldconfig +%postun -n libpython%{so_version} -p /sbin/ldconfig + +%files -n libpython%{so_version} +%defattr(644, root,root) +%{_libdir}/libpython%{python_abi}.so.%{so_major}.%{so_minor} + +%files -n %{python_pkg_name}-tools +%defattr(644, root, root, 755) +%{sitedir}/turtledemo +%if %{primary_interpreter} +%{_bindir}/2to3 +%endif +%attr(755, root, root)%{_bindir}/2to3-%{python_version} +%doc %{_docdir}/%{name}/Tools + +%files -n %{python_pkg_name}-devel +%defattr(644, root, root, 755) +%{_libdir}/libpython%{python_abi}.so +%if %{primary_interpreter} +%{_libdir}/libpython3.so +%endif +%{_libdir}/pkgconfig/* +%{_includedir}/python%{python_abi} +%{sitedir}/config-%{python_abi}-* +%defattr(755, root, root) +%{_bindir}/python%{python_abi}-config +%if %{primary_interpreter} +%{_bindir}/python3-config +%endif +# Own these directories to not depend on gdb +%dir %{_datadir}/gdb +%dir %{_datadir}/gdb/auto-load +%dir %{_datadir}/gdb/auto-load%{_prefix} +%dir %{_datadir}/gdb/auto-load%{_libdir} +%{_datadir}/gdb/auto-load/%{_libdir}/libpython%{python_abi}.so.%{so_major}.%{so_minor}-gdb.py + +%files -n %{python_pkg_name}-testsuite +%defattr(644, root, root, 755) +%{sitedir}/test +%{sitedir}/*/test +%{sitedir}/*/tests +%{dynlib _ctypes_test} +%{dynlib _testbuffer} +%{dynlib _testcapi} +%{dynlib _testclinic} +%{dynlib _testinternalcapi} +%{dynlib _testimportmultiple} +%{dynlib _testmultiphase} +%{dynlib xxlimited} +# workaround for missing packages +%dir %{sitedir}/sqlite3 +%dir %{sitedir}/tkinter + +%files -n %{python_pkg_name}-base +%defattr(644, root, root, 755) +# docs +%dir %{_docdir}/%{name} +%doc %{_docdir}/%{name}/README.rst +%license LICENSE +%doc %{_docdir}/%{name}/README.SUSE +%if %{primary_interpreter} +%{_mandir}/man1/python3.1%{?ext_man} +%endif +%{_mandir}/man1/python%{python_version}.1%{?ext_man} +# license text, not a doc because the code can use it at run-time +%{sitedir}/LICENSE.txt +# RPM macros +%if %{primary_interpreter} +%{_rpmconfigdir}/macros.d/macros.python3 +%endif +# binary parts +%dir %{sitedir}/lib-dynload +%{dynlib array} +%{dynlib _asyncio} +%{dynlib audioop} +%{dynlib binascii} +%{dynlib _bisect} +%{dynlib _bz2} +%{dynlib cmath} +%{dynlib _codecs_cn} +%{dynlib _codecs_hk} +%{dynlib _codecs_iso2022} +%{dynlib _codecs_jp} +%{dynlib _codecs_kr} +%{dynlib _codecs_tw} +%{dynlib _contextvars} +%{dynlib _crypt} +%{dynlib _csv} +%{dynlib _ctypes} +%{dynlib _datetime} +%{dynlib _decimal} +%{dynlib _elementtree} +%{dynlib fcntl} +%{dynlib grp} +%{dynlib _hashlib} +%{dynlib _heapq} +%{dynlib _json} +%{dynlib _lsprof} +%{dynlib _lzma} +%{dynlib math} +%{dynlib mmap} +%{dynlib _multibytecodec} +%{dynlib _multiprocessing} +%{dynlib _opcode} +%{dynlib ossaudiodev} +%{dynlib _pickle} +%{dynlib _posixshmem} +%{dynlib _posixsubprocess} +%{dynlib pyexpat} +%{dynlib _queue} +%{dynlib _random} +%{dynlib resource} +%{dynlib select} +%{dynlib _socket} +%{dynlib spwd} +%{dynlib _ssl} +%{dynlib _statistics} +%{dynlib _struct} +%{dynlib syslog} +%{dynlib termios} +%{dynlib unicodedata} +%{dynlib _uuid} +%{dynlib _xxsubinterpreters} +%{dynlib _xxtestfuzz} +%{dynlib xxlimited_35} +%{dynlib zlib} +%{dynlib _zoneinfo} +# hashlib fallback modules +%{dynlib _blake2} +%{dynlib _md5} +%{dynlib _sha1} +%{dynlib _sha256} +%{dynlib _sha512} +%{dynlib _sha3} +# python parts +%dir %{_prefix}/lib/python%{python_version} +%dir %{_prefix}/lib/python%{python_version}/site-packages +%dir %{_prefix}/lib/python%{python_version}/site-packages/__pycache__ +%dir %{sitedir} +%dir %{sitedir}/site-packages +%dir %{sitedir}/site-packages/__pycache__ +%exclude %{sitedir}/*/test +%exclude %{sitedir}/*/tests +%{sitedir}/*.py +%{sitedir}/asyncio +%{sitedir}/ctypes +%{sitedir}/collections +%{sitedir}/concurrent +%{sitedir}/distutils +%{sitedir}/email +%{sitedir}/encodings +%{sitedir}/ensurepip +%{sitedir}/html +%{sitedir}/http +%{sitedir}/importlib +%{sitedir}/json +%{sitedir}/lib2to3 +%{sitedir}/logging +%{sitedir}/multiprocessing +%{sitedir}/pydoc_data +%{sitedir}/unittest +%{sitedir}/urllib +%{sitedir}/venv +%{sitedir}/wsgiref +%{sitedir}/xml +%{sitedir}/xmlrpc +%{sitedir}/zoneinfo +%{sitedir}/__pycache__ +# import-failed hooks +%{sitedir}/_import_failed +%{sitedir}/site-packages/zzzz-import-failed-hooks.pth +# symlinks +%if %{primary_interpreter} +%{_bindir}/python3 +%{_bindir}/pydoc3 +%endif +# executables +%attr(755, root, root) %{_bindir}/pydoc%{python_version} +# %%attr(755, root, root) %%{_bindir}/python%%{python_abi} +%attr(755, root, root) %{_bindir}/python%{python_version} +# endif for if base +%endif + +%changelog diff --git a/skip-test_pyobject_freed_is_freed.patch b/skip-test_pyobject_freed_is_freed.patch new file mode 100644 index 0000000..8b7f5f4 --- /dev/null +++ b/skip-test_pyobject_freed_is_freed.patch @@ -0,0 +1,14 @@ +--- + Lib/test/test_capi.py | 1 + + 1 file changed, 1 insertion(+) + +--- a/Lib/test/test_capi.py ++++ b/Lib/test/test_capi.py +@@ -941,6 +941,7 @@ class PyMemDebugTests(unittest.TestCase) + def test_pyobject_forbidden_bytes_is_freed(self): + self.check_pyobject_is_freed('check_pyobject_forbidden_bytes_is_freed') + ++ @unittest.skip('Failing on Leap 15.*') + def test_pyobject_freed_is_freed(self): + self.check_pyobject_is_freed('check_pyobject_freed_is_freed') + diff --git a/skipped_tests.py b/skipped_tests.py new file mode 100644 index 0000000..3992764 --- /dev/null +++ b/skipped_tests.py @@ -0,0 +1,69 @@ +#!/usr/bin/python3 +""" +Simple regexp-based skipped test checker. +It lists tests that are mentioned (presumably for exclusion) +in BASE, and in MAIN (presumably for inclusion) +and reports discrepancies. + +This will have a number of +""" + +MAIN = "python39.spec" + +import glob +import re +from os.path import basename + +alltests = set() +qemu_exclusions = set() + +for item in glob.glob("Python-*/Lib/test/test_*"): + testname = basename(item) + if testname.endswith(".py"): + testname = testname[:-3] + alltests.add(testname) + +testre = re.compile(r'[\s"](test_\w+)\b') + +def find_tests_in_spec(specname): + global qemu_exclusions + + found_tests = set() + with open(specname) as spec: + in_qemu = False + for line in spec: + line = line.strip() + if "#" in line: + line = line[:line.index("#")] + tests = set(testre.findall(line)) + found_tests |= tests + if line == "%if 0%{?qemu_user_space_build} > 0": + in_qemu = True + if in_qemu: + if line == "%endif": + in_qemu = False + qemu_exclusions |= tests + return found_tests + +excluded = find_tests_in_spec(MAIN) + +#print("--- excluded tests:", " ".join(sorted(excluded))) +#print("--- included tests:", " ".join(sorted(included))) + +mentioned = excluded +nonexistent = mentioned - alltests +missing = excluded - qemu_exclusions + +print("--- the following tests are excluded for QEMU and not tested in python") +print("--- (that probably means we don't need to worry about them)") +for test in sorted(qemu_exclusions - excluded): + print(test) + +print("--- the following tests might be excluded in python:") +for test in sorted(missing): + print(test) + +if nonexistent: + print("--- the following tests don't exist:") + for test in sorted(nonexistent): + print(test) diff --git a/subprocess-raise-timeout.patch b/subprocess-raise-timeout.patch new file mode 100644 index 0000000..d734f9a --- /dev/null +++ b/subprocess-raise-timeout.patch @@ -0,0 +1,18 @@ +--- + Lib/test/test_subprocess.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: Python-3.10.12/Lib/test/test_subprocess.py +=================================================================== +--- Python-3.10.12.orig/Lib/test/test_subprocess.py ++++ Python-3.10.12/Lib/test/test_subprocess.py +@@ -268,7 +268,8 @@ class ProcessTestCase(BaseTestCase): + "time.sleep(3600)"], + # Some heavily loaded buildbots (sparc Debian 3.x) require + # this much time to start and print. +- timeout=3) ++ # OBS might require even more ++ timeout=10) + self.fail("Expected TimeoutExpired.") + self.assertEqual(c.exception.output, b'BDFL') + diff --git a/support-expat-CVE-2022-25236-patched.patch b/support-expat-CVE-2022-25236-patched.patch new file mode 100644 index 0000000..deb896c --- /dev/null +++ b/support-expat-CVE-2022-25236-patched.patch @@ -0,0 +1,75 @@ +From 7da97f61816f3cadaa6788804b22a2434b40e8c5 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 21 Feb 2022 08:16:09 -0800 +Subject: [PATCH] bpo-46811: Make test suite support Expat >=2.4.5 (GH-31453) + (GH-31472) + +Curly brackets were never allowed in namespace URIs +according to RFC 3986, and so-called namespace-validating +XML parsers have the right to reject them a invalid URIs. + +libexpat >=2.4.5 has become strcter in that regard due to +related security issues; with ET.XML instantiating a +namespace-aware parser under the hood, this test has no +future in CPython. + +References: +- https://datatracker.ietf.org/doc/html/rfc3968 +- https://www.w3.org/TR/xml-names/ + +Also, test_minidom.py: Support Expat >=2.4.5 +(cherry picked from commit 2cae93832f46b245847bdc252456ddf7742ef45e) + +Co-authored-by: Sebastian Pipping +--- + Lib/test/test_minidom.py | 23 +++++++++-------------- + 1 file changed, 9 insertions(+), 14 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst + +--- a/Lib/test/test_minidom.py ++++ b/Lib/test/test_minidom.py +@@ -6,7 +6,6 @@ import io + from test import support + import unittest + +-import pyexpat + import xml.dom.minidom + + from xml.dom.minidom import parse, Attr, Node, Document, parseString +@@ -1163,13 +1162,11 @@ class MinidomTest(unittest.TestCase): + + # Verify that character decoding errors raise exceptions instead + # of crashing +- if pyexpat.version_info >= (2, 4, 5): +- self.assertRaises(ExpatError, parseString, +- b'') +- self.assertRaises(ExpatError, parseString, +- b'Comment \xe7a va ? Tr\xe8s bien ?') +- else: +- self.assertRaises(UnicodeDecodeError, parseString, ++ # It doesn’t make any sense to insist on the exact text of the ++ # error message, or even the exact Exception … it is enough that ++ # the error has been discovered. ++ with self.assertRaises((UnicodeDecodeError, ExpatError)): ++ parseString( + b'Comment \xe7a va ? Tr\xe8s bien ?') + + doc.unlink() +@@ -1631,12 +1628,10 @@ class MinidomTest(unittest.TestCase): + self.confirm(doc2.namespaceURI == xml.dom.EMPTY_NAMESPACE) + + def testExceptionOnSpacesInXMLNSValue(self): +- if pyexpat.version_info >= (2, 4, 5): +- context = self.assertRaisesRegex(ExpatError, 'syntax error') +- else: +- context = self.assertRaisesRegex(ValueError, 'Unsupported syntax') +- +- with context: ++ # It doesn’t make any sense to insist on the exact text of the ++ # error message, or even the exact Exception … it is enough that ++ # the error has been discovered. ++ with self.assertRaises((ExpatError, ValueError)): + parseString('') + + def testDocRemoveChild(self):