Sync from SUSE:ALP:Source:Standard:1.0 python311 revision e9d1dfb702590560732243725ddec50f

2024-08-27 17:46:44 +02:00
parent 8bfc10dec6
commit 6c3c394b74
9 changed files with 1246 additions and 250 deletions
--- a/python311.spec
+++ b/python311.spec
@@ -155,9 +155,6 @@ Patch10:        skip-test_pyobject_freed_is_freed.patch
 # PATCH-FIX-SLE fix_configure_rst.patch bpo#43774 mcepl@suse.com
 # remove duplicate link targets and make documentation with old Sphinx in SLE
 Patch11:        fix_configure_rst.patch
-# PATCH-FIX-UPSTREAM support-expat-CVE-2022-25236-patched.patch jsc#SLE-21253 mcepl@suse.com
-# Makes Python resilient to changes of API of libexpat
-Patch12:        support-expat-CVE-2022-25236-patched.patch
 # PATCH-FIX-UPSTREAM skip_if_buildbot-extend.patch gh#python/cpython#103053 mcepl@suse.com
 # Skip test_freeze_simple_script
 Patch13:        skip_if_buildbot-extend.patch
@@ -165,15 +162,29 @@ Patch13:        skip_if_buildbot-extend.patch
 # Detect email address parsing errors and return empty tuple to
 # indicate the parsing error (old API)
 Patch14:        CVE-2023-27043-email-parsing-errors.patch
-# PATCH-FIX-UPSTREAM libexpat260.patch gh#python/cpython#115289
-# Fix tests for XMLPullParser with Expat 2.6.0
-Patch15:        libexpat260.patch
 # PATCH-FIX-UPSTREAM CVE-2023-6597-TempDir-cleaning-symlink.patch bsc#1219666 mcepl@suse.com
 # tempfile.TemporaryDirectory: fix symlink bug in cleanup (from gh#python/cpython!99930)
-Patch16:        CVE-2023-6597-TempDir-cleaning-symlink.patch
+Patch15:        CVE-2023-6597-TempDir-cleaning-symlink.patch
 # PATCH-FIX-UPSTREAM bsc1221260-test_asyncio-ResourceWarning.patch bsc#1221260 mcepl@suse.com
 # prevent ResourceWarning in test_asyncio tests
-Patch17:        bsc1221260-test_asyncio-ResourceWarning.patch
+Patch16:        bsc1221260-test_asyncio-ResourceWarning.patch
+# PATCH-FIX-OPENSUSE CVE-2023-52425-libexpat-2.6.0-backport.patch
+# This problem on libexpat is patched on SLE without version
+# update, this patch changes the tests to match the libexpat provided
+# by SUSE
+Patch17:        CVE-2023-52425-libexpat-2.6.0-backport.patch
+# PATCH-FIX-UPSTREAM CVE-2024-4032-private-IP-addrs.patch bsc#1226448 mcepl@suse.com
+# rearrange definition of private v global IP addresses
+Patch18:        CVE-2024-4032-private-IP-addrs.patch
+# PATCH-FIX-UPSTREAM CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch bsc#1221854 mcepl@suse.com
+# detecting the vulnerability of the "quoted-overlap" zipbomb
+Patch19:        CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
+# PATCH-FIX-UPSTREAM CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch bsc#1226447 mcepl@suse.com
+# removes memory race condition in ssl.SSLContext certificate store methods
+Patch20:        CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
+# PATCH-FIX-UPSTREAM CVE-2024-6923-email-hdr-inject.patch bsc#1228780 mcepl@suse.com
+# prevent email header injection, patch from gh#python/cpython!122608
+Patch21:        CVE-2024-6923-email-hdr-inject.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  fdupes
@@ -415,13 +426,30 @@ This package contains libpython3.2 shared library for embedding in
 other applications.

 %prep
-%autosetup -p1 -N -n %{tarname}
-%autopatch -p1 -M 08
+%setup -q -n %{tarname}
+%patch -p1 -P 02
+%patch -p1 -P 03
+%patch -p1 -P 04
+%patch -p1 -P 05
+%patch -p1 -P 06
+%patch -p1 -P 07
+%patch -p1 -P 08

 %if 0%{?suse_version} <= 1500
 %patch -P 09 -p1
 %endif
-%autopatch -p1 -m 10
+
+%patch -p1 -P 10
+%patch -p1 -P 11
+%patch -p1 -P 13
+%patch -p1 -P 14
+%patch -p1 -P 15
+%patch -p1 -P 16
+%patch -p1 -P 17
+%patch -p1 -P 18
+%patch -p1 -P 19
+%patch -p1 -P 20
+%patch -p1 -P 21

 # drop Autoconf version requirement
 sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
@@ -776,25 +804,21 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo

 %if %{with general}
 %files -n %{python_pkg_name}-tk
-%defattr(644, root, root, 755)
 %{sitedir}/tkinter
 %exclude %{sitedir}/tkinter/test
 %{dynlib _tkinter}

 %files -n %{python_pkg_name}-curses
-%defattr(644, root, root, 755)
 %{sitedir}/curses
 %{dynlib _curses}
 %{dynlib _curses_panel}

 %files -n %{python_pkg_name}-dbm
-%defattr(644, root, root, 755)
 %{sitedir}/dbm
 %{dynlib _dbm}
 %{dynlib _gdbm}

 %files -n %{python_pkg_name}
-%defattr(644, root, root, 755)
 %dir %{sitedir}
 %dir %{sitedir}/lib-dynload
 %{sitedir}/sqlite3
@@ -806,7 +830,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %endif

 %files -n %{python_pkg_name}-idle
-%defattr(644, root, root, 755)
 %{sitedir}/idlelib
 %dir %{_sysconfdir}/idle%{python_version}
 %config %{_sysconfdir}/idle%{python_version}/*
@@ -843,11 +866,9 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %postun -n libpython%{so_version} -p /sbin/ldconfig

 %files -n libpython%{so_version}
-%defattr(644, root,root)
 %{_libdir}/libpython%{python_abi}.so.%{so_major}.%{so_minor}

 %files -n %{python_pkg_name}-tools
-%defattr(644, root, root, 755)
 %{sitedir}/turtledemo
 %if %{primary_interpreter}
 %{_bindir}/2to3
@@ -856,7 +877,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %doc %{_docdir}/%{name}/Tools

 %files -n %{python_pkg_name}-devel
-%defattr(644, root, root, 755)
 %{_libdir}/libpython%{python_abi}.so
 %if %{primary_interpreter}
 %{_libdir}/libpython3.so
@@ -864,7 +884,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %{_libdir}/pkgconfig/*
 %{_includedir}/python%{python_abi}
 %{sitedir}/config-%{python_abi}-*
-%defattr(755, root, root)
 %{_bindir}/python%{python_abi}-config
 %if %{primary_interpreter}
 %{_bindir}/python3-config
@@ -877,7 +896,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %{_datadir}/gdb/auto-load/%{_libdir}/libpython%{python_abi}.so.%{so_major}.%{so_minor}-gdb.py

 %files -n %{python_pkg_name}-testsuite
-%defattr(644, root, root, 755)
 %{sitedir}/test
 %{sitedir}/*/test
 %{sitedir}/*/tests
@@ -894,7 +912,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo
 %dir %{sitedir}/tkinter

 %files -n %{python_pkg_name}-base
-%defattr(644, root, root, 755)
 # docs
 %dir %{_docdir}/%{name}
 %doc %{_docdir}/%{name}/README.rst