SLFO-pool/python313
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main python313 revision 3939dadd6bf1a800644b15d384da5806

Browse Source
This commit is contained in:
Adrian Schröter 2024-12-20 16:09:47 +01:00
parent b7339fbd1a
commit 1faa76760c
12 changed files with 701 additions and 461 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
View File

@ -1,67 +0,0 @@
---
Lib/test/test_pyexpat.py | 4 ++++
Lib/test/test_sax.py | 3 +++
Lib/test/test_xml_etree.py | 10 ++++++++++
3 files changed, 17 insertions(+)
--- a/Lib/test/test_pyexpat.py
+++ b/Lib/test/test_pyexpat.py
@@ -791,6 +791,10 @@ class ReparseDeferralTest(unittest.TestC
self.assertEqual(started, ['doc'])
def test_reparse_deferral_disabled(self):
+ if expat.version_info < (2, 6, 0):
+ self.skipTest(f'Expat {expat.version_info} does not '
+ 'support reparse deferral')
+
started = []
def start_element(name, _):
--- a/Lib/test/test_sax.py
+++ b/Lib/test/test_sax.py
@@ -1240,6 +1240,9 @@ class ExpatReaderTest(XmlTestBase):
self.assertEqual(result.getvalue(), start + b"<doc></doc>")
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
result = BytesIO()
xmlgen = XMLGenerator(result)
--- a/Lib/test/test_xml_etree.py
+++ b/Lib/test/test_xml_etree.py
@@ -121,6 +121,11 @@ ATTLIST_XML = """\
</foo>
"""
+IS_SLE_15_7 = os.environ.get("SLE_VERSION", "") == "0150700"
+fails_with_expat_2_6_0 = (unittest.expectedFailure
+ # 2.4 version patched in SLE
+ if IS_SLE_15_7 and pyexpat.version_info >= (2, 4, 0) else
+ lambda test: test)
def checkwarnings(*filters, quiet=False):
def decorator(test):
def newtest(*args, **kwargs):
@@ -1504,9 +1509,11 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'root')])
self.assertIsNone(parser.close())
+ @fails_with_expat_2_6_0
def test_simple_xml_chunk_1(self):
self.test_simple_xml(chunk_size=1, flush=True)
+ @fails_with_expat_2_6_0
def test_simple_xml_chunk_5(self):
self.test_simple_xml(chunk_size=5, flush=True)
@@ -1731,6 +1738,9 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'doc')])
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
parser = ET.XMLPullParser(events=('start', 'end'))

46
CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch Normal file
View File

@ -0,0 +1,46 @@
From bfc2e93d755bf496e5ef4cae9609d2823122c909 Mon Sep 17 00:00:00 2001
From: "J. Nick Koston" <nick@koston.org>
Date: Thu, 5 Dec 2024 10:01:10 -0600
Subject: [PATCH 01/10] Ensure writelines pauses the protocol if needed
---
Lib/asyncio/selector_events.py | 1
Lib/test/test_asyncio/test_selector_events.py | 12 ++++++++++
Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst | 1
3 files changed, 14 insertions(+)
--- a/Lib/asyncio/selector_events.py
+++ b/Lib/asyncio/selector_events.py
@@ -1175,6 +1175,7 @@ class _SelectorSocketTransport(_Selector
# If the entire buffer couldn't be written, register a write handler
if self._buffer:
self._loop._add_writer(self._sock_fd, self._write_ready)
+ self._maybe_pause_protocol()
def can_write_eof(self):
return True
--- a/Lib/test/test_asyncio/test_selector_events.py
+++ b/Lib/test/test_asyncio/test_selector_events.py
@@ -805,6 +805,18 @@ class SelectorSocketTransportTests(test_
self.assertTrue(self.sock.send.called)
self.assertTrue(self.loop.writers)
+ def test_writelines_pauses_protocol(self):
+ data = memoryview(b'data')
+ self.sock.send.return_value = 2
+ self.sock.send.fileno.return_value = 7
+
+ transport = self.socket_transport()
+ transport._high_water = 1
+ transport.writelines([data])
+ self.assertTrue(self.protocol.pause_writing.called)
+ self.assertTrue(self.sock.send.called)
+ self.assertTrue(self.loop.writers)
+
@unittest.skipUnless(selector_events._HAS_SENDMSG, 'no sendmsg')
def test_write_sendmsg_full(self):
data = memoryview(b'data')
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst
@@ -0,0 +1 @@
+Fixed the :class:`!asyncio.selector_events._SelectorSocketTransport` transport not pausing writes for the protocol when the buffer reaches the high water mark when using :meth:`asyncio.WriteTransport.writelines`.

303
CVE-2024-9287-venv_path_unquoted.patch
View File

@ -1,303 +0,0 @@
From 6fdc7ddc09cf59c63f80fc549c7780c97e9922e7 Mon Sep 17 00:00:00 2001
From: Y5 <124019959+y5c4l3@users.noreply.github.com>
Date: Tue, 22 Oct 2024 04:48:04 +0800
Subject: [PATCH] gh-124651: Quote template strings in `venv` activation
scripts (GH-124712)
This patch properly quotes template strings in `venv` activation
scripts. This mitigates potential command injection.
(cherry picked from commit d48cc82ed25e26b02eb97c6263d95dcaa1e9111b)
Co-authored-by: Y5 <124019959+y5c4l3@users.noreply.github.com>
---
Lib/test/test_venv.py | 81 ++++++++++
Lib/venv/__init__.py | 42 ++++-
Lib/venv/scripts/common/activate | 10 -
Lib/venv/scripts/common/activate.fish | 8
Lib/venv/scripts/nt/activate.bat | 6
Lib/venv/scripts/posix/activate.csh | 8
Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst | 1
7 files changed, 135 insertions(+), 21 deletions(-)
create mode 100644 Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst
--- a/Lib/test/test_venv.py
+++ b/Lib/test/test_venv.py
@@ -17,6 +17,7 @@ import subprocess
import sys
import sysconfig
import tempfile
+import shlex
from test.support import (captured_stdout, captured_stderr,
skip_if_broken_multiprocessing_synchronize, verbose,
requires_subprocess, is_android, is_apple_mobile,
@@ -110,6 +111,10 @@ class BaseTest(unittest.TestCase):
result = f.read()
return result
+ def assertEndsWith(self, string, tail):
+ if not string.endswith(tail):
+ self.fail(f"String {string!r} does not end with {tail!r}")
+
class BasicTest(BaseTest):
"""Test venv module functionality."""
@@ -488,6 +493,82 @@ class BasicTest(BaseTest):
'import sys; print(sys.executable)'])
self.assertEqual(out.strip(), envpy.encode())
+ # gh-124651: test quoted strings
+ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows')
+ def test_special_chars_bash(self):
+ """
+ Test that the template strings are quoted properly (bash)
+ """
+ rmtree(self.env_dir)
+ bash = shutil.which('bash')
+ if bash is None:
+ self.skipTest('bash required for this test')
+ env_name = '"\';&&$e|\'"'
+ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name)
+ builder = venv.EnvBuilder(clear=True)
+ builder.create(env_dir)
+ activate = os.path.join(env_dir, self.bindir, 'activate')
+ test_script = os.path.join(self.env_dir, 'test_special_chars.sh')
+ with open(test_script, "w") as f:
+ f.write(f'source {shlex.quote(activate)}\n'
+ 'python -c \'import sys; print(sys.executable)\'\n'
+ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n'
+ 'deactivate\n')
+ out, err = check_output([bash, test_script])
+ lines = out.splitlines()
+ self.assertTrue(env_name.encode() in lines[0])
+ self.assertEndsWith(lines[1], env_name.encode())
+
+ # gh-124651: test quoted strings
+ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows')
+ def test_special_chars_csh(self):
+ """
+ Test that the template strings are quoted properly (csh)
+ """
+ rmtree(self.env_dir)
+ csh = shutil.which('tcsh') or shutil.which('csh')
+ if csh is None:
+ self.skipTest('csh required for this test')
+ env_name = '"\';&&$e|\'"'
+ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name)
+ builder = venv.EnvBuilder(clear=True)
+ builder.create(env_dir)
+ activate = os.path.join(env_dir, self.bindir, 'activate.csh')
+ test_script = os.path.join(self.env_dir, 'test_special_chars.csh')
+ with open(test_script, "w") as f:
+ f.write(f'source {shlex.quote(activate)}\n'
+ 'python -c \'import sys; print(sys.executable)\'\n'
+ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n'
+ 'deactivate\n')
+ out, err = check_output([csh, test_script])
+ lines = out.splitlines()
+ self.assertTrue(env_name.encode() in lines[0])
+ self.assertEndsWith(lines[1], env_name.encode())
+
+ # gh-124651: test quoted strings on Windows
+ @unittest.skipUnless(os.name == 'nt', 'only relevant on Windows')
+ def test_special_chars_windows(self):
+ """
+ Test that the template strings are quoted properly on Windows
+ """
+ rmtree(self.env_dir)
+ env_name = "'&&^$e"
+ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name)
+ builder = venv.EnvBuilder(clear=True)
+ builder.create(env_dir)
+ activate = os.path.join(env_dir, self.bindir, 'activate.bat')
+ test_batch = os.path.join(self.env_dir, 'test_special_chars.bat')
+ with open(test_batch, "w") as f:
+ f.write('@echo off\n'
+ f'"{activate}" & '
+ f'{self.exe} -c "import sys; print(sys.executable)" & '
+ f'{self.exe} -c "import os; print(os.environ[\'VIRTUAL_ENV\'])" & '
+ 'deactivate')
+ out, err = check_output([test_batch])
+ lines = out.splitlines()
+ self.assertTrue(env_name.encode() in lines[0])
+ self.assertEndsWith(lines[1], env_name.encode())
+
@unittest.skipUnless(os.name == 'nt', 'only relevant on Windows')
def test_unicode_in_batch_file(self):
"""
--- a/Lib/venv/__init__.py
+++ b/Lib/venv/__init__.py
@@ -11,6 +11,7 @@ import subprocess
import sys
import sysconfig
import types
+import shlex
CORE_VENV_DEPS = ('pip',)
@@ -481,11 +482,41 @@ class EnvBuilder:
:param context: The information for the environment creation request
being processed.
"""
- text = text.replace('__VENV_DIR__', context.env_dir)
- text = text.replace('__VENV_NAME__', context.env_name)
- text = text.replace('__VENV_PROMPT__', context.prompt)
- text = text.replace('__VENV_BIN_NAME__', context.bin_name)
- text = text.replace('__VENV_PYTHON__', context.env_exe)
+ replacements = {
+ '__VENV_DIR__': context.env_dir,
+ '__VENV_NAME__': context.env_name,
+ '__VENV_PROMPT__': context.prompt,
+ '__VENV_BIN_NAME__': context.bin_name,
+ '__VENV_PYTHON__': context.env_exe,
+ }
+
+ def quote_ps1(s):
+ """
+ This should satisfy PowerShell quoting rules [1], unless the quoted
+ string is passed directly to Windows native commands [2].
+ [1]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules
+ [2]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing#passing-arguments-that-contain-quote-characters
+ """
+ s = s.replace("'", "''")
+ return f"'{s}'"
+
+ def quote_bat(s):
+ return s
+
+ # gh-124651: need to quote the template strings properly
+ quote = shlex.quote
+ script_path = context.script_path
+ if script_path.endswith('.ps1'):
+ quote = quote_ps1
+ elif script_path.endswith('.bat'):
+ quote = quote_bat
+ else:
+ # fallbacks to POSIX shell compliant quote
+ quote = shlex.quote
+
+ replacements = {key: quote(s) for key, s in replacements.items()}
+ for key, quoted in replacements.items():
+ text = text.replace(key, quoted)
return text
def install_scripts(self, context, path):
@@ -535,6 +566,7 @@ class EnvBuilder:
with open(srcfile, 'rb') as f:
data = f.read()
try:
+ context.script_path = srcfile
new_data = (
self.replace_variables(data.decode('utf-8'), context)
.encode('utf-8')
--- a/Lib/venv/scripts/common/activate
+++ b/Lib/venv/scripts/common/activate
@@ -40,20 +40,20 @@ case "$(uname)" in
CYGWIN*|MSYS*)
# transform D:\path\to\venv to /d/path/to/venv on MSYS
# and to /cygdrive/d/path/to/venv on Cygwin
- VIRTUAL_ENV=$(cygpath "__VENV_DIR__")
+ VIRTUAL_ENV=$(cygpath __VENV_DIR__)
export VIRTUAL_ENV
;;
*)
# use the path as-is
- export VIRTUAL_ENV="__VENV_DIR__"
+ export VIRTUAL_ENV=__VENV_DIR__
;;
esac
_OLD_VIRTUAL_PATH="$PATH"
-PATH="$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH"
+PATH="$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH"
export PATH
-VIRTUAL_ENV_PROMPT="__VENV_PROMPT__"
+VIRTUAL_ENV_PROMPT=__VENV_PROMPT__
export VIRTUAL_ENV_PROMPT
# unset PYTHONHOME if set
@@ -66,7 +66,7 @@ fi
if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then
_OLD_VIRTUAL_PS1="${PS1:-}"
- PS1="(__VENV_PROMPT__) ${PS1:-}"
+ PS1="("__VENV_PROMPT__") ${PS1:-}"
export PS1
fi
--- a/Lib/venv/scripts/common/activate.fish
+++ b/Lib/venv/scripts/common/activate.fish
@@ -33,11 +33,11 @@ end
# Unset irrelevant variables.
deactivate nondestructive
-set -gx VIRTUAL_ENV "__VENV_DIR__"
+set -gx VIRTUAL_ENV __VENV_DIR__
set -gx _OLD_VIRTUAL_PATH $PATH
-set -gx PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__" $PATH
-set -gx VIRTUAL_ENV_PROMPT "__VENV_PROMPT__"
+set -gx PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__ $PATH
+set -gx VIRTUAL_ENV_PROMPT __VENV_PROMPT__
# Unset PYTHONHOME if set.
if set -q PYTHONHOME
@@ -57,7 +57,7 @@ if test -z "$VIRTUAL_ENV_DISABLE_PROMPT"
set -l old_status $status
# Output the venv prompt; color taken from the blue of the Python logo.
- printf "%s(%s)%s " (set_color 4B8BBE) "__VENV_PROMPT__" (set_color normal)
+ printf "%s(%s)%s " (set_color 4B8BBE) __VENV_PROMPT__ (set_color normal)
# Restore the return status of the previous command.
echo "exit $old_status" | .
--- a/Lib/venv/scripts/nt/activate.bat
+++ b/Lib/venv/scripts/nt/activate.bat
@@ -8,7 +8,7 @@ if defined _OLD_CODEPAGE (
"%SystemRoot%\System32\chcp.com" 65001 > nul
)
-set VIRTUAL_ENV=__VENV_DIR__
+set "VIRTUAL_ENV=__VENV_DIR__"
if not defined PROMPT set PROMPT=$P$G
@@ -24,8 +24,8 @@ set PYTHONHOME=
if defined _OLD_VIRTUAL_PATH set PATH=%_OLD_VIRTUAL_PATH%
if not defined _OLD_VIRTUAL_PATH set _OLD_VIRTUAL_PATH=%PATH%
-set PATH=%VIRTUAL_ENV%\__VENV_BIN_NAME__;%PATH%
-set VIRTUAL_ENV_PROMPT=__VENV_PROMPT__
+set "PATH=%VIRTUAL_ENV%\__VENV_BIN_NAME__;%PATH%"
+set "VIRTUAL_ENV_PROMPT=__VENV_PROMPT__"
:END
if defined _OLD_CODEPAGE (
--- a/Lib/venv/scripts/posix/activate.csh
+++ b/Lib/venv/scripts/posix/activate.csh
@@ -9,17 +9,17 @@ alias deactivate 'test $?_OLD_VIRTUAL_PA
# Unset irrelevant variables.
deactivate nondestructive
-setenv VIRTUAL_ENV "__VENV_DIR__"
+setenv VIRTUAL_ENV __VENV_DIR__
set _OLD_VIRTUAL_PATH="$PATH"
-setenv PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH"
-setenv VIRTUAL_ENV_PROMPT "__VENV_PROMPT__"
+setenv PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH"
+setenv VIRTUAL_ENV_PROMPT __VENV_PROMPT__
set _OLD_VIRTUAL_PROMPT="$prompt"
if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then
- set prompt = "(__VENV_PROMPT__) $prompt"
+ set prompt = "(L__VENV_PROMPT__") $prompt"
endif
alias pydoc python -m pydoc
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst
@@ -0,0 +1 @@
+Properly quote template strings in :mod:`venv` activation scripts.

123
F00251-change-user-install-location.patch
View File

@ -24,58 +24,12 @@ Co-authored-by: Miro Hrončok <miro@hroncok.cz>
Co-authored-by: Michal Cyprian <m.cyprian@gmail.com>
Co-authored-by: Lumír Balhar <frenzy.madness@gmail.com>
---
Lib/site.py | 9 ++++++-
Lib/sysconfig.py | 49 +++++++++++++++++++++++++++++++++++++-
Lib/test/test_sysconfig.py | 17 +++++++++++--
3 files changed, 71 insertions(+), 4 deletions(-)
Lib/sysconfig/__init__.py | 57 +++++++++++++++++++++++++++++++++++++++++----
Lib/test/test_sysconfig.py | 17 +++++++++++--
2 files changed, 67 insertions(+), 7 deletions(-)
Index: Python-3.13.0b4/Lib/test/test_sysconfig.py
===================================================================
--- Python-3.13.0b4.orig/Lib/test/test_sysconfig.py
+++ Python-3.13.0b4/Lib/test/test_sysconfig.py
@@ -121,8 +121,19 @@ class TestSysConfig(unittest.TestCase):
for scheme in _INSTALL_SCHEMES:
for name in _INSTALL_SCHEMES[scheme]:
expected = _INSTALL_SCHEMES[scheme][name].format(**config_vars)
+ tested = get_path(name, scheme)
+ # https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe
+ if tested.startswith('/usr/local'):
+ # /usr/local should only be used in posix_prefix
+ self.assertEqual(scheme, 'posix_prefix')
+ # Fedora CI runs tests for venv and virtualenv that check for other prefixes
+ self.assertEqual(sys.prefix, '/usr')
+ # When building the RPM of Python, %check runs this with RPM_BUILD_ROOT set
+ # Fedora CI runs this with RPM_BUILD_ROOT unset
+ self.assertNotIn('RPM_BUILD_ROOT', os.environ)
+ tested = tested.replace('/usr/local', '/usr')
self.assertEqual(
- os.path.normpath(get_path(name, scheme)),
+ os.path.normpath(tested),
os.path.normpath(expected),
)
@@ -377,7 +388,7 @@ class TestSysConfig(unittest.TestCase):
self.assertTrue(os.path.isfile(config_h), config_h)
def test_get_scheme_names(self):
- wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv']
+ wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv', 'rpm_prefix']
if HAS_USER_BASE:
wanted.extend(['nt_user', 'osx_framework_user', 'posix_user'])
self.assertEqual(get_scheme_names(), tuple(sorted(wanted)))
@@ -389,6 +400,8 @@ class TestSysConfig(unittest.TestCase):
cmd = "-c", "import sysconfig; print(sysconfig.get_platform())"
self.assertEqual(py.call_real(*cmd), py.call_link(*cmd))
+ @unittest.skipIf('RPM_BUILD_ROOT' not in os.environ,
+ "Test doesn't expect Fedora's paths")
def test_user_similar(self):
# Issue #8759: make sure the posix scheme for the users
# is similar to the global posix_prefix one
Index: Python-3.13.0b4/Lib/sysconfig/__init__.py
===================================================================
--- Python-3.13.0b4.orig/Lib/sysconfig/__init__.py
+++ Python-3.13.0b4/Lib/sysconfig/__init__.py
--- a/Lib/sysconfig/__init__.py
+++ b/Lib/sysconfig/__init__.py
@@ -106,6 +106,11 @@ if os.name == 'nt':
else:
_INSTALL_SCHEMES['venv'] = _INSTALL_SCHEMES['posix_venv']
@ -88,7 +42,7 @@ Index: Python-3.13.0b4/Lib/sysconfig/__init__.py
def _get_implementation():
return 'Python'
@@ -167,6 +172,19 @@ if _HAS_USER_BASE:
@@ -167,13 +172,28 @@ if _HAS_USER_BASE:
},
}
@ -108,7 +62,16 @@ Index: Python-3.13.0b4/Lib/sysconfig/__init__.py
_SCHEME_KEYS = ('stdlib', 'platstdlib', 'purelib', 'platlib', 'include',
'scripts', 'data')
@@ -261,11 +279,40 @@ def _extend_dict(target_dict, other_dict
_PY_VERSION = sys.version.split()[0]
_PY_VERSION_SHORT = f'{sys.version_info[0]}.{sys.version_info[1]}'
_PY_VERSION_SHORT_NO_DOT = f'{sys.version_info[0]}{sys.version_info[1]}'
+_PREFIX = os.path.normpath(sys.prefix)
_BASE_PREFIX = os.path.normpath(sys.base_prefix)
+_EXEC_PREFIX = os.path.normpath(sys.exec_prefix)
_BASE_EXEC_PREFIX = os.path.normpath(sys.base_exec_prefix)
# Mutex guarding initialization of _CONFIG_VARS.
_CONFIG_VARS_LOCK = threading.RLock()
@@ -259,11 +279,40 @@ def _extend_dict(target_dict, other_dict
target_dict[key] = value
@ -150,3 +113,57 @@ Index: Python-3.13.0b4/Lib/sysconfig/__init__.py
if os.name == 'nt':
# On Windows we want to substitute 'lib' for schemes rather
# than the native value (without modifying vars, in case it
@@ -464,10 +513,8 @@ def _init_config_vars():
# Normalized versions of prefix and exec_prefix are handy to have;
# in fact, these are the standard versions used most places in the
# Distutils.
- _PREFIX = os.path.normpath(sys.prefix)
- _EXEC_PREFIX = os.path.normpath(sys.exec_prefix)
- _CONFIG_VARS['prefix'] = _PREFIX # FIXME: This gets overwriten by _init_posix.
- _CONFIG_VARS['exec_prefix'] = _EXEC_PREFIX # FIXME: This gets overwriten by _init_posix.
+ _CONFIG_VARS['prefix'] = _PREFIX
+ _CONFIG_VARS['exec_prefix'] = _EXEC_PREFIX
_CONFIG_VARS['py_version'] = _PY_VERSION
_CONFIG_VARS['py_version_short'] = _PY_VERSION_SHORT
_CONFIG_VARS['py_version_nodot'] = _PY_VERSION_SHORT_NO_DOT
--- a/Lib/test/test_sysconfig.py
+++ b/Lib/test/test_sysconfig.py
@@ -130,8 +130,19 @@ class TestSysConfig(unittest.TestCase):
for scheme in _INSTALL_SCHEMES:
for name in _INSTALL_SCHEMES[scheme]:
expected = _INSTALL_SCHEMES[scheme][name].format(**config_vars)
+ tested = get_path(name, scheme)
+ # https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe
+ if tested.startswith('/usr/local'):
+ # /usr/local should only be used in posix_prefix
+ self.assertEqual(scheme, 'posix_prefix')
+ # Fedora CI runs tests for venv and virtualenv that check for other prefixes
+ self.assertEqual(sys.prefix, '/usr')
+ # When building the RPM of Python, %check runs this with RPM_BUILD_ROOT set
+ # Fedora CI runs this with RPM_BUILD_ROOT unset
+ self.assertNotIn('RPM_BUILD_ROOT', os.environ)
+ tested = tested.replace('/usr/local', '/usr')
self.assertEqual(
- os.path.normpath(get_path(name, scheme)),
+ os.path.normpath(tested),
os.path.normpath(expected),
)
@@ -386,7 +397,7 @@ class TestSysConfig(unittest.TestCase):
self.assertTrue(os.path.isfile(config_h), config_h)
def test_get_scheme_names(self):
- wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv']
+ wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv', 'rpm_prefix']
if HAS_USER_BASE:
wanted.extend(['nt_user', 'osx_framework_user', 'posix_user'])
self.assertEqual(get_scheme_names(), tuple(sorted(wanted)))
@@ -398,6 +409,8 @@ class TestSysConfig(unittest.TestCase):
cmd = "-c", "import sysconfig; print(sysconfig.get_platform())"
self.assertEqual(py.call_real(*cmd), py.call_link(*cmd))
+ @unittest.skipIf('RPM_BUILD_ROOT' not in os.environ,
+ "Test doesn't expect Fedora's paths")
def test_user_similar(self):
# Issue #8759: make sure the posix scheme for the users
# is similar to the global posix_prefix one

BIN
Python-3.13.0.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

18
Python-3.13.0.tar.xz.asc
View File

@ -1,18 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmcDjiVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwVfzg/8DjSks9r9qRY4JfQ1cPV39scH0jhMTF6xKQshMQt7joSySFB+D73S88MY
J1guRc3hAvNhAKv9fb8ckG7Lcjd7g6lqyEjRFH1udYcNVYnLEmGacbPscQVIQHqT
OF6A3QaQyE0bLN6BM6XUM0Jp3ial3yUOHoggkleEnZClnfmIJuUKBGTj9FkCvoPq
wE9nhaYPRudqpNzG6usuVbXcz6tYnzpd6xztWIgHhCfL02i2cYvO9ytBxh2DczA8
mI8WoDO9MqMxf2fvWZJGL1CvQS2bFnCDBh/fFlLp4grJqNehoggA8a63UJot++fa
NRSH1Rl2hL9kEh+6Qy9/XwdU/fnJW95zBzyTjyJAwUng/kJ01AQ2rSw+SK3i7XQ7
BziKuItmAf51NgFjGAXxA32sUH9R5XmPNIe3Ae9QCFa2+OxqBTYRFxHaXntWc9oV
bCDCsc0+vXfP9Pb3rHwTSqE3aCqbOk2qM6013+Y74/I2/EFCqWhrwrTGFYSRihpv
8BOoL49NxtodasARlAefoETJKytMvXhDH5WuVqcF/51fShID5NqkPBIEcHyFgeU0
oS3O28Vs353ym0jMnVWYd9qRIcWlvZWrDvS2QImbdjVl8/FTX7CFkDK0rbNKeYWe
IwxGju22KrUs/HTFVqe6MmUUgzsztUA2JxOhJGeyCUAS7FOX8G0=
=r6IQ
-----END PGP SIGNATURE-----

BIN
Python-3.13.1.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

1
Python-3.13.1.tar.xz.sigstore Normal file
View File

File diff suppressed because one or more lines are too long

2
python-3.3.0b1-test-posix_fadvise.patch
View File

@ -4,7 +4,7 @@
--- a/Lib/test/test_posix.py
+++ b/Lib/test/test_posix.py
@@ -435,7 +435,7 @@ class PosixTester(unittest.TestCase):
@@ -437,7 +437,7 @@ class PosixTester(unittest.TestCase):
def test_posix_fadvise(self):
fd = os.open(os_helper.TESTFN, os.O_RDONLY)
try:

1
python313-rpmlintrc
View File

@ -1,3 +1,4 @@
addFilter("pem-certificate.*/usr/lib.*/python.*/test/*.pem")
addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/tests/*.c")
addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/test/*.c")
addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/test/*.cpp")

564
python313.changes
View File

@ -1,3 +1,567 @@
-------------------------------------------------------------------
Fri Dec 6 20:39:56 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch
preventing exhaustion of memory (gh#python/cpython#127655,
bsc#1234290, CVE-2024-12254).
-------------------------------------------------------------------
Wed Dec 4 21:57:12 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Update to 3.13.1:
- Tools/Demos
- gh-126807: Fix extraction warnings in pygettext.py caused
by mistaking function definitions for function calls.
- gh-126167: The iOS testbed was modified so that it can be
used by third-party projects for testing purposes.
- Tests
- gh-126909: Fix test_os extended attribute tests to work on
filesystems with 1 KiB xattr size limit.
- gh-125041: Re-enable skipped tests for zlib on the
s390x architecture: only skip checks of the compressed
bytes, which can be different between zlibs software
implementation and the hardware-accelerated implementation.
- gh-124295: Add translation tests to the argparse module.
- Security
- gh-126623: Upgrade libexpat to 2.6.4
- gh-125140: Remove the current directory from sys.path when
using PyREPL.
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-127321: pdb.set_trace() will not stop at an opcode that
does not have an associated line number anymore.
- gh-127303: Publicly expose EXACT_TOKEN_TYPES in
token.__all__.
- gh-123967: Fix faulthandler for trampoline frames. If the
top-most frame is a trampoline frame, skip it. Patch by
Victor Stinner.
- gh-127182: Fix io.StringIO.__setstate__() crash, when None
was passed as the first value.
- gh-127217: Fix urllib.request.pathname2url() for paths
starting with multiple slashes on Posix.
- gh-127035: Fix shutil.which on Windows. Now it looks at
direct match if and only if the command ends with a PATHEXT
extension or X_OK is not in mode. Support extensionless
files if “.” is in PATHEXT. Support PATHEXT extensions that
end with a dot.
- gh-122273: Support PyREPL history on Windows. Patch by
devdanzin and Victor Stinner.
- gh-127078: Fix issue where urllib.request.url2pathname()
failed to discard an extra slash before a UNC drive in the
URL path on Windows.
- gh-126766: Fix issue where urllib.request.url2pathname()
failed to discard any localhost authority present in the
URL.
- gh-127065: Fix crash when calling a operator.methodcaller()
instance from multiple threads in the free threading build.
- gh-126997: Fix support of STRING and GLOBAL opcodes with
non-ASCII arguments in pickletools. pickletools.dis()
now outputs non-ASCII bytes in STRING, BINSTRING and
SHORT_BINSTRING arguments as escaped (\xXX).
- gh-126316: grp: Make grp.getgrall() thread-safe by adding a
mutex. Patch by Victor Stinner.
- gh-126618: Fix the representation of itertools.count
objects when the count value is sys.maxsize.
- gh-85168: Fix issue where urllib.request.url2pathname() and
pathname2url() always used UTF-8 when quoting and unquoting
file URIs. They now use the filesystem encoding and error
handler.
- gh-67877: Fix memory leaks when regular expression matching
terminates abruptly, either because of a signal or because
memory allocation fails.
- gh-126789: Fixed the values of sysconfig.get_config_vars(),
sysconfig.get_paths(), and their siblings when the site
initialization happens after sysconfig has built a cache
for sysconfig.get_config_vars().
- gh-126188: Update bundled pip to 24.3.1
- gh-126780: Fix os.path.normpath() for drive-relative paths
on Windows.
- gh-126766: Fix issue where urllib.request.url2pathname()
failed to discard two leading slashes introducing an empty
authority section.
- gh-126727: locale.nl_langinfo(locale.ERA) now returns
multiple era description segments separated by
semicolons. Previously it only returned the first segment
on platforms with Glibc.
- gh-126699: Allow collections.abc.AsyncIterator to be a base
for Protocols.
- gh-126654: Fix crash when non-dict was passed to several
functions in _interpreters module.
- gh-104745: Limit starting a patcher (from
unittest.mock.patch() or unittest.mock.patch.object()) more
than once without stopping it
- gh-126595: Fix a crash when instantiating itertools.count
with an initial count of sys.maxsize on debug builds. Patch
by Bénédikt Tran.
- gh-120423: Fix issue where urllib.request.pathname2url()
mishandled Windows paths with embedded forward slashes.
- gh-126565: Improve performances of zipfile.Path.open() for
non-reading modes.
- gh-126505: Fix bugs in compiling case-insensitive regular
expressions with character classes containing non-BMP
characters: upper-case non-BMP character did was ignored
and the ASCII flag was ignored when matching a character
range whose upper bound is beyond the BMP region.
- gh-117378: Fixed the multiprocessing "forkserver"
start method forkserver process to correctly inherit
the parents sys.path during the importing of
multiprocessing.set_forkserver_preload() modules in the
same manner as sys.path is configured in workers before
executing work items.
- This bug caused some forkserver module preloading to
silently fail to preload. This manifested as a performance
degration in child processes when the sys.path was required
due to additional repeated work in every worker.
- It could also have a side effect of "" remaining in
sys.path during forkserver preload imports instead of the
absolute path from os.getcwd() at multiprocessing import
time used in the worker sys.path.
- The sys.path differences between phases in the child
process could potentially have caused preload to import
incorrect things from the wrong location. We are unaware of
that actually having happened in practice.
- gh-125679: The multiprocessing.Lock and
multiprocessing.RLock repr values no longer say “unknown”
on macOS.
- gh-126476: Raise calendar.IllegalMonthError (now a subclass
of IndexError) for calendar.month() when the input month is
not correct.
- gh-126489: The Python implementation of pickle no longer
calls pickle.Pickler.persistent_id() for the result of
persistent_id().
- gh-126313: Fix an issue in curses.napms() when
curses.initscr() has not yet been called. Patch by Bénédikt
Tran.
- gh-126303: Fix pickling and copying of os.sched_param
objects.
- gh-126138: Fix a use-after-free crash on asyncio.Task
objects whose underlying coroutine yields an object that
implements an evil __getattribute__(). Patch by Nico
Posada.
- gh-126220: Fix crash in cProfile.Profile and
_lsprof.Profiler when their callbacks were directly called
with 0 arguments.
- gh-126212: Fix issue where urllib.request.pathname2url()
and url2pathname() removed slashes from Windows DOS drive
paths and URLs.
- gh-126223: Raise a UnicodeEncodeError instead of a
SystemError upon calling _interpreters.create() with an
invalid Unicode character.
- gh-126205: Fix issue where urllib.request.pathname2url()
generated URLs beginning with four slashes (rather than
two) when given a Windows UNC path.
- gh-126105: Fix a crash in ast when the ast.AST._fields
attribute is deleted.
- gh-126106: Fixes a possible NULL pointer dereference in
ssl.
- gh-126080: Fix a use-after-free crash on asyncio.Task
objects for which the underlying event loop implements an
evil __getattribute__(). Reported by Nico-Posada. Patch by
Bénédikt Tran.
- gh-126083: Fixed a reference leak in asyncio.Task objects
when reinitializing the same object with a non-None
context. Patch by Nico Posada.
- gh-125984: Fix use-after-free crashes on asyncio.Future
objects for which the underlying event loop implements an
evil __getattribute__(). Reported by Nico-Posada. Patch by
Bénédikt Tran.
- gh-125969: Fix an out-of-bounds crash when an evil
asyncio.loop.call_soon() mutates the length of the internal
callbacks list. Patch by Bénédikt Tran.
- gh-125966: Fix a use-after-free crash in
asyncio.Future.remove_done_callback(). Patch by Bénédikt
Tran.
- gh-125789: Fix possible crash when mutating list of
callbacks returned by asyncio.Future._callbacks. It
now always returns a new copy in C implementation
_asyncio. Patch by Kumar Aditya.
- gh-124452: Fix an issue in
email.policy.EmailPolicy.header_source_parse() and
email.policy.Compat32.header_source_parse() that introduced
spurious leading whitespaces into header values when the
header includes a newline character after the header name
delimiter (:) and before the value.
- gh-125884: Fixed the bug for pdb where it cant set
breakpoints on functions with certain annotations.
- gh-125355: Fix several bugs in
argparse.ArgumentParser.parse_intermixed_args().
- The parser no longer changes temporarily during
parsing.
- Default values are not processed twice.
- Required mutually exclusive groups containing
positional arguments are now supported.
- The missing arguments report now includes the names of
all required optional and positional arguments.
- Unknown options can be intermixed with positional
arguments in parse_known_intermixed_args().
- gh-125666: Avoid the exiting the interpreter if a null byte
is given as input in the new REPL.
- gh-125710: [Enum] fix hashable<->nonhashable comparisons
for member values
- gh-125631: Restore ability to set persistent_id and
persistent_load attributes of instances of the Pickler and
Unpickler classes in the pickle module.
- gh-125378: Fixed the bug in pdb where after a multi-line
command, an empty line repeats the first line of the
multi-line command, instead of the full command.
- gh-125682: Reject non-ASCII digits in the Python
implementation of json.loads() conforming to the JSON
specification.
- gh-125660: Reject invalid unicode escapes for Python
implementation of json.loads().
- gh-125259: Fix the notes removal logic for errors thrown in
enum initialization.
- gh-125590: Allow FrameLocalsProxy to delete and pop if the
key is not a fast variable.
- gh-125519: Improve traceback if importlib.reload() is
called with an object that is not a module. Patch by Alex
Waygood.
- gh-125451: Fix deadlock when
concurrent.futures.ProcessPoolExecutor shuts down
concurrently with an error when feeding a job to a worker
process.
- gh-125422: Fixed the bug where pdb and bdb can step into
the bottom caller frame.
- gh-100141: Fixed the bug where pdb will be stuck in an
infinite loop when debugging an empty file.
- gh-125115: Fixed a bug in pdb where arguments starting with
- cant be passed to the debugged script.
- gh-53203: Fix time.strptime() for %c, %x and %X formats
in many locales that use non-ASCII digits, like Persian,
Burmese, Odia and Shan.
- gh-125398: Fix the conversion of the VIRTUAL_ENV path in
the activate script in venv when running in Git Bash for
Windows.
- gh-125316: Fix using functools.partial() as enum.Enum
member. A FutureWarning with suggestion to use
enum.member() is now emitted when the partial instance is
used as an enum member.
- gh-125245: Fix race condition when importing
collections.abc, which could incorrectly return an empty
module.
- gh-125243: Fix data race when creating zoneinfo.ZoneInfo
objects in the free threading build.
- gh-125254: Fix a bug where ArgumentError includes the
incorrect ambiguous option in argparse.
- gh-125235: Keep tkinter TCL paths in venv pointing to base
installation on Windows.
- gh-61011: Fix inheritance of nested mutually
exclusive groups from parent parser in
argparse.ArgumentParser. Previously, all nested mutually
exclusive groups lost their connection to the group
containing them and were displayed as belonging directly to
the parser.
- gh-52551: Fix encoding issues in time.strftime(), the
strftime() method of the datetime classes datetime, date
and time and formatting of these classes. Characters
not encodable in the current locale are now acceptable
in the format string. Surrogate pairs and sequence
of surrogatescape-encoded bytes are no longer
recombinated. Embedded null character no longer terminates
the format string.
- gh-125118: Dont copy arbitrary values to _Bool in the
struct module.
- gh-125069: Fix an issue where providing a pathlib.PurePath
object as an initializer argument to a second PurePath
object with a different parser resulted in arguments to
the former objects initializer being joined by the latter
objects parser.
- gh-125096: If the PYTHON_BASIC_REPL environment variable
is set, the site module no longer imports the _pyrepl
module. Moreover, the site module now respects -E and -I
command line options: ignore PYTHON_BASIC_REPL in this
case. Patch by Victor Stinner.
- gh-124969: Fix locale.nl_langinfo(locale.ALT_DIGITS) on
platforms with glibc. Now it returns a string consisting of
up to 100 semicolon-separated symbols (an empty string in
most locales) on all Posix platforms. Previously it only
returned the first symbol or an empty string.
- gh-124960: Fix support for the barry_as_FLUFL future flag
in the new REPL.
- gh-124984: Fixed thread safety in ssl in the free-threaded
build. OpenSSL operations are now protected by a per-object
lock.
- gh-124958: Fix refcycles in exceptions raised from
asyncio.TaskGroup and the python implementation of
asyncio.Future
- gh-53203: Fix time.strptime() for %c and %x formats in many
locales: Arabic, Bislama, Breton, Bodo, Kashubian, Chuvash,
Estonian, French, Irish, Geez, Gurajati, Manx Gaelic,
Hebrew, Hindi, Chhattisgarhi, Haitian Kreyol, Japanese,
Kannada, Korean, Marathi, Malay, Norwegian, Nynorsk,
Punjabi, Rajasthani, Tok Pisin, Yoruba, Yue Chinese,
Yau/Nungon and Chinese.
- gh-124917: Allow calling os.path.exists() and
os.path.lexists() with keyword arguments on Windows. Fixes
a regression in 3.13.0.
- gh-124653: Fix detection of the minimal Queue API needed by
the logging module. Patch by Bénédikt Tran.
- gh-124858: Fix reference cycles left in tracebacks
in asyncio.open_connection() when used with
happy_eyeballs_delay
- gh-124390: Fixed AssertionError when using
asyncio.staggered.staggered_race() with
asyncio.eager_task_factory.
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- gh-116850: Fix argparse for namespaces with not directly
writable dict (e.g. classes).
- gh-58573: Fix conflicts between abbreviated long options in
the parent parser and subparsers in argparse.
- gh-124594: All asyncio REPL prompts run in the same
context. Contributed by Bartosz Sławecki.
- gh-61181: Fix support of choices with string value in
argparse. Substrings of the specified string no longer
considered valid values.
- gh-80259: Fix argparse support of positional arguments with
nargs='?', default=argparse.SUPPRESS and specified type.
- gh-120378: Fix a crash related to an integer overflow in
curses.resizeterm() and curses.resize_term().
- gh-123884: Fixed bug in itertools.tee() handling of other
tee inputs (a tee in a tee). The output now has the
promised n independent new iterators. Formerly, the first
iterator was identical (not independent) to the input
iterator. This would sometimes give surprising results.
- gh-58956: Fixed a bug in pdb where sometimes the breakpoint
wont trigger if it was set on a function which is already
in the call stack.
- gh-124345: argparse vim supports abbreviated single-dash
long options separated by = from its value.
- gh-104860: Fix disallowing abbreviation of single-dash long
options in argparse with allow_abbrev=False.
- gh-63143: Fix parsing mutually exclusive arguments in
argparse. Arguments with the value identical to the default
value (e.g. booleans, small integers, empty or 1-character
strings) are no longer considered “not present”.
- gh-72795: Positional arguments with nargs equal to '*' or
argparse.REMAINDER are no longer required. This allows to
use positional argument with nargs='*' and without default
in mutually exclusive group and improves error message
about required arguments.
- gh-59317: Fix parsing positional argument with nargs equal
to '?' or '*' if it is preceded by an option and another
positional argument.
- gh-53780: argparse now ignores the first "--" (double dash)
between an option and command.
- gh-124217: Add RFC 9637 reserved IPv6 block 3fff::/20 in
ipaddress module.
- gh-81691: Fix handling of multiple "--" (double dashes)
in argparse. Only the first one has now been removed, all
subsequent ones are now taken literally.
- gh-123978: Remove broken time.thread_time() and
time.thread_time_ns() on NetBSD.
- gh-124008: Fix possible crash (in debug build), incorrect
output or returning incorrect value from raw binary write()
when writing to console on Windows.
- gh-123935: Fix parent slots detection for dataclasses that
inherit from classes with __dictoffset__.
- gh-122765: Fix unbalanced quote errors occurring when
activate.csh in venv was sourced with a custom prompt
containing unpaired quotes or newlines.
- gh-123370: Fix the canvas not clearing after running
turtledemo clock.
- gh-116810: Resolve a memory leak introduced in CPython
3.10s ssl when the ssl.SSLSocket.session property was
accessed. Speeds up read and write access to said property
by no longer unnecessarily cloning session objects via
serialization.
- gh-120754: Update unbounded read calls in zipfile to
specify an explicit size putting a limit on how much data
they may read. This also updates handling around ZIP max
comment size to match the standard instead of reading
comments that are one byte too long.
- gh-70764: Fixed an issue where inspect.getclosurevars()
would incorrectly classify an attribute name as a global
variable when the name exists both as an attribute name and
a global variable.
- gh-118289: posixpath.realpath() now raises
NotADirectoryError when strict mode is enabled and a
non-directory path with a trailing slash is supplied.
- gh-119826: Always return an absolute path for
os.path.abspath() on Windows.
- gh-117766: Always use str() to print choices in argparse.
- gh-101955: Fix SystemError when match regular expression
pattern containing some combination of possessive
quantifier, alternative and capture group.
- gh-88110: Fixed multiprocessing.Process reporting a
.exitcode of 1 even on success when using the "fork" start
method while using a concurrent.futures.ThreadPoolExecutor.
- gh-71936: Fix a race condition in
multiprocessing.pool.Pool.
- bpo-46128: Strip unittest.IsolatedAsyncioTestCase stack
frames from reported stacktraces.
- bpo-14074: Fix argparse metavar processing to allow
positional arguments to have a tuple metavar.
- IDLE
- gh-122392: Increase currently inadequate vertical spacing
for the IDLE browsers (path, module, and stack) on
high-resolution monitors.
- Documentation
- gh-126622: Added stub pages for removed modules explaining
their removal, where to find replacements, and linking to
the last Python version that supported them. Contributed by
Ned Batchelder.
- gh-125277: Require Sphinx 7.2.6 or later to build the
Python documentation. Patch by Adam Turner.
- gh-124872: Added definitions for context, current
context, and context management protocol, updated
related definitions to be consistent, and expanded the
documentation for contextvars.Context.
- gh-125018: The importlib.metadata documentation now
includes semantic cross-reference targets for the
significant documented APIs. This means intersphinx
references like importlib.metadata.version() will now work
as expected.
- gh-70870: Clarified the dual usage of the term “free
variable” (both the formal meaning of any reference
to names defined outside the local scope, and the
narrower pragmatic meaning of nonlocal variables named in
co_freevars).
- gh-121277: Writers of CPythons documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-60712: Include the object type in the lists of
documented types. Change by Furkan Onder and Martin Panter.
- bpo-34008: The Py_Main() documentation moved from the
“Very High Level API” section to the “Initialization and
Finalization” section.
- Also make it explicit that we expect Py_Main to
typically be called instead of Py_Initialize rather
than after it (since Py_Main makes its own call to
Py_Initialize). Document that calling both is supported
but is version dependent on which settings will be applied
correctly.
- Core and Builtins
- gh-113841: Fix possible undefined behavior division by zero
in complexs _Py_c_pow().
- gh-127020: Fix a crash in the free threading build
when PyCode_GetCode(), PyCode_GetVarnames(),
PyCode_GetCellvars(), or PyCode_GetFreevars() were called
from multiple threads at the same time.
- gh-126980: Fix __buffer__() of bytearray crashing when READ
or WRITE are passed as flags.
- gh-126881: Fix crash in finalization of dtoa state. Patch
by Kumar Aditya.
- gh-126341: Now ValueError is raised instead of SystemError
when trying to iterate over a released memoryview object.
- gh-126688: Fix a crash when calling os.fork() on some
operating systems, including SerenityOS.
- gh-126066: Fix importlib to not write an incomplete
.pyc files when a ulimit or some other operating system
mechanism is preventing the write to go through fully.
- gh-126312: Fix crash during garbage collection on an object
frozen by gc.freeze() on the free-threaded build.
- gh-126139: Provide better error location when attempting to
use a future statement with an unknown future feature.
- gh-126018: Fix a crash in sys.audit() when passing a
non-string as first argument and Python was compiled in
debug mode.
- gh-125942: On Android, the errors setting of sys.stdout was
changed from surrogateescape to backslashreplace.
- gh-125859: Fix a crash in the free threading build when
gc.get_objects() or gc.get_referrers() is called during an
in-progress garbage collection.
- gh-125703: Correctly honour tracemalloc hooks in
specialized Py_DECREF paths. Patch by Pablo Galindo
- gh-125593: Use color to highlight error locations in
traceback from exception group
- gh-125444: Fix illegal instruction for older Arm
architectures. Patch by Diego Russo, testing by Ross
Burton.
- gh-124375: Fix a crash in the free threading build when the
GC runs concurrently with a new thread starting.
- gh-125221: Fix possible race condition when calling
__reduce_ex__() for the first time in the free threading
build.
- gh-125038: Fix crash when iterating over a generator
expression after direct changes on gi_frame.f_locals. Patch
by Mikhail Efimov.
- gh-123378: Fix a crash in the __str__() method of
UnicodeError objects when the UnicodeError.start and
UnicodeError.end values are invalid or out-of-range. Patch
by Bénédikt Tran.
- gh-116510: Fix a crash caused by immortal interned strings
being shared between sub-interpreters that use basic
single-phase init. In that case, the string can be used
by an interpreter that outlives the interpreter that
created and interned it. For interpreters that share
obmalloc state, also share the interned dict with the main
interpreter.
- gh-122878: Use the pager binary, if available (e.g. on
Debian and derivatives), to display REPL help().
- gh-124188: Fix reading and decoding a line from the source
file witn non-UTF-8 encoding for syntax errors raised in
the compiler.
- gh-123930: Improve the error message when a script
shadowing a module from the standard library causes
ImportError to be raised during a “from” import. Similarly,
improve the error message when a script shadowing a third
party module attempts to “from” import an attribute from
that third party module while still initialising.
- gh-122907: Building with HAVE_DYNAMIC_LOADING
now works as well as it did in 3.12. Existing
deficiences will be addressed separately. (See
https://github.com/python/cpython/issues/122950.)
- gh-118950: Fix bug where SSLProtocol.connection_lost wasnt
getting called when OSError was thrown on writing to
socket.
- gh-113570: Fixed a bug in reprlib.repr where it incorrectly
called the repr method on shadowed Python built-in types.
- gh-109746: If _thread.start_new_thread() fails to start a
new thread, it deletes its state from interpreter and thus
avoids its repeated cleanup on finalization.
- C API
- gh-126554: Fix error handling in ctypes.CDLL objects which
could result in a crash in rare situations.
- gh-125608: Fix a bug where dictionary watchers
(e.g., PyDict_Watch()) on an objects attribute dictionary
(__dict__) were not triggered when the objects attributes
were modified.
- bpo-34008: Added Py_IsInitialized to the list of APIs that
are safe to call before the interpreter is initialized, and
updated the embedding tests to cover it.
- Build
- gh-123877: Set wasm32-wasip1 as the WASI target. The old
wasm32-wasi target is deprecated so it can be used for an
eventual WASI 1.0.
- gh-89640: Hard-code float word ordering as little endian on
WASM.
- gh-125940: The Android build now supports 16 KB page sizes.
- gh-89640: Improve detection of float word ordering on Linux
when link-time optimizations are enabled.
- gh-125269: Fix detection of whether -latomic is needed when
cross-compiling CPython using the configure script.
- gh-121634: Allow for specifying the target compile triple
for WASI.
- gh-122578: Use WASI SDK 24 for testing.
- gh-115382: Fix cross compile failures when the host and
target SOABIs match.
- Remove upstreamed patches:
- CVE-2024-9287-venv_path_unquoted.patch
-------------------------------------------------------------------
Fri Nov 29 12:14:59 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- Drop CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch, not needed
anymore because libexpat is updated to 2.6 in SP7. bsc#1233777
-------------------------------------------------------------------
Fri Nov 15 11:25:06 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Allow building with default LLVM version 19: just replace the
hard-coded LLVM_version in the scripts.
-------------------------------------------------------------------
Thu Nov 14 07:06:20 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Remove -IVendor/ from python-config boo#1231795
- Require exact clang18 and llvm18, because apparently CPython is
not ready for 19 yet (gh#python/cpython!125499).
-------------------------------------------------------------------
Thu Oct 24 16:09:00 UTC 2024 - Matej Cepl <mcepl@cepl.eu>

31
python313.spec
View File

@ -111,7 +111,7 @@
# %%define tarversion %%{version}
# %%endif
# We don't process beta signs well
%define folderversion 3.13.0
%define folderversion %{version}
%define sitedir %{_libdir}/python%{python_version}
# three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149
%define abi_kind %{nil}
@ -149,15 +149,15 @@
# _md5.cpython-38m-x86_64-linux-gnu.so
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
Name: %{python_pkg_name}%{psuffix}
Version: 3.13.0
%define tarversion 3.13.0
Version: 3.13.1
%define tarversion %{version}
%define tarname Python-%{tarversion}
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
URL: https://www.python.org/
Source0: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz
Source1: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz.asc
Source1: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz.sigstore
Source2: baselibs.conf
Source3: README.SUSE
Source4: externally_managed.in
@ -203,17 +203,12 @@ Patch07: bpo-31046_ensurepip_honours_prefix.patch
# PATCH-FIX-SLE skip-test_pyobject_freed_is_freed.patch mcepl@suse.com
# skip a test failing on SLE-15
Patch09: skip-test_pyobject_freed_is_freed.patch
# PATCH-FIX-OPENSUSE CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
# This problem on libexpat is patched on 15.6 without version
# update, this patch changes the tests to match the libexpat provided
# by SUSE
Patch39: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
# PATCH-FIX-OPENSUSE fix-test-recursion-limit-15.6.patch gh#python/cpython#115083
# Skip some failing tests in test_compile for i586 arch in 15.6.
Patch40: fix-test-recursion-limit-15.6.patch
# PATCH-FIX-UPSTREAM CVE-2024-9287-venv_path_unquoted.patch gh#python/cpython#124651 mcepl@suse.com
# venv should properly quote path names provided when creating a venv
Patch41: CVE-2024-9287-venv_path_unquoted.patch
# PATCH-FIX-UPSTREAM CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch bsc#1234290 mcepl@suse.com
# prevents exhaustion of memory
Patch41: CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@ -257,8 +252,8 @@ BuildRequires: python3-python-docs-theme >= 2022.1
%if %{with experimental_jit}
# needed for experimental_jit
BuildRequires: clang => 18
BuildRequires: llvm => 18
BuildRequires: clang >= 18
BuildRequires: llvm >= 18
%endif
%if %{without GIL}
@ -495,8 +490,7 @@ This package contains libpython3.2 shared library for embedding in
other applications.
%prep
%setup -q -n %{tarname}
%autopatch -p1
%autosetup -p1 -n %{tarname}
# Fix devhelp doc build gh#python/cpython#120150
echo "master_doc = 'contents'" >> Doc/conf.py
@ -504,6 +498,8 @@ echo "master_doc = 'contents'" >> Doc/conf.py
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
sed -i "s/_LLVM_VERSION = .*/_LLVM_VERSION = $(realpath /usr/bin/clang | awk -F- '{print $2}')/g" ./Tools/jit/_llvm.py
%if %{primary_interpreter}
# fix shebangs - convert /usr/local/bin/python and /usr/bin/env/python to /usr/bin/python3
for dir in Lib Tools; do
@ -836,6 +832,9 @@ install -m 755 -D Tools/gdb/libpython.py %{buildroot}%{_datadir}/gdb/auto-load/%
# install devel files to /config
#cp Makefile Makefile.pre.in Makefile.pre $RPM_BUILD_ROOT%{sitedir}/config-%{python_abi}/
# Remove -IVendor/ from python-config boo#1231795
sed -i 's/-IVendor\///' %{buildroot}%{_bindir}/python%{python_abi}-config
# RPM macros
%if %{primary_interpreter}
mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d/