diff --git a/CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch b/CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch deleted file mode 100644 index fc8d1ef..0000000 --- a/CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bfc2e93d755bf496e5ef4cae9609d2823122c909 Mon Sep 17 00:00:00 2001 -From: "J. Nick Koston" -Date: Thu, 5 Dec 2024 10:01:10 -0600 -Subject: [PATCH 01/10] Ensure writelines pauses the protocol if needed - ---- - Lib/asyncio/selector_events.py | 1 - Lib/test/test_asyncio/test_selector_events.py | 12 ++++++++++ - Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst | 1 - 3 files changed, 14 insertions(+) - ---- a/Lib/asyncio/selector_events.py -+++ b/Lib/asyncio/selector_events.py -@@ -1175,6 +1175,7 @@ class _SelectorSocketTransport(_Selector - # If the entire buffer couldn't be written, register a write handler - if self._buffer: - self._loop._add_writer(self._sock_fd, self._write_ready) -+ self._maybe_pause_protocol() - - def can_write_eof(self): - return True ---- a/Lib/test/test_asyncio/test_selector_events.py -+++ b/Lib/test/test_asyncio/test_selector_events.py -@@ -805,6 +805,18 @@ class SelectorSocketTransportTests(test_ - self.assertTrue(self.sock.send.called) - self.assertTrue(self.loop.writers) - -+ def test_writelines_pauses_protocol(self): -+ data = memoryview(b'data') -+ self.sock.send.return_value = 2 -+ self.sock.send.fileno.return_value = 7 -+ -+ transport = self.socket_transport() -+ transport._high_water = 1 -+ transport.writelines([data]) -+ self.assertTrue(self.protocol.pause_writing.called) -+ self.assertTrue(self.sock.send.called) -+ self.assertTrue(self.loop.writers) -+ - @unittest.skipUnless(selector_events._HAS_SENDMSG, 'no sendmsg') - def test_write_sendmsg_full(self): - data = memoryview(b'data') ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst -@@ -0,0 +1 @@ -+Fixed the :class:`!asyncio.selector_events._SelectorSocketTransport` transport not pausing writes for the protocol when the buffer reaches the high water mark when using :meth:`asyncio.WriteTransport.writelines`. diff --git a/Python-3.13.1.tar.xz b/Python-3.13.1.tar.xz deleted file mode 100644 index b7a3d58..0000000 --- a/Python-3.13.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9cf9427bee9e2242e3877dd0f6b641c1853ca461f39d6503ce260a59c80bf0d9 -size 22589692 diff --git a/Python-3.13.1.tar.xz.sigstore b/Python-3.13.1.tar.xz.sigstore deleted file mode 100644 index c3e3336..0000000 --- a/Python-3.13.1.tar.xz.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyjCCAk+gAwIBAgIUfiRo0msP4Btyv4YsT7fbfQRyL44wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQxMjAzMTkwNzExWhcNMjQxMjAzMTkxNzExWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgyPfiH2kHYV7DceSflRFlp5btDS/pzMbY7rGcU3/C6c+yjG51eHdE3fUoe67CXuHOwbgIPQNHwVyA/dqkr29JKOCAW4wggFqMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUsEpdJycICdqLVYOxzZ+3oce6bZgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGJBgorBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGTjetYvwAABAMARjBEAiBEl+lmHciXxSTROv68p7UQzS1OQoN18xhfAXwV0xLiKwIgAr+FYa/WMHhvwIr/LRmVCsEGM+drSpXc1TsRRKZUOe0wCgYIKoZIzj0EAwMDaQAwZgIxAOQBkKlywlTHYpHXwx7+W00RYgxWXXweL7k5hkOlyzyy+wxA9Z2EwkQ2K495VlzuQwIxAL7feRY0xgdEyHCUE7tOwjnmCc1Rx/DqU/IURk398WWzZgR02sVQks7Tbm6GknYBBg=="}, "tlogEntries": [{"logIndex": "153126388", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1733252831", "inclusionPromise": {"signedEntryTimestamp": "MEUCIEr6ERelNiQ0shguyVEIZr62jZOmkiRvFDab0vH/+TyPAiEA7wjmefhpgSGj9OZK5OLyFERJmCdOAyo0ugYvcvo/BRI="}, "inclusionProof": {"logIndex": "31222126", "rootHash": "bw8DUGFtTR8UX3p/PsDBTOd7+9XoUhpc9p9rx8iBudU=", "treeSize": "31222127", "hashes": ["VDJuQRvWiSGKYaVUeg1KQzTOcArB3z4zhlKXQiCXpBA=", "d4PXrjiAFZkT0q5LEqDIKdp/3LzyJNDT3ieTmTFo/hk=", "hpWulX1/EJ4WX5RZYHRuNoNQPY022IQxlvT6PQdo0zM=", "Der2RBJcWt5krDHF37vOqiTIMOPFBfJYHpEzH2AFz94=", "50fxHcr98Af7eRu0IaTdqt95Xr1ex/qKGF8Gp4SWOWg=", "Xdd/TFK+GoJvuW1nyelo2knYtds5k/Go6cPMSEa6MAg=", "6d4xqhjtBqvVigZuo5cpcPrzEjWB2pnhc9sKleMMhto=", "tH2CD4P6s9/APjnJWsTvHjNo8l825tfN4DUr+zItATY=", "AYwr74Bm2w383UnS7DdbZUUAhusq28JoxKpWrQ7OvGQ=", "u+yWmGIR6sAH32wiSy22mz1Yf+jfPdBTjFbyRISuTZw=", "3eFC7Gp4fWecybDOAw9uUTrM1xB7YRYRAGsfYkiQbV8=", "1uKk2qjOliHMiTk906jrchP8mXWsRG8apaU1sa0lfh0=", "oOecFfN3YqDOkbijS/ej1WF5Da/Gt/AZNhbwE9uoOE8=", "4lUF0YOu9XkIDXKXA0wMSzd6VeDY3TZAgmoOeWmS2+Y=", "gf+9m552B3PnkWnO0o4KdVvjcT3WVHLrCbf1DoVYKFw="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n31222127\nbw8DUGFtTR8UX3p/PsDBTOd7+9XoUhpc9p9rx8iBudU=\n\n\u2014 rekor.sigstore.dev wNI9ajBDAh9aKBYaMe0sjCiN7C4kOKDmZcatnj6bJnRXihklmSI0AiAYKc0QI8JdydiiPPfM7JezFEypOIF9c7nD9OegcFT8mw==\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI5Y2Y5NDI3YmVlOWUyMjQyZTM4NzdkZDBmNmI2NDFjMTg1M2NhNDYxZjM5ZDY1MDNjZTI2MGE1OWM4MGJmMGQ5In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FWUNJUUROY0lGSlBMNEwwK25YVGtUSVZmVCtUd20yYUlleW9iNUYrenFFUWZVejdRSWhBS2JHTkFlbVp5VVdQYkNZb2lQTmNDYXpkWUpqWGNORGMxQzBSRmlicWwwRiIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVha05EUVdzclowRjNTVUpCWjBsVlptbFNiekJ0YzFBMFFuUjVkalJaYzFRM1ptSm1VVko1VERRMGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJlRTFxUVhwTlZHdDNUbnBGZUZkb1kwNU5hbEY0VFdwQmVrMVVhM2hPZWtWNFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZuZVZCbWFVZ3lhMGhaVmpkRVkyVlRabXhTUm14d05XSjBSRk12Y0hwTllsazNja2NLWTFVekwwTTJZeXQ1YWtjMU1XVklaRVV6WmxWdlpUWTNRMWgxU0U5M1ltZEpVRkZPU0hkV2VVRXZaSEZyY2pJNVNrdFBRMEZYTkhkblowWnhUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZ6UlhCa0NrcDVZMGxEWkhGTVZsbFBlSHBhS3pOdlkyVTJZbHBuZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIwcENaMjl5UW1kRlJVRmtXalZCWjFGRFFraHpSV1ZSUWpNS1FVaFZRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIVkdwbGRGbDJkMEZCUWtGTlFRcFNha0pGUVdsQ1JXd3JiRzFJWTJsWWVGTlVVazkyTmpod04xVlJlbE14VDFGdlRqRTRlR2htUVZoM1ZqQjRUR2xMZDBsblFYSXJSbGxoTDFkTlNHaDJDbmRKY2k5TVVtMVdRM05GUjAwclpISlRjRmhqTVZSelVsSkxXbFZQWlRCM1EyZFpTVXR2V2tsNmFqQkZRWGROUkdGUlFYZGFaMGw0UVU5UlFtdExiSGtLZDJ4VVNGbHdTRmgzZURjclZ6QXdVbGxuZUZkWVdIZGxURGRyTldoclQyeDVlbmw1SzNkNFFUbGFNa1YzYTFFeVN6UTVOVlpzZW5WUmQwbDRRVXczWmdwbFVsa3dlR2RrUlhsSVExVkZOM1JQZDJwdWJVTmpNVko0TDBSeFZTOUpWVkpyTXprNFYxZDZXbWRTTURKelZsRnJjemRVWW0wMlIydHVXVUpDWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}]}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "nPlCe+6eIkLjh33Q9rZBwYU8pGHznWUDziYKWcgL8Nk="}, "signature": "MEYCIQDNcIFJPL4L0+nXTkTIVfT+Twm2aIeyob5F+zqEQfUz7QIhAKbGNAemZyUWPbCYoiPNcCazdYJjXcNDc1C0RFibql0F"}} diff --git a/Python-3.13.2.tar.xz b/Python-3.13.2.tar.xz new file mode 100644 index 0000000..a64a7f0 --- /dev/null +++ b/Python-3.13.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d984bcc57cd67caab26f7def42e523b1c015bbc5dc07836cf4f0b63fa159eb56 +size 22621108 diff --git a/Python-3.13.2.tar.xz.sigstore b/Python-3.13.2.tar.xz.sigstore new file mode 100644 index 0000000..8b40472 --- /dev/null +++ b/Python-3.13.2.tar.xz.sigstore @@ -0,0 +1 @@ +{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyjCCAk+gAwIBAgIUD4NQdNCt1/K/JvAVyjbYigv67kIwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwMjA0MTg0NTIwWhcNMjUwMjA0MTg1NTIwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbqber3xDbIeHx40nXMQZcd3gsTxtq8e1TFD0eK7Im8V+dqVIRPey2E6BcnbwGMvL1q1qmTwGdUn5RPbFaehz7qOCAW4wggFqMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUSuhJIwDMV36A3eaykAuKcN4RnOEwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGJBgorBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGU0kf7wwAABAMARjBEAiAfqmC3I+sDSrXCjgOsO6Ur44c7jeAGRRwc7KdbXRBMzgIgAgcS4SWPdkxXIHicW4DulEn3ulaL3FVHBRLoNQW0JTcwCgYIKoZIzj0EAwMDaQAwZgIxAJ2T2M+pFCUERzOgZct1jxZpk9pgSQyuBU57U4/Hj3xKC12+PDgGcikx1FrC1wwr5wIxAJ156hL8usRvVGskEtmpiuTbaT9+zPgDjWfkvhx6b3Pdrn08XaQJ9EN9jiLrbeBM9g=="}, "tlogEntries": [{"logIndex": "168670065", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1738694720", "inclusionPromise": {"signedEntryTimestamp": "MEUCIAekV+blODko91xI2vm15TtdYBXhj8UF28Yt+cMx33rrAiEA0A6bc18P1q3drg9y9nR53/m8DXoKwsTEZm5yZ5+JFa4="}, "inclusionProof": {"logIndex": "46765803", "rootHash": "33ULyWL9ydLeQexNIooy3SJNY9i3ryqihkcOKvsQFF4=", "treeSize": "46765804", "hashes": ["3v2kqP/86p78AkWzBhXN+cNw9IypWJVk1oLovoNewtw=", "hymqDI9hjW2a2SKx04PIeTgJIL2IITHnQP5iCfIzoKM=", "om9oCy1VrcALPEQhPkoPogYSHHCAjFbWSLZJuHEfapo=", "opVQSZr0TT+f4kq/+ypm8ifo78VX/rg2sMxpk3Q6ZYQ=", "u+Mk6XwpHu128vzvk1pAczTT6FfryNB+dIhXYEj/H8c=", "625NsawEzZEukjE6mmJJ6hFySLGojGI4BGm8cRxwv68=", "5S8IyLnwlAhLZBEUNH1SaLO2dckc8NKwnGVgAO+3QQI=", "3onlfMyeVMDSIvH0BhkTTMYIWUuOZa+vitTl74eA7yo=", "TgYmpZ2JTTWko4kWZxTIAYkJpJpeOjVCg6ICKYnUS+8=", "PAMmlBIG22MGowjyiChYp5iB6NiTRa0xKI2vnvpExek=", "NS61TOUCaTiUJotPDnr7bTP/1ogKsWSnbgDlk1uvGzM=", "MvEBWaRrd43Pq04mjOFzGW9RiqBSzMBfuFXKBIVtQnc=", "Zse3BPkR/cJv62LvVuiDH+EpgIE5v3V3qXdG8HQFf1A=", "jU9+tgjTIKUYGeU7T7RjqyL+F+gFV9tCdwX2GZ1UtQs=", "vemyaMj0Na1LMjbB/9Dmkq8T+jAb3o+yCESgAayUABU="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n46765804\n33ULyWL9ydLeQexNIooy3SJNY9i3ryqihkcOKvsQFF4=\n\n\u2014 rekor.sigstore.dev wNI9ajBGAiEA+12Y0eYDOViIlr8UQrapNyarHE/PGGfC7iXrAHr0R2cCIQC0FJWVaUHoTxuMaM3KvZaY1toGa6U5sj9BcrhnwcEQ8A==\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJkOTg0YmNjNTdjZDY3Y2FhYjI2ZjdkZWY0MmU1MjNiMWMwMTViYmM1ZGMwNzgzNmNmNGYwYjYzZmExNTllYjU2In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUNMQXBvUGEvQ0FZbVAxS0FSQ3Vmb1J6L1V2RVJhbDRKcnNkNXl4NmtleHpnSWdicEFIaUFTSjBDY2FKZm5LczFzL0VtZW0ybDNyT2svODdITVZaR0gwUUlJPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVha05EUVdzclowRjNTVUpCWjBsVlJEUk9VV1JPUTNReEwwc3ZTblpCVm5scVlsbHBaM1kyTjJ0SmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDFxUVRCTlZHY3dUbFJKZDFkb1kwNU5hbFYzVFdwQk1FMVVaekZPVkVsM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZpY1dKbGNqTjRSR0pKWlVoNE5EQnVXRTFSV21Oa00yZHpWSGgwY1RobE1WUkdSREFLWlVzM1NXMDRWaXRrY1ZaSlVsQmxlVEpGTmtKamJtSjNSMDEyVERGeE1YRnRWSGRIWkZWdU5WSlFZa1poWldoNk4zRlBRMEZYTkhkblowWnhUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZUZFdoS0NrbDNSRTFXTXpaQk0yVmhlV3RCZFV0alRqUlNiazlGZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIwcENaMjl5UW1kRlJVRmtXalZCWjFGRFFraHpSV1ZSUWpNS1FVaFZRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIVlRCclpqZDNkMEZCUWtGTlFRcFNha0pGUVdsQlpuRnRRek5KSzNORVUzSllRMnBuVDNOUE5sVnlORFJqTjJwbFFVZFNVbmRqTjB0a1lsaFNRazE2WjBsblFXZGpVelJUVjFCa2EzaFlDa2xJYVdOWE5FUjFiRVZ1TTNWc1lVd3pSbFpJUWxKTWIwNVJWekJLVkdOM1EyZFpTVXR2V2tsNmFqQkZRWGROUkdGUlFYZGFaMGw0UVVveVZESk5LM0FLUmtOVlJWSjZUMmRhWTNReGFuaGFjR3M1Y0dkVFVYbDFRbFUxTjFVMEwwaHFNM2hMUXpFeUsxQkVaMGRqYVd0NE1VWnlRekYzZDNJMWQwbDRRVW94TlFvMmFFdzRkWE5TZGxaSGMydEZkRzF3YVhWVVltRlVPU3Q2VUdkRWFsZG1hM1pvZURaaU0xQmtjbTR3T0ZoaFVVbzVSVTQ1YW1sTWNtSmxRazA1WnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "2YS8xXzWfKqyb33vQuUjscAVu8XcB4Ns9PC2P6FZ61Y="}, "signature": "MEUCIQCLApoPa/CAYmP1KARCufoRz/UvERal4Jrsd5yx6kexzgIgbpAHiASJ0CcaJfnKs1s/Emem2l3rOk/87HMVZGH0QII="}} diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch index d2a5ad9..98c61a0 100644 --- a/bpo-31046_ensurepip_honours_prefix.patch +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -139,7 +139,7 @@ Co-Authored-By: Xavier de Gaye --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -2157,7 +2157,7 @@ install: @FRAMEWORKINSTALLFIRST@ @INSTAL +@@ -2139,7 +2139,7 @@ install: @FRAMEWORKINSTALLFIRST@ @INSTAL install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -148,7 +148,7 @@ Co-Authored-By: Xavier de Gaye fi .PHONY: altinstall -@@ -2168,7 +2168,7 @@ altinstall: commoninstall +@@ -2150,7 +2150,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ diff --git a/doc-py38-to-py36.patch b/doc-py38-to-py36.patch new file mode 100644 index 0000000..baf1d0a --- /dev/null +++ b/doc-py38-to-py36.patch @@ -0,0 +1,468 @@ +--- + Doc/conf.py | 17 ++++++++-- + Doc/tools/check-warnings.py | 3 + + Doc/tools/extensions/audit_events.py | 54 ++++++++++++++++---------------- + Doc/tools/extensions/availability.py | 15 ++++---- + Doc/tools/extensions/c_annotations.py | 45 ++++++++++++++++---------- + Doc/tools/extensions/glossary_search.py | 10 +---- + Doc/tools/extensions/patchlevel.py | 9 ++--- + 7 files changed, 87 insertions(+), 66 deletions(-) + +--- a/Doc/conf.py ++++ b/Doc/conf.py +@@ -17,6 +17,9 @@ sys.path.append(os.path.abspath('include + # Python specific content from Doc/Tools/extensions/pyspecific.py + from pyspecific import SOURCE_URI + ++# Needed for fixing extlinks modification ++from sphinx import version_info as sphinx_version ++ + # General configuration + # --------------------- + +@@ -90,7 +93,7 @@ highlight_language = 'python3' + + # Minimum version of sphinx required + # Keep this version in sync with ``Doc/requirements.txt``. +-needs_sphinx = '8.1.3' ++needs_sphinx = '4.2.0' + + # Create table of contents entries for domain objects (e.g. functions, classes, + # attributes, etc.). Default is True. +@@ -359,7 +362,7 @@ html_short_title = f'{release} Documenta + # (See .readthedocs.yml and https://docs.readthedocs.io/en/stable/reference/environment-variables.html) + is_deployment_preview = os.getenv("READTHEDOCS_VERSION_TYPE") == "external" + repository_url = os.getenv("READTHEDOCS_GIT_CLONE_URL", "") +-repository_url = repository_url.removesuffix(".git") ++repository_url = repository_url[:-len(".git")] + html_context = { + "is_deployment_preview": is_deployment_preview, + "repository_url": repository_url or None, +@@ -604,6 +607,16 @@ extlinks = { + } + extlinks_detect_hardcoded_links = True + ++if sphinx_version[:2] < (8, 1): ++ # Sphinx 8.1 has in-built CVE and CWE roles. ++ extlinks.update({ ++ "cve": ( ++ "https://www.cve.org/CVERecord?id=CVE-%s", ++ "CVE-%s", ++ ), ++ "cwe": ("https://cwe.mitre.org/data/definitions/%s.html", "CWE-%s"), ++ }) ++ + # Options for c_annotations extension + # ----------------------------------- + +--- a/Doc/tools/check-warnings.py ++++ b/Doc/tools/check-warnings.py +@@ -228,7 +228,8 @@ def fail_if_regression( + print(filename) + for warning in warnings: + if filename in warning: +- if match := WARNING_PATTERN.fullmatch(warning): ++ match = WARNING_PATTERN.fullmatch(warning) ++ if match: + print(" {line}: {msg}".format_map(match)) + return -1 + return 0 +--- a/Doc/tools/extensions/audit_events.py ++++ b/Doc/tools/extensions/audit_events.py +@@ -1,9 +1,6 @@ + """Support for documenting audit events.""" + +-from __future__ import annotations +- + import re +-from typing import TYPE_CHECKING + + from docutils import nodes + from sphinx.errors import NoUri +@@ -12,12 +9,11 @@ from sphinx.transforms.post_transforms i + from sphinx.util import logging + from sphinx.util.docutils import SphinxDirective + +-if TYPE_CHECKING: +- from collections.abc import Iterator ++from typing import Any, List, Tuple + +- from sphinx.application import Sphinx +- from sphinx.builders import Builder +- from sphinx.environment import BuildEnvironment ++from sphinx.application import Sphinx ++from sphinx.builders import Builder ++from sphinx.environment import BuildEnvironment + + logger = logging.getLogger(__name__) + +@@ -32,16 +28,16 @@ _SYNONYMS = [ + + class AuditEvents: + def __init__(self) -> None: +- self.events: dict[str, list[str]] = {} +- self.sources: dict[str, list[tuple[str, str]]] = {} ++ self.events: dict[str, List[str]] = {} ++ self.sources: dict[str, List[Tuple[str, str]]] = {} + +- def __iter__(self) -> Iterator[tuple[str, list[str], tuple[str, str]]]: ++ def __iter__(self) -> Any: + for name, args in self.events.items(): + for source in self.sources[name]: + yield name, args, source + + def add_event( +- self, name, args: list[str], source: tuple[str, str] ++ self, name, args: List[str], source: Tuple[str, str] + ) -> None: + if name in self.events: + self._check_args_match(name, args) +@@ -49,7 +45,7 @@ class AuditEvents: + self.events[name] = args + self.sources.setdefault(name, []).append(source) + +- def _check_args_match(self, name: str, args: list[str]) -> None: ++ def _check_args_match(self, name: str, args: List[str]) -> None: + current_args = self.events[name] + msg = ( + f"Mismatched arguments for audit-event {name}: " +@@ -60,7 +56,7 @@ class AuditEvents: + if len(current_args) != len(args): + logger.warning(msg) + return +- for a1, a2 in zip(current_args, args, strict=False): ++ for a1, a2 in zip(current_args, args): + if a1 == a2: + continue + if any(a1 in s and a2 in s for s in _SYNONYMS): +@@ -73,7 +69,7 @@ class AuditEvents: + name_clean = re.sub(r"\W", "_", name) + return f"audit_event_{name_clean}_{source_count}" + +- def rows(self) -> Iterator[tuple[str, list[str], list[tuple[str, str]]]]: ++ def rows(self) -> Any: + for name in sorted(self.events.keys()): + yield name, self.events[name], self.sources[name] + +@@ -97,7 +93,7 @@ def audit_events_purge( + def audit_events_merge( + app: Sphinx, + env: BuildEnvironment, +- docnames: list[str], ++ docnames: List[str], + other: BuildEnvironment, + ) -> None: + """In Sphinx parallel builds, this merges audit_events from subprocesses.""" +@@ -126,14 +122,16 @@ class AuditEvent(SphinxDirective): + ), + ] + +- def run(self) -> list[nodes.paragraph]: ++ def run(self) -> List[nodes.paragraph]: ++ def _no_walrus_op(args): ++ for arg in args.strip("'\"").split(","): ++ aarg = arg.strip() ++ if aarg: ++ yield aarg ++ + name = self.arguments[0] + if len(self.arguments) >= 2 and self.arguments[1]: +- args = [ +- arg +- for argument in self.arguments[1].strip("'\"").split(",") +- if (arg := argument.strip()) +- ] ++ args = list(_no_walrus_op(self.arguments[1])) + else: + args = [] + ids = [] +@@ -169,7 +167,7 @@ class audit_event_list(nodes.General, no + + + class AuditEventListDirective(SphinxDirective): +- def run(self) -> list[audit_event_list]: ++ def run(self) -> List[audit_event_list]: + return [audit_event_list()] + + +@@ -181,7 +179,11 @@ class AuditEventListTransform(SphinxPost + return + + table = self._make_table(self.app.builder, self.env.docname) +- for node in self.document.findall(audit_event_list): ++ try: ++ findall = self.document.findall ++ except AttributeError: ++ findall = self.document.traverse ++ for node in findall(audit_event_list): + node.replace_self(table) + + def _make_table(self, builder: Builder, docname: str) -> nodes.table: +@@ -217,8 +219,8 @@ class AuditEventListTransform(SphinxPost + builder: Builder, + docname: str, + name: str, +- args: list[str], +- sources: list[tuple[str, str]], ++ args: List[str], ++ sources: List[Tuple[str, str]], + ) -> nodes.row: + row = nodes.row() + name_node = nodes.paragraph("", nodes.Text(name)) +--- a/Doc/tools/extensions/availability.py ++++ b/Doc/tools/extensions/availability.py +@@ -1,8 +1,6 @@ + """Support for documenting platform availability""" + +-from __future__ import annotations +- +-from typing import TYPE_CHECKING ++from typing import Dict, List, TYPE_CHECKING, Union + + from docutils import nodes + from sphinx import addnodes +@@ -55,7 +53,7 @@ class Availability(SphinxDirective): + optional_arguments = 0 + final_argument_whitespace = True + +- def run(self) -> list[nodes.container]: ++ def run(self) -> List[nodes.container]: + title = sphinx_gettext("Availability") + refnode = addnodes.pending_xref( + title, +@@ -79,7 +77,7 @@ class Availability(SphinxDirective): + + return [cnode] + +- def parse_platforms(self) -> dict[str, str | bool]: ++ def parse_platforms(self) -> Dict[str, Union[str, bool]]: + """Parse platform information from arguments + + Arguments is a comma-separated string of platforms. A platform may +@@ -98,12 +96,13 @@ class Availability(SphinxDirective): + platform, _, version = arg.partition(" >= ") + if platform.startswith("not "): + version = False +- platform = platform.removeprefix("not ") ++ platform = platform[len("not "):] + elif not version: + version = True + platforms[platform] = version + +- if unknown := set(platforms).difference(KNOWN_PLATFORMS): ++ unknown = set(platforms).difference(KNOWN_PLATFORMS) ++ if unknown: + logger.warning( + "Unknown platform%s or syntax '%s' in '.. availability:: %s', " + "see %s:KNOWN_PLATFORMS for a set of known platforms.", +@@ -116,7 +115,7 @@ class Availability(SphinxDirective): + return platforms + + +-def setup(app: Sphinx) -> ExtensionMetadata: ++def setup(app): + app.add_directive("availability", Availability) + + return { +--- a/Doc/tools/extensions/c_annotations.py ++++ b/Doc/tools/extensions/c_annotations.py +@@ -9,22 +9,18 @@ Configuration: + * Set ``stable_abi_file`` to the path to stable ABI list. + """ + +-from __future__ import annotations +- + import csv + import dataclasses + from pathlib import Path +-from typing import TYPE_CHECKING ++from typing import Any, Dict, List, TYPE_CHECKING, Union + + from docutils import nodes + from docutils.statemachine import StringList +-from sphinx import addnodes ++from sphinx import addnodes, version_info + from sphinx.locale import _ as sphinx_gettext + from sphinx.util.docutils import SphinxDirective + +-if TYPE_CHECKING: +- from sphinx.application import Sphinx +- from sphinx.util.typing import ExtensionMetadata ++from sphinx.application import Sphinx + + ROLE_TO_OBJECT_TYPE = { + "func": "function", +@@ -35,20 +31,20 @@ ROLE_TO_OBJECT_TYPE = { + } + + +-@dataclasses.dataclass(slots=True) ++@dataclasses.dataclass() + class RefCountEntry: + # Name of the function. + name: str + # List of (argument name, type, refcount effect) tuples. + # (Currently not used. If it was, a dataclass might work better.) +- args: list = dataclasses.field(default_factory=list) ++ args: List = dataclasses.field(default_factory=list) + # Return type of the function. + result_type: str = "" + # Reference count effect for the return value. +- result_refs: int | None = None ++ result_refs: Union[int, None] = None + + +-@dataclasses.dataclass(frozen=True, slots=True) ++@dataclasses.dataclass(frozen=True) + class StableABIEntry: + # Role of the object. + # Source: Each [item_kind] in stable_abi.toml is mapped to a C Domain role. +@@ -67,7 +63,7 @@ class StableABIEntry: + struct_abi_kind: str + + +-def read_refcount_data(refcount_filename: Path) -> dict[str, RefCountEntry]: ++def read_refcount_data(refcount_filename: Path) -> Dict[str, RefCountEntry]: + refcount_data = {} + refcounts = refcount_filename.read_text(encoding="utf8") + for line in refcounts.splitlines(): +@@ -103,7 +99,7 @@ def read_refcount_data(refcount_filename + return refcount_data + + +-def read_stable_abi_data(stable_abi_file: Path) -> dict[str, StableABIEntry]: ++def read_stable_abi_data(stable_abi_file: Path) -> Dict[str, StableABIEntry]: + stable_abi_data = {} + with open(stable_abi_file, encoding="utf8") as fp: + for record in csv.DictReader(fp): +@@ -123,11 +119,14 @@ def add_annotations(app: Sphinx, doctree + continue + if not par[0].get("ids", None): + continue +- name = par[0]["ids"][0].removeprefix("c.") ++ name = par[0]["ids"][0] ++ if name.startswith("c."): ++ name = name[len("c."):] + objtype = par["objtype"] + + # Stable ABI annotation. +- if record := stable_abi_data.get(name): ++ record = stable_abi_data.get(name) ++ if record: + if ROLE_TO_OBJECT_TYPE[record.role] != objtype: + msg = ( + f"Object type mismatch in limited API annotation for {name}: " +@@ -234,7 +233,7 @@ def _unstable_api_annotation() -> nodes. + ) + + +-def _return_value_annotation(result_refs: int | None) -> nodes.emphasis: ++def _return_value_annotation(result_refs: Union[int, None]) -> nodes.emphasis: + classes = ["refcount"] + if result_refs is None: + rc = sphinx_gettext("Return value: Always NULL.") +@@ -254,7 +253,7 @@ class LimitedAPIList(SphinxDirective): + optional_arguments = 0 + final_argument_whitespace = True + +- def run(self) -> list[nodes.Node]: ++ def run(self) -> List[nodes.Node]: + state = self.env.domaindata["c_annotations"] + content = [ + f"* :c:{record.role}:`{record.name}`" +@@ -277,13 +276,23 @@ def init_annotations(app: Sphinx) -> Non + ) + + +-def setup(app: Sphinx) -> ExtensionMetadata: ++def setup(app: Sphinx) -> Any: + app.add_config_value("refcount_file", "", "env", types={str}) + app.add_config_value("stable_abi_file", "", "env", types={str}) + app.add_directive("limited-api-list", LimitedAPIList) + app.connect("builder-inited", init_annotations) + app.connect("doctree-read", add_annotations) + ++ if version_info[:2] < (7, 2): ++ from docutils.parsers.rst import directives ++ from sphinx.domains.c import CObject ++ ++ # monkey-patch C object... ++ CObject.option_spec.update({ ++ "no-index-entry": directives.flag, ++ "no-contents-entry": directives.flag, ++ }) ++ + return { + "version": "1.0", + "parallel_read_safe": True, +--- a/Doc/tools/extensions/glossary_search.py ++++ b/Doc/tools/extensions/glossary_search.py +@@ -1,18 +1,14 @@ + """Feature search results for glossary items prominently.""" + +-from __future__ import annotations +- + import json + from pathlib import Path +-from typing import TYPE_CHECKING ++from typing import Any, TYPE_CHECKING + + from docutils import nodes + from sphinx.addnodes import glossary + from sphinx.util import logging + +-if TYPE_CHECKING: +- from sphinx.application import Sphinx +- from sphinx.util.typing import ExtensionMetadata ++from sphinx.application import Sphinx + + logger = logging.getLogger(__name__) + +@@ -52,7 +48,7 @@ def write_glossary_json(app: Sphinx, _ex + dest.write_text(json.dumps(app.env.glossary_terms), encoding='utf-8') + + +-def setup(app: Sphinx) -> ExtensionMetadata: ++def setup(app: Sphinx) -> Any: + app.connect('doctree-resolved', process_glossary_nodes) + app.connect('build-finished', write_glossary_json) + +--- a/Doc/tools/extensions/patchlevel.py ++++ b/Doc/tools/extensions/patchlevel.py +@@ -3,7 +3,7 @@ + import re + import sys + from pathlib import Path +-from typing import Literal, NamedTuple ++from typing import NamedTuple, Tuple + + CPYTHON_ROOT = Path( + __file__, # cpython/Doc/tools/extensions/patchlevel.py +@@ -26,7 +26,7 @@ class version_info(NamedTuple): # noqa: + major: int #: Major release number + minor: int #: Minor release number + micro: int #: Patch release number +- releaselevel: Literal["alpha", "beta", "candidate", "final"] ++ releaselevel: str + serial: int #: Serial release number + + +@@ -37,7 +37,8 @@ def get_header_version_info() -> version + defines = {} + patchlevel_h = PATCHLEVEL_H.read_text(encoding="utf-8") + for line in patchlevel_h.splitlines(): +- if (m := pat.match(line)) is not None: ++ m = pat.match(line) ++ if m is not None: + name, value = m.groups() + defines[name] = value + +@@ -50,7 +51,7 @@ def get_header_version_info() -> version + ) + + +-def format_version_info(info: version_info) -> tuple[str, str]: ++def format_version_info(info: version_info) -> Tuple[str, str]: + version = f"{info.major}.{info.minor}" + release = f"{info.major}.{info.minor}.{info.micro}" + if info.releaselevel != "final": diff --git a/python313.changes b/python313.changes index 5cc4eec..2dddbfb 100644 --- a/python313.changes +++ b/python313.changes @@ -1,3 +1,282 @@ +------------------------------------------------------------------- +Wed Feb 5 09:13:26 UTC 2025 - Matej Cepl + +- Update to 3.13.2: + - Tools/Demos + - gh-128152: Fix a bug where Argument Clinic’s C + pre-processor parser tried to parse pre-processor + directives inside C comments. Patch by Erlend Aasland. + - Tests + - gh-127906: Test the limited C API in test_cppext. Patch by + Victor Stinner. + - gh-127637: Add tests for the dis command-line + interface. Patch by Bénédikt Tran. + - gh-126925: iOS test results are now streamed during test + execution, and the deprecated xcresulttool is no longer + used. + - Security + - gh-105704: When using urllib.parse.urlsplit() and + urllib.parse.urlparse() host parsing would not reject + domain names containing square brackets ([ and ]). Square + brackets are only valid for IPv6 and IPvFuture hosts + according to RFC 3986 Section 3.2.2. (CVE-2025-0938, + bsc#1236705) + - gh-127655: Fixed the + asyncio.selector_events._SelectorSocketTransport + transport not pausing writes for the protocol when + the buffer reaches the high water mark when using + asyncio.WriteTransport.writelines() (CVE-2024-12254, + bsc#1234290). + - gh-126108: Fix a possible NULL pointer dereference in + PySys_AddWarnOptionUnicode(). + - gh-80222: Fix bug in the folding of quoted strings + when flattening an email message using a modern email + policy. Previously when a quoted string was folded so + that it spanned more than one line, the surrounding + quotes and internal escapes would be omitted. This could + theoretically be used to spoof header lines using a + carefully constructed quoted string if the resulting + rendered email was transmitted or re-parsed. + - gh-119511: Fix a potential denial of service in the imaplib + module. When connecting to a malicious server, it could + cause an arbitrary amount of memory to be allocated. On + many systems this is harmless as unused virtual memory is + only a mapping, but if this hit a virtual address size + limit it could lead to a MemoryError or other process + crash. On unusual systems or builds where all allocated + memory is touched and backed by actual ram or storage + it could’ve consumed resources doing so until similarly + crashing. + - Library + - gh-129502: Unlikely errors in preparing arguments for + ctypes callback are now handled in the same way as errors + raised in the callback of in converting the result of + the callback – using sys.unraisablehook() instead of + sys.excepthook() and not setting sys.last_exc and other + variables. + - gh-129403: Corrected ValueError message for asyncio.Barrier + and threading.Barrier. + - gh-129409: Fix an integer overflow in the csv module when + writing a data field larger than 2GB. + - gh-118761: Improve import time of subprocess by lazy + importing locale and signal. Patch by Taneli Hukkinen. + - gh-129346: In sqlite3, handle out-of-memory when creating + user-defined SQL functions. + - gh-129061: Fix FORCE_COLOR and NO_COLOR when empty + strings. Patch by Hugo van Kemenade. + - gh-128550: Removed an incorrect optimization relating + to eager tasks in asyncio.TaskGroup that resulted in + cancellations being missed. + - gh-128991: Release the enter frame reference within bdb + callback + - gh-128978: Fix a NameError in + sysconfig.expand_makefile_vars(). Patch by Bénédikt Tran. + - gh-128961: Fix a crash when setting state on an exhausted + array.array iterator. + - gh-128894: Fix + traceback.TracebackException._format_syntax_error not to + fail on exceptions with custom metadata. + - gh-128916: Do not attempt to set SO_REUSEPORT on sockets of + address families other than AF_INET and AF_INET6, as it is + meaningless with these address families, and the call with + fail with Linux kernel 6.12.9 and newer. + - gh-128679: Fix tracemalloc.stop() race condition. Fix + tracemalloc to support calling tracemalloc.stop() in + one thread, while another thread is tracing memory + allocations. Patch by Victor Stinner. + - gh-128636: Fix PyREPL failure when os.environ is + overwritten with an invalid value. + - gh-128562: Fix possible conflicts in generated tkinter + widget names if the widget class name ends with a digit. + - gh-128498: Default to stdout isatty for color detection + instead of stderr. Patch by Hugo van Kemenade. + - gh-128552: Fix cyclic garbage introduced + by asyncio.loop.create_task() and + asyncio.TaskGroup.create_task() holding a reference to the + created task if it is eager. + - gh-128479: Fix asyncio.staggered.staggered_race() leaking + tasks and issuing an unhandled exception. + - gh-128400: Fix crash when using + faulthandler.dump_traceback() while other threads are + active on the free threaded build. + - gh-88834: Unify the instance check for typing.Union and + types.UnionType: Union now uses the instance checks against + its parameters instead of the subclass checks. + - gh-128302: Fix + xml.dom.xmlbuilder.DOMEntityResolver.resolveEntity(), which + was broken by the Python 3.0 transition. + - gh-128302: Allow xml.dom.xmlbuilder.DOMParser.parse() + to correctly handle xml.dom.xmlbuilder.DOMInputSource + instances that only have a systemId attribute set. + - gh-112064: Fix incorrect handling of negative read sizes in + HTTPResponse.read. Patch by Yury Manushkin. + - gh-58956: Fixed a frame reference leak in bdb. + - gh-128131: Completely support random access of uncompressed + unencrypted read-only zip files obtained by ZipFile.open. + - gh-112328: enum.EnumDict can now be used without resorting + to private API. + - gh-127975: Avoid reusing quote types in ast.unparse() if + not needed. + - gh-128062: Revert the font of turtledemo’s menu bar to its + default value and display the shortcut keys in the correct + position. + - gh-128014: Fix resetting the default window icon by passing + default='' to the tkinter method wm_iconbitmap(). + - gh-115514: Fix exceptions and incomplete writes after + asyncio._SelectorTransport is closed before writes are + completed. + - gh-41872: Fix quick extraction of module docstrings from + a file in pydoc. It now supports docstrings with single + quotes, escape sequences, raw string literals, and other + Python syntax. + - gh-127060: Set TERM environment variable to “dumb” to + disable traceback colors in IDLE, since IDLE doesn’t + understand ANSI escape sequences. Patch by Victor Stinner. + - gh-126742: Fix support of localized error messages reported + by dlerror(3) and gdbm_strerror in ctypes and dbm.gnu + functions respectively. Patch by Bénédikt Tran. + - gh-127873: When -E is set, only ignore PYTHON_COLORS + and not FORCE_COLOR/NO_COLOR/TERM when colourising + output. Patch by Hugo van Kemenade. + - gh-127870: Detect recursive calls in ctypes _as_parameter_ + handling. Patch by Victor Stinner. + - gh-127847: Fix the position when doing interleaved seeks + and reads in uncompressed, unencrypted zip files returned + by zipfile.ZipFile.open(). + - gh-127732: The platform module now correctly detects + Windows Server 2025. + - gh-126821: macOS and iOS apps can now choose to redirect + stdout and stderr to the system log during interpreter + configuration. + - gh-93312: Include to get os.PIDFD_NONBLOCK + constant. Patch by Victor Stinner. + - gh-83662: Add missing __class_getitem__ method to the + Python implementation of functools.partial(), to make it + compatible with the C version. This is mainly relevant for + alternative Python implementations like PyPy and GraalPy, + because CPython will usually use the C-implementation of + that function. + - gh-127586: multiprocessing.pool.Pool now properly restores + blocked signal handlers of the parent thread when creating + processes via either spawn or forkserver. + - gh-98188: Fix an issue in + email.message.Message.get_payload() where data cannot be + decoded if the Content Transfer Encoding mechanism contains + trailing whitespaces or additional junk text. Patch by Hui + Liu. + - gh-127257: In ssl, system call failures that OpenSSL + reports using ERR_LIB_SYS are now raised as OSError. + - gh-127096: Do not recreate unnamed section on every read in + configparser.ConfigParser. Patch by Andrey Efremov. + - gh-127196: Fix crash when dict with keys in invalid + encoding were passed to several functions in _interpreters + module. + - gh-126775: Make linecache.checkcache() thread safe and GC + re-entrancy safe. + - gh-126332: Fix _pyrepl crash when entering a double CTRL-Z + on an overflowing line. + - gh-126225: getopt and optparse are no longer marked as + deprecated. There are legitimate reasons to use one of + these modules in preference to argparse, and none of these + modules are at risk of being removed from the standard + library. Of the three, argparse remains the recommended + default choice, unless one of the concerns noted at the top + of the optparse module documentation applies. + - gh-125553: Fix round-trip invariance for backslash + continuations in tokenize.untokenize(). + - gh-123987: Fixed issue in NamespaceReader where a non-path + item in a namespace path, such as a sentinel added by an + editable installer, would break resource loading. + - gh-123401: The http.cookies module now supports parsing + obsolete RFC 850 date formats, in accordance with RFC 9110 + requirements. Patch by Nano Zheng. + - gh-122431: readline.append_history_file() now raises a + ValueError when given a negative value. + - gh-119257: Show tab completions menu below the current + line, which results in less janky behaviour, and fixes a + cursor movement bug. Patch by Daniel Hollas + - Documentation + - gh-125722: Require Sphinx 8.1.3 or later to build the + Python documentation. Patch by Adam Turner. + - gh-67206: Document that string.printable is not + printable in the POSIX sense. In particular, + string.printable.isprintable() returns False. Patch by + Bénédikt Tran. + - Core and Builtins + - gh-129345: Fix null pointer dereference in syslog.openlog() + when an audit hook raises an exception. + - gh-129093: Fix f-strings such as f'{expr=}' sometimes not + displaying the full expression when the expression contains + !=. + - gh-124363: Treat debug expressions in f-string as raw + strings. Patch by Pablo Galindo + - gh-128799: Add frame of except* to traceback when it wraps + a naked exception. + - gh-128078: Fix a SystemError when using anext() with a + default tuple value. Patch by Bénédikt Tran. + - gh-128717: Fix a crash when setting the recursion limit + while other threads are active on the free threaded build. + - gh-128330: Restore terminal control characters on REPL + exit. + - gh-128079: Fix a bug where except* does not properly check + the return value of an ExceptionGroup’s split() function, + leading to a crash in some cases. Now when split() returns + an invalid object, except* raises a TypeError with the + original raised ExceptionGroup object chained to it. + - gh-128030: Avoid error from calling + PyModule_GetFilenameObject on a non-module object when + importing a non-existent symbol from a non-module object. + - gh-127903: Objects/unicodeobject.c: fix a crash on DEBUG + builds in _copy_characters when there is nothing to copy. + - gh-127599: Fix statistics for increments of object + reference counts (in particular, when a reference count was + increased by more than 1 in a single operation). + - gh-127651: When raising ImportError for missing symbols + in from imports, use __file__ in the error message if + __spec__.origin is not a location + - gh-127582: Fix non-thread-safe object resurrection when + calling finalizers and watcher callbacks in the free + threading build. + - gh-127434: The iOS compiler shims can now accept arguments + with spaces. + - gh-127536: Add missing locks around some list assignment + operations in the free threading build. + - gh-126862: Fix a possible overflow when a class inherits + from an absurd number of super-classes. Reported by Valery + Fedorenko. Patch by Bénédikt Tran. + - gh-127349: Fixed the error when resizing terminal in Python + REPL. Patch by Semyon Moroz. + - gh-126076: Relocated objects such as tuple, bytes and + str objects are properly tracked by tracemalloc and its + associated hooks. Patch by Pablo Galindo. + - C API + - gh-127791: Fix loss of callbacks after more than one call + to PyUnstable_AtExit(). + - Build + - gh-129539: Don’t redefine EX_OK when the system has the + sysexits.h header. + - gh-128472: Skip BOLT optimization of functions using + computed gotos, fixing errors on build with LLVM 19. + - gh-123925: Fix building the curses module on platforms with + libncurses but without libncursesw. + - gh-128321: Set LIBS instead of LDFLAGS when checking if + sqlite3 library functions are available. This fixes the + ordering of linked libraries during checks, which was + incorrect when using a statically linked libsqlite3. + - gh-127865: Fix build failure on systems without + thread-locals support. +- Remove upstreamed patches: + - CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch +- Add doc-py38-to-py36.patch to make documentation buildable on + SLE with older Sphinx. + +------------------------------------------------------------------- +Mon Jan 27 09:09:00 UTC 2025 - Daniel Garcia + +- Configure externally_managed with a bcond + https://en.opensuse.org/openSUSE:Python:Externally_managed + bsc#1228165 + ------------------------------------------------------------------- Fri Dec 6 20:39:56 UTC 2024 - Matej Cepl diff --git a/python313.spec b/python313.spec index fec5acf..e6f2d34 100644 --- a/python313.spec +++ b/python313.spec @@ -1,7 +1,7 @@ # # spec file for package python313 # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -73,6 +73,14 @@ %endif %endif +# Only for Tumbleweed +# https://en.opensuse.org/openSUSE:Python:Externally_managed +%if 0%{?suse_version} > 1600 +%bcond_without externally_managed +%else +%bcond_with externally_managed +%endif + %define python_pkg_name python313 %if %{without GIL} %define python_pkg_name python313-nogil @@ -149,7 +157,7 @@ # _md5.cpython-38m-x86_64-linux-gnu.so %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so Name: %{python_pkg_name}%{psuffix} -Version: 3.13.1 +Version: 3.13.2 %define tarversion %{version} %define tarname Python-%{tarversion} Release: 0 @@ -206,9 +214,9 @@ Patch09: skip-test_pyobject_freed_is_freed.patch # PATCH-FIX-OPENSUSE fix-test-recursion-limit-15.6.patch gh#python/cpython#115083 # Skip some failing tests in test_compile for i586 arch in 15.6. Patch40: fix-test-recursion-limit-15.6.patch -# PATCH-FIX-UPSTREAM CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch bsc#1234290 mcepl@suse.com -# prevents exhaustion of memory -Patch41: CVE-2024-12254-unbound-mem-buffering-SelectorSocketTransport.writelines.patch +# PATCH-FIX-SLE doc-py38-to-py36.patch mcepl@suse.com +# Make documentation extensions working with Python 3.6 +Patch41: doc-py38-to-py36.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes @@ -796,7 +804,7 @@ rm %{buildroot}%{_libdir}/libpython3.so rm %{buildroot}%{_libdir}/pkgconfig/{python3,python3-embed}.pc %endif -%if %{suse_version} > 1550 +%if %{with externally_managed} # PEP-0668 mark this as a distro maintained python sed -e 's,__PYTHONPREFIX__,%{python_pkg_name},' -e 's,__PYTHON__,python%{python_version},' < %{SOURCE4} > %{buildroot}%{sitedir}/EXTERNALLY-MANAGED %endif @@ -998,7 +1006,7 @@ fi %{_mandir}/man1/python%{python_version}.1%{?ext_man} %endif -%if %{suse_version} > 1550 +%if %{with externally_managed} # PEP-0668 %{sitedir}/EXTERNALLY-MANAGED %endif