Accepting request 1169083 from home:dgarcia:branches:devel:languages:python:Factory

- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. OBS-URL: https://build.opensuse.org/request/show/1169083 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=120
2024-04-19 22:20:05 +00:00 · 2024-04-19 22:20:05 +00:00 · 116be53bb3
commit 116be53bb3
parent fe7f29284c
3 changed files with 70 additions and 0 deletions
--- a/CVE-2023-52425-libexpat-2.6.0-backport.patch
+++ b/CVE-2023-52425-libexpat-2.6.0-backport.patch
@ -0,0 +1,57 @@
+Index: Python-3.11.9/Lib/test/test_xml_etree.py
+===================================================================
+--- Python-3.11.9.orig/Lib/test/test_xml_etree.py
+++ Python-3.11.9/Lib/test/test_xml_etree.py
+@@ -1424,9 +1424,13 @@ class XMLPullParserTest(unittest.TestCas
+         self.assert_event_tags(parser, [('end', 'root')])
+         self.assertIsNone(parser.close())
+ 
+    @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+                     f'Fail with patched version of Expat {pyexpat.version_info}')
+     def test_simple_xml_chunk_1(self):
+         self.test_simple_xml(chunk_size=1, flush=True)
+ 
+    @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+                     f'Fail with patched version of Expat {pyexpat.version_info}')
+     def test_simple_xml_chunk_5(self):
+         self.test_simple_xml(chunk_size=5, flush=True)
+ 
+@@ -1651,6 +1655,9 @@ class XMLPullParserTest(unittest.TestCas
+ 
+         self.assert_event_tags(parser, [('end', 'doc')])
+ 
+    @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+                     f'Expat {pyexpat.version_info} does not '
+                     'support reparse deferral')
+     def test_flush_reparse_deferral_disabled(self):
+         parser = ET.XMLPullParser(events=('start', 'end'))
+ 
+Index: Python-3.11.9/Lib/test/test_sax.py
+===================================================================
+--- Python-3.11.9.orig/Lib/test/test_sax.py
+++ Python-3.11.9/Lib/test/test_sax.py
+@@ -1240,6 +1240,9 @@ class ExpatReaderTest(XmlTestBase):
+ 
+         self.assertEqual(result.getvalue(), start + b"<doc></doc>")
+ 
+    @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+                     f'Expat {pyexpat.version_info} does not '
+                     'support reparse deferral')
+     def test_flush_reparse_deferral_disabled(self):
+         result = BytesIO()
+         xmlgen = XMLGenerator(result)
+Index: Python-3.11.9/Lib/test/test_pyexpat.py
+===================================================================
+--- Python-3.11.9.orig/Lib/test/test_pyexpat.py
+++ Python-3.11.9/Lib/test/test_pyexpat.py
+@@ -794,6 +794,10 @@ class ReparseDeferralTest(unittest.TestC
+         self.assertEqual(started, ['doc'])
+ 
+     def test_reparse_deferral_disabled(self):
+        if expat.version_info < (2, 6, 0):
+            self.skipTest(f'Expat {expat.version_info} does not '
+                          'support reparse deferral')
+
+         started = []
+ 
+         def start_element(name, _):
--- a/python311.changes
+++ b/python311.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Apr 15 10:31:32 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with
+  patched libexpat below 2.6.0 that doesn't update the version number,
+  just in SLE.
+
 -------------------------------------------------------------------
 Mon Apr  8 05:44:04 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>

--- a/python311.spec
+++ b/python311.spec
@ -168,6 +168,11 @@ Patch14:        CVE-2023-27043-email-parsing-errors.patch
 # PATCH-FIX-UPSTREAM bsc1221260-test_asyncio-ResourceWarning.patch bsc#1221260 mcepl@suse.com
 # prevent ResourceWarning in test_asyncio tests
 Patch15:        bsc1221260-test_asyncio-ResourceWarning.patch
+# PATCH-FIX-OPENSUSE CVE-2023-52425-libexpat-2.6.0-backport.patch
+# This problem on libexpat is patched on SLE without version
+# update, this patch changes the tests to match the libexpat provided
+# by SUSE
+Patch16:        CVE-2023-52425-libexpat-2.6.0-backport.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  fdupes
@ -428,6 +433,7 @@ other applications.
 %patch -p1 -P 13
 %patch -p1 -P 14
 %patch -p1 -P 15
+%patch -p1 -P 16

 # drop Autoconf version requirement
 sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac