diff --git a/CVE-2023-27043-email-parsing-errors.patch b/CVE-2023-27043-email-parsing-errors.patch index 6e4cc64..1ced142 100644 --- a/CVE-2023-27043-email-parsing-errors.patch +++ b/CVE-2023-27043-email-parsing-errors.patch @@ -5,8 +5,10 @@ Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst | 8 4 files changed, 344 insertions(+), 21 deletions(-) ---- a/Doc/library/email.utils.rst -+++ b/Doc/library/email.utils.rst +Index: Python-3.11.8/Doc/library/email.utils.rst +=================================================================== +--- Python-3.11.8.orig/Doc/library/email.utils.rst ++++ Python-3.11.8/Doc/library/email.utils.rst @@ -60,13 +60,18 @@ of the new API. begins with angle brackets, they are stripped off. @@ -56,15 +58,17 @@ .. function:: parsedate(date) ---- a/Lib/email/utils.py -+++ b/Lib/email/utils.py +Index: Python-3.11.8/Lib/email/utils.py +=================================================================== +--- Python-3.11.8.orig/Lib/email/utils.py ++++ Python-3.11.8/Lib/email/utils.py @@ -48,6 +48,7 @@ TICK = "'" specialsre = re.compile(r'[][\\()<>@,:;".]') escapesre = re.compile(r'[\\"]') + def _has_surrogates(s): - """Return True if s contains surrogate-escaped binary data.""" + """Return True if s may contain surrogate-escaped binary data.""" # This check is based on the fact that unless there are surrogates, utf8 @@ -106,12 +107,127 @@ def formataddr(pair, charset='utf-8'): return address @@ -237,8 +241,10 @@ return addrs[0] ---- a/Lib/test/test_email/test_email.py -+++ b/Lib/test/test_email/test_email.py +Index: Python-3.11.8/Lib/test/test_email/test_email.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_email/test_email.py ++++ Python-3.11.8/Lib/test/test_email/test_email.py @@ -17,6 +17,7 @@ from unittest.mock import patch import email @@ -448,8 +454,10 @@ # Test the iterator/generators class TestIterators(TestEmailBase): +Index: Python-3.11.8/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst +=================================================================== --- /dev/null -+++ b/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst ++++ Python-3.11.8/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst @@ -0,0 +1,8 @@ +:func:`email.utils.getaddresses` and :func:`email.utils.parseaddr` now +return ``('', '')`` 2-tuples in more situations where invalid email diff --git a/F00251-change-user-install-location.patch b/F00251-change-user-install-location.patch index ac31b43..d659f81 100644 --- a/F00251-change-user-install-location.patch +++ b/F00251-change-user-install-location.patch @@ -13,8 +13,10 @@ Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe Lib/site.py | 9 ++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) ---- a/Lib/distutils/command/install.py -+++ b/Lib/distutils/command/install.py +Index: Python-3.11.8/Lib/distutils/command/install.py +=================================================================== +--- Python-3.11.8.orig/Lib/distutils/command/install.py ++++ Python-3.11.8/Lib/distutils/command/install.py @@ -441,8 +441,19 @@ class install(Command): raise DistutilsOptionError( "must not supply exec-prefix without prefix") @@ -37,9 +39,11 @@ Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe else: if self.exec_prefix is None: ---- a/Lib/site.py -+++ b/Lib/site.py -@@ -377,8 +377,15 @@ def getsitepackages(prefixes=None): +Index: Python-3.11.8/Lib/site.py +=================================================================== +--- Python-3.11.8.orig/Lib/site.py ++++ Python-3.11.8/Lib/site.py +@@ -387,8 +387,15 @@ def getsitepackages(prefixes=None): return sitepackages def addsitepackages(known_paths, prefixes=None): diff --git a/Python-3.11.7.tar.xz b/Python-3.11.7.tar.xz deleted file mode 100644 index 8d3a65d..0000000 --- a/Python-3.11.7.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:18e1aa7e66ff3a58423d59ed22815a6954e53342122c45df20c96877c062b9b7 -size 20074108 diff --git a/Python-3.11.7.tar.xz.asc b/Python-3.11.7.tar.xz.asc deleted file mode 100644 index 3eee3d2..0000000 --- a/Python-3.11.7.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmVuFigACgkQ/+h0BBaL -2EeHPg/+LU5xs2ZDrQogDcH+A1v8RyursiggypdM5hXTrsFsTCIk4iekcI9xkhG1 -ltNX4UuCe5PUEbTgtaWP0ncXARrUnPCoQaQ1sHVDTYoHegancsk+sXZc1JM7qr0p -Y4Ig6mKjuHFMXCInQSI2GaH4t5r4Z1jGk/PGrecIHOPJgqfA/6Z3TBF5N+y3jEvS -2QazMB298q4RDhh9m3REe8LwFPHDlfw9eRohv0MB8xygg9KtxhLZrN7gLBQZvKGD -ihNw6EgJj5OZ0dvwKCCXnlZuwknuJW7vAOPHhYeenPdVdYCGoRSyN7JdD07L+5AG -O14l2rqZrz5Eu28by+kAUrcPYAfAXekw1PmtT3HSd9U/nqnUiTkkJcjyGG/e3cjJ -sUDKMNCSBq0G7j5DB3bB6VHkZjVuz+T+iR5QdfJ4kI2pYSuE/rUj1rhkUXApYsHl -7Wff0QbOW6QT1wCtQcMpJSzkTDVJVYxiqrko/ihlOhphDHYLdOIGOrxWAUwc06x/ -BhJD6tM1kEVZvifoJp1OsNwDzZ/Ku6CUs05E1vWxdeNVeANyKAgCZ5hOVmhnv866 -11zfgo/znRsMzMIyJuy0bhO0C6omVLzzfhipAbZM2jDorn37xxV0v/I0pceNtLrp -YR7Tjs7+Ihe6/oItjW53j9T7ANdgQ1RVDg98lKlPFNL+hxfctwY= -=0Pkd ------END PGP SIGNATURE----- diff --git a/Python-3.11.8.tar.xz b/Python-3.11.8.tar.xz new file mode 100644 index 0000000..9263767 --- /dev/null +++ b/Python-3.11.8.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9e06008c8901924395bc1da303eac567a729ae012baa182ab39269f650383bb3 +size 20041256 diff --git a/Python-3.11.8.tar.xz.asc b/Python-3.11.8.tar.xz.asc new file mode 100644 index 0000000..bd8cff8 --- /dev/null +++ b/Python-3.11.8.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmXCppEACgkQ/+h0BBaL +2Edi6g//dRagLHlrmPyCrch7ZqAazLMXTHb3cerXg41QEqfwIl7osk1HnqObBgVN +w8vgXy9ZlxWwv+cWvwrNLY1AWEfarhwRzWLkikHwycBIIgep1HmSvyU4wLKaN7mI +c/LxGHfQZ6suu3gCVmRFBoB/ACpT0P5qvDpoUehrADE6wCqs0vbRiW/InLCTUpOy +zZ+5ncK302JtafJkjIGf2VNB4yQATk/v7fO/z43sEQqhvzgtlWlXNmtCKshGBIt1 +mJpLEs8gCq97jObfbN7FkC3Ti/kEan7PbjDzsDKcBv/jJudvWywHtMzplgbjtOYG +AgBM8bXbVC119BwmfBpvAxgsVKmmGi9d2McJUPOcIHKiHCb17fU0srRbSV47rE9N +PWEHgQC2ICbdT9N1oimOEp16eYt5omFWfDy5C91oqUnBFtz8wqiNmyeQimegMgBe +cDpOY73C2H7Vi6rX9EbyrG+LOkfJ6Vt5rTCa+zbAPy2ihz/ajA7UNH72t1uuzFQZ +pPdUBNhtGxr5EB3zAqBxDuoh9DMOmDZACbT+npHR3Y7KaXTHYIe7Ot8CCrLpH+Ra +8Yt6/CCD7KnsCWz6pfyH+ulIL4vw+dPnC809+neiXhiUuM5qiIr9K7HidzXi0Lwj +sb8MVErS8dURFZP48e1dfbyJqsAvAosiGmjDDqbrlAC5attKjg8= +=VFx6 +-----END PGP SIGNATURE----- diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch index 1cec52f..86882ae 100644 --- a/bpo-31046_ensurepip_honours_prefix.patch +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -13,10 +13,10 @@ Co-Authored-By: Xavier de Gaye 5 files changed, 34 insertions(+), 9 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst -Index: Python-3.11.6/Doc/library/ensurepip.rst +Index: Python-3.11.8/Doc/library/ensurepip.rst =================================================================== ---- Python-3.11.6.orig/Doc/library/ensurepip.rst -+++ Python-3.11.6/Doc/library/ensurepip.rst +--- Python-3.11.8.orig/Doc/library/ensurepip.rst ++++ Python-3.11.8/Doc/library/ensurepip.rst @@ -59,7 +59,9 @@ is at least as recent as the one availab By default, ``pip`` is installed into the current virtual environment (if one is active) or into the system site packages (if there is no @@ -55,10 +55,10 @@ Index: Python-3.11.6/Doc/library/ensurepip.rst .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap .. note:: -Index: Python-3.11.6/Lib/ensurepip/__init__.py +Index: Python-3.11.8/Lib/ensurepip/__init__.py =================================================================== ---- Python-3.11.6.orig/Lib/ensurepip/__init__.py -+++ Python-3.11.6/Lib/ensurepip/__init__.py +--- Python-3.11.8.orig/Lib/ensurepip/__init__.py ++++ Python-3.11.8/Lib/ensurepip/__init__.py @@ -122,27 +122,27 @@ def _disable_pip_configuration_settings( os.environ['PIP_CONFIG_FILE'] = os.devnull @@ -121,10 +121,10 @@ Index: Python-3.11.6/Lib/ensurepip/__init__.py upgrade=args.upgrade, user=args.user, verbosity=args.verbosity, -Index: Python-3.11.6/Lib/test/test_ensurepip.py +Index: Python-3.11.8/Lib/test/test_ensurepip.py =================================================================== ---- Python-3.11.6.orig/Lib/test/test_ensurepip.py -+++ Python-3.11.6/Lib/test/test_ensurepip.py +--- Python-3.11.8.orig/Lib/test/test_ensurepip.py ++++ Python-3.11.8/Lib/test/test_ensurepip.py @@ -112,6 +112,17 @@ class TestBootstrap(EnsurepipMixin, unit unittest.mock.ANY, ) @@ -143,11 +143,11 @@ Index: Python-3.11.6/Lib/test/test_ensurepip.py def test_bootstrapping_with_user(self): ensurepip.bootstrap(user=True) -Index: Python-3.11.6/Makefile.pre.in +Index: Python-3.11.8/Makefile.pre.in =================================================================== ---- Python-3.11.6.orig/Makefile.pre.in -+++ Python-3.11.6/Makefile.pre.in -@@ -1758,7 +1758,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni +--- Python-3.11.8.orig/Makefile.pre.in ++++ Python-3.11.8/Makefile.pre.in +@@ -1761,7 +1761,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -156,7 +156,7 @@ Index: Python-3.11.6/Makefile.pre.in fi altinstall: commoninstall -@@ -1768,7 +1768,7 @@ altinstall: commoninstall +@@ -1771,7 +1771,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -165,9 +165,9 @@ Index: Python-3.11.6/Makefile.pre.in fi commoninstall: check-clean-src @FRAMEWORKALTINSTALLFIRST@ \ -Index: Python-3.11.6/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst +Index: Python-3.11.8/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst =================================================================== --- /dev/null -+++ Python-3.11.6/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst ++++ Python-3.11.8/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst @@ -0,0 +1 @@ +A directory prefix can now be specified when using :mod:`ensurepip`. diff --git a/distutils-reproducible-compile.patch b/distutils-reproducible-compile.patch index fd98baa..17e8bd2 100644 --- a/distutils-reproducible-compile.patch +++ b/distutils-reproducible-compile.patch @@ -2,8 +2,10 @@ Lib/distutils/util.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/distutils/util.py -+++ b/Lib/distutils/util.py +Index: Python-3.11.8/Lib/distutils/util.py +=================================================================== +--- Python-3.11.8.orig/Lib/distutils/util.py ++++ Python-3.11.8/Lib/distutils/util.py @@ -436,7 +436,7 @@ byte_compile(files, optimize=%r, force=% else: from py_compile import compile diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch index e45e240..2fabf1b 100644 --- a/fix_configure_rst.patch +++ b/fix_configure_rst.patch @@ -3,10 +3,10 @@ Misc/NEWS | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) -Index: Python-3.11.7/Doc/using/configure.rst +Index: Python-3.11.8/Doc/using/configure.rst =================================================================== ---- Python-3.11.7.orig/Doc/using/configure.rst -+++ Python-3.11.7/Doc/using/configure.rst +--- Python-3.11.8.orig/Doc/using/configure.rst ++++ Python-3.11.8/Doc/using/configure.rst @@ -41,7 +41,6 @@ General Options See :data:`sys.int_info.bits_per_digit `. @@ -29,11 +29,11 @@ Index: Python-3.11.7/Doc/using/configure.rst .. option:: --enable-framework=INSTALLDIR Create a Python.framework rather than a traditional Unix install. Optional -Index: Python-3.11.7/Misc/NEWS +Index: Python-3.11.8/Misc/NEWS =================================================================== ---- Python-3.11.7.orig/Misc/NEWS -+++ Python-3.11.7/Misc/NEWS -@@ -9012,7 +9012,7 @@ C API +--- Python-3.11.8.orig/Misc/NEWS ++++ Python-3.11.8/Misc/NEWS +@@ -9411,7 +9411,7 @@ C API - bpo-40939: Removed documentation for the removed ``PyParser_*`` C API. - bpo-43795: The list in :ref:`limited-api-list` now shows the public name diff --git a/python-3.3.0b1-fix_date_time_compiler.patch b/python-3.3.0b1-fix_date_time_compiler.patch index 06aab09..cda20d7 100644 --- a/python-3.3.0b1-fix_date_time_compiler.patch +++ b/python-3.3.0b1-fix_date_time_compiler.patch @@ -2,9 +2,11 @@ Makefile.pre.in | 7 +++++++ 1 file changed, 7 insertions(+) ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -1235,11 +1235,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ +Index: Python-3.11.8/Makefile.pre.in +=================================================================== +--- Python-3.11.8.orig/Makefile.pre.in ++++ Python-3.11.8/Makefile.pre.in +@@ -1240,11 +1240,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ $(DTRACE_OBJS) \ $(srcdir)/Modules/getbuildinfo.c $(CC) -c $(PY_CORE_CFLAGS) \ diff --git a/python-3.3.0b1-localpath.patch b/python-3.3.0b1-localpath.patch index ff9a376..475497e 100644 --- a/python-3.3.0b1-localpath.patch +++ b/python-3.3.0b1-localpath.patch @@ -1,7 +1,9 @@ ---- a/Lib/site.py -+++ b/Lib/site.py -@@ -76,7 +76,7 @@ import _sitebuiltins - import io +Index: Python-3.11.8/Lib/site.py +=================================================================== +--- Python-3.11.8.orig/Lib/site.py ++++ Python-3.11.8/Lib/site.py +@@ -77,7 +77,7 @@ import io + import stat # Prefixes for site-packages; add additional prefixes like /usr/local here -PREFIXES = [sys.prefix, sys.exec_prefix] diff --git a/python-3.3.0b1-test-posix_fadvise.patch b/python-3.3.0b1-test-posix_fadvise.patch index 762dd28..ac5d553 100644 --- a/python-3.3.0b1-test-posix_fadvise.patch +++ b/python-3.3.0b1-test-posix_fadvise.patch @@ -2,9 +2,11 @@ Lib/test/test_posix.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/test/test_posix.py -+++ b/Lib/test/test_posix.py -@@ -428,7 +428,7 @@ class PosixTester(unittest.TestCase): +Index: Python-3.11.8/Lib/test/test_posix.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_posix.py ++++ Python-3.11.8/Lib/test/test_posix.py +@@ -430,7 +430,7 @@ class PosixTester(unittest.TestCase): def test_posix_fadvise(self): fd = os.open(os_helper.TESTFN, os.O_RDONLY) try: diff --git a/python311.changes b/python311.changes index 55ffed6..d22b0be 100644 --- a/python311.changes +++ b/python311.changes @@ -1,3 +1,267 @@ +------------------------------------------------------------------- +Thu Feb 8 07:27:40 UTC 2024 - Daniel Garcia + +- Update to 3.11.8: + - Security + - gh-113659: Skip .pth files with names starting with a dot or + hidden file attribute. + - Core and Builtins + - gh-114887: Changed socket type validation in + create_datagram_endpoint() to accept all non-stream sockets. + This fixes a regression in compatibility with raw sockets. + - gh-114388: Fix a RuntimeWarning emitted when assign an + integer-like value that is not an instance of int to an + attribute that corresponds to a C struct member of type T_UINT + and T_ULONG. Fix a double RuntimeWarning emitted when assign a + negative integer value to an attribute that corresponds to a C + struct member of type T_UINT. + - gh-89811: Check for a valid tp_version_tag before performing + bytecode specializations that rely on this value being usable. + - gh-113602: Fix an error that was causing the parser to try to + overwrite existing errors and crashing in the process. Patch by + Pablo Galindo + - gh-113566: Fix a 3.11-specific crash when the repr of a Future + is requested after the module has already been + garbage-collected. + - gh-106905: Use per AST-parser state rather than global state to + track recursion depth within the AST parser to prevent potential + race condition due to simultaneous parsing. + - The issue primarily showed up in 3.11 by multithreaded users of + ast.parse(). In 3.12 a change to when garbage collection can be + triggered prevented the race condition from occurring. + - gh-112716: Fix SystemError in the import statement and in + __reduce__() methods of builtin types when __builtins__ is not a + dict. + - gh-105967: Workaround a bug in Apple’s macOS platform zlib + library where zlib.crc32() and binascii.crc32() could produce + incorrect results on multi-gigabyte inputs. Including when using + zipfile on zips containing large data. + - gh-94606: Fix UnicodeEncodeError when + email.message.get_payload() reads a message with a Unicode + surrogate character and the message content is not well-formed + for surrogateescape encoding. Patch by Sidney Markowitz. + - Library + - gh-114965: Update bundled pip to 24.0 + - gh-114959: tarfile no longer ignores errors when trying to + extract a directory on top of a file. + - gh-109475: Fix support of explicit option value “–” in argparse + (e.g. --option=--). + - gh-110190: Fix ctypes structs with array on Windows ARM64 + platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by + Diego Russo + - gh-113280: Fix a leak of open socket in rare cases when error + occurred in ssl.SSLSocket creation. + - gh-77749: email.policy.EmailPolicy.fold() now always encodes + non-ASCII characters in headers if utf8 is false. + - gh-114492: Make the result of termios.tcgetattr() reproducible + on Alpine Linux. Previously it could leave a random garbage in + some fields. + - gh-75128: Ignore an OSError in + asyncio.BaseEventLoop.create_server() when IPv6 is available but + the interface cannot actually support it. + - gh-114257: Dismiss the FileNotFound error in + ctypes.util.find_library() and just return None on Linux. + - gh-101438: Avoid reference cycle in ElementTree.iterparse. The + iterator returned by ElementTree.iterparse may hold on to a file + descriptor. The reference cycle prevented prompt clean-up of the + file descriptor if the returned iterator was not exhausted. + - gh-104522: OSError raised when run a subprocess now only has + filename attribute set to cwd if the error was caused by a + failed attempt to change the current directory. + - gh-109534: Fix a reference leak in + asyncio.selector_events.BaseSelectorEventLoop when SSL + handshakes fail. Patch contributed by Jamie Phan. + - gh-114077: Fix possible OverflowError in + socket.socket.sendfile() when pass count larger than 2 GiB on + 32-bit platform. + - gh-114014: Fixed a bug in fractions.Fraction where an invalid + string using d in the decimals part creates a different error + compared to other invalid letters/characters. Patch by Jeremiah + Gabriel Pascual. + - gh-113951: Fix the behavior of tag_unbind() methods of + tkinter.Text and tkinter.Canvas classes with three arguments. + Previously, widget.tag_unbind(tag, sequence, funcid) destroyed + the current binding for sequence, leaving sequence unbound, and + deleted the funcid command. Now it removes only funcid from the + binding for sequence, keeping other commands, and deletes the + funcid command. It leaves sequence unbound only if funcid was + the last bound command. + - gh-113877: Fix tkinter method winfo_pathname() on 64-bit + Windows. + - gh-113781: Silence unraisable AttributeError when warnings are + emitted during Python finalization. + - gh-113594: Fix UnicodeEncodeError in email when re-fold lines + that contain unknown-8bit encoded part followed by + non-unknown-8bit encoded part. + - gh-113538: In asyncio.StreamReaderProtocol.connection_made(), + there is callback that logs an error if the task wrapping the + “connected callback” fails. This callback would itself fail if + the task was cancelled. Prevent this by checking whether the + task was cancelled first. If so, close the transport but don’t + log an error. + - gh-85567: Fix resource warnings for unclosed files in pickle and + pickletools command line interfaces. + - gh-101225: Increase the backlog for + multiprocessing.connection.Listener objects created by + multiprocessing.manager and multiprocessing.resource_sharer to + significantly reduce the risk of getting a connection refused + error when creating a multiprocessing.connection.Connection to + them. + - gh-113543: Make sure that webbrowser.MacOSXOSAScript sends + webbrowser.open audit event. + - gh-113028: When a second reference to a string appears in the + input to pickle, and the Python implementation is in use, we are + guaranteed that a single copy gets pickled and a single object + is shared when reloaded. Previously, in protocol 0, when a + string contained certain characters (e.g. newline) it resulted + in duplicate objects. + - gh-113421: Fix multiprocessing logger for %(filename)s. + - gh-113358: Fix rendering tracebacks for exceptions with a broken + __getattr__. + - gh-113214: Fix an AttributeError during asyncio SSL protocol + aborts in SSL-over-SSL scenarios. + - gh-113246: Update bundled pip to 23.3.2. + - gh-113199: Make http.client.HTTPResponse.read1 and + http.client.HTTPResponse.readline close IO after reading all + data when content length is known. Patch by Illia Volochii. + - gh-113188: Fix shutil.copymode() and shutil.copystat() on + Windows. Previously they worked differenly if dst is a symbolic + link: they modified the permission bits of dst itself rather + than the file it points to if follow_symlinks is true or src is + not a symbolic link, and did not modify the permission bits if + follow_symlinks is false and src is a symbolic link. + - gh-61648: Detect line numbers of properties in doctests. + - gh-112559: signal.signal() and signal.getsignal() no longer call + repr on callable handlers. asyncio.run() and + asyncio.Runner.run() no longer call repr on the task results. + Patch by Yilei Yang. + - gh-110190: Fix ctypes structs with array on PPC64LE platform by + setting MAX_STRUCT_SIZE to 64 in stgdict. Patch by Diego Russo. + - gh-79429: Ignore FileNotFoundError when remove a temporary + directory in the multiprocessing finalizer. + - gh-79325: Fix an infinite recursion error in + tempfile.TemporaryDirectory() cleanup on Windows. + - gh-110190: Fix ctypes structs with array on Arm platform by + setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by Diego Russo. + - gh-81194: Fix a crash in socket.if_indextoname() with specific + value (UINT_MAX). Fix an integer overflow in + socket.if_indextoname() on 64-bit non-Windows platforms. + - gh-75666: Fix the behavior of tkinter widget’s unbind() method + with two arguments. Previously, widget.unbind(sequence, funcid) + destroyed the current binding for sequence, leaving sequence + unbound, and deleted the funcid command. Now it removes only + funcid from the binding for sequence, keeping other commands, + and deletes the funcid command. It leaves sequence unbound only + if funcid was the last bound command. + - gh-110345: Show the Tcl/Tk patchlevel (rather than version) in + tkinter._test(). + - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now + raises BadZipFile when try to read an entry that overlaps with + other entry or central directory. + - gh-38807: Fix race condition in trace. Instead of checking if a + directory exists and creating it, directly call os.makedirs() + with the kwarg exist_ok=True. + - gh-75705: Set unixfrom envelope in mailbox.mbox and + mailbox.MMDF. + - gh-105102: Allow ctypes.Union to be nested in ctypes.Structure + when the system endianness is the opposite of the classes. + - gh-104282: Fix null pointer dereference in + lzma._decode_filter_properties() due to improper handling of BCJ + filters with properties of zero length. Patch by Radislav + Chugunov. + - gh-102512: When os.fork() is called from a foreign thread (aka + _DummyThread), the type of the thread in a child process is + changed to _MainThread. Also changed its name and daemonic + status, it can be now joined. + - gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, + which now no longer dereferences symlinks when working around + file system permission errors. + - bpo-43153: On Windows, tempfile.TemporaryDirectory previously + masked a PermissionError with NotADirectoryError during + directory cleanup. It now correctly raises PermissionError if + errors are not ignored. Patch by Andrei Kulakov and Ken Jin. + - bpo-35332: The shutil.rmtree() function now ignores errors when + calling os.close() when ignore_errors is True, and os.close() no + longer retried after error. + - bpo-35928: io.TextIOWrapper now correctly handles the decoding + buffer after read() and write(). + - bpo-26791: shutil.move() now moves a symlink into a directory + when that directory is the target of the symlink. This provides + the same behavior as the mv shell command. The previous behavior + raised an exception. Patch by Jeffrey Kintscher. + - bpo-36959: Fix some error messages for invalid ISO format string + combinations in strptime() that referred to directives not + contained in the format string. Patch by Gordon P. Hemsley. + - bpo-18060: Fixed a class inheritance issue that can cause + segfaults when deriving two or more levels of subclasses from a + base class of Structure or Union. + - Documentation + - gh-110746: Improved markup for valid options/values for methods + ttk.treeview.column and ttk.treeview.heading, and for Layouts. + - gh-95649: Document that the asyncio module contains code taken + from v0.16.0 of the uvloop project, as well as the required MIT + licensing information. + - Tests + - gh-109980: Fix test_tarfile_vs_tar in test_shutil for macOS, + where system tar can include more information in the archive + than shutil.make_archive. + - gh-112769: The tests now correctly compare zlib version when + zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For + example zlib-ng defines the version as 1.3.0.zlib-ng. + - gh-105089: Fix + test.test_zipfile.test_core.TestWithDirectory.test_create_directory_with_write + test in AIX by doing a bitwise AND of 0xFFFF on mode , so that + it will be in sync with zinfo.external_attr + - bpo-40648: Test modes that file can get with chmod() on Windows. + - Build + - gh-101778: Fix build error when there’s a dangling symlink in + the directory containing ffi.h. + - gh-112305: Fixed the check-clean-src step performed on out of + tree builds to detect errant $(srcdir)/Python/frozen_modules/*.h + files and recommend appropriate source tree cleanup steps to get + a working build again. + - bpo-11102: The os.major(), os.makedev(), and os.minor() + functions are now available on HP-UX v3. + - bpo-36351: Do not set ipv6type when cross-compiling. + - IDLE + - gh-96905: In idlelib code, stop redefining built-ins ‘dict’ and + ‘object’. + - gh-72284: Improve the lists of features, editor key bindings, + and shell key bingings in the IDLE doc. + - gh-113903: Fix rare failure of test.test_idle, in + test_configdialog. + - gh-113729: Fix the “Help -> IDLE Doc” menu bug in 3.11.7 and + 3.12.1. + - gh-113269: Fix test_editor hang on macOS Catalina. + - gh-112898: Fix processing unsaved files when quitting IDLE on + macOS. + - gh-103820: Revise IDLE bindings so that events from mouse button + 4/5 on non-X11 windowing systems (i.e. Win32 and Aqua) are not + mistaken for scrolling. + - bpo-13586: Enter the selected text when opening the “Replace” + dialog. + - Tools/Demos + - gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.13 and + multissltests to use 1.1.1w, 3.0.13, 3.1.5, and 3.2.1. + - gh-115015: Fix a bug in Argument Clinic that generated incorrect + code for methods with no parameters that use the METH_METHOD | + METH_FASTCALL | METH_KEYWORDS calling convention. Only the + positional parameter count was checked; any keyword argument + passed would be silently accepted. + +- Refresh all patches: + - CVE-2023-27043-email-parsing-errors.patch + - F00251-change-user-install-location.patch + - bpo-31046_ensurepip_honours_prefix.patch + - distutils-reproducible-compile.patch + - fix_configure_rst.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - python-3.3.0b1-localpath.patch + - python-3.3.0b1-test-posix_fadvise.patch + - skip_if_buildbot-extend.patch + - subprocess-raise-timeout.patch + - support-expat-CVE-2022-25236-patched.patch + ------------------------------------------------------------------- Tue Dec 19 16:34:50 UTC 2023 - Daniel Garcia diff --git a/python311.spec b/python311.spec index 16f2357..21c0b84 100644 --- a/python311.spec +++ b/python311.spec @@ -1,7 +1,7 @@ # -# spec file +# spec file for package python311 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -94,7 +94,7 @@ %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %bcond_without profileopt Name: %{python_pkg_name}%{psuffix} -Version: 3.11.7 +Version: 3.11.8 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -407,24 +407,24 @@ other applications. %prep %setup -q -n %{tarname} -%patch02 -p1 +%patch -P 02 -p1 -%patch06 -p1 -%patch07 -p1 -%patch08 -p1 -%patch09 -p1 -%patch15 -p1 -%patch29 -p1 +%patch -P 06 -p1 +%patch -P 07 -p1 +%patch -P 08 -p1 +%patch -P 09 -p1 +%patch -P 15 -p1 +%patch -P 29 -p1 %if 0%{?suse_version} <= 1500 -%patch33 -p1 +%patch -P 33 -p1 %endif %if 0%{?sle_version} && 0%{?sle_version} <= 150300 -%patch34 -p1 +%patch -P 34 -p1 %endif -%patch35 -p1 -%patch36 -p1 -%patch39 -p1 -%patch40 -p1 +%patch -P 35 -p1 +%patch -P 36 -p1 +%patch -P 39 -p1 +%patch -P 40 -p1 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac @@ -808,7 +808,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %{sitedir}/idlelib %dir %{_sysconfdir}/idle%{python_version} %config %{_sysconfdir}/idle%{python_version}/* -%doc Lib/idlelib/NEWS.txt %doc Lib/idlelib/README.txt %doc Lib/idlelib/TODO.txt %doc Lib/idlelib/extend.txt diff --git a/skip_if_buildbot-extend.patch b/skip_if_buildbot-extend.patch index 0300539..55a1b60 100644 --- a/skip_if_buildbot-extend.patch +++ b/skip_if_buildbot-extend.patch @@ -2,9 +2,11 @@ Lib/test/support/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/test/support/__init__.py -+++ b/Lib/test/support/__init__.py -@@ -388,7 +388,7 @@ def skip_if_buildbot(reason=None): +Index: Python-3.11.8/Lib/test/support/__init__.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/support/__init__.py ++++ Python-3.11.8/Lib/test/support/__init__.py +@@ -383,7 +383,7 @@ def skip_if_buildbot(reason=None): if not reason: reason = 'not suitable for buildbots' try: diff --git a/subprocess-raise-timeout.patch b/subprocess-raise-timeout.patch index 76afe11..ab29d50 100644 --- a/subprocess-raise-timeout.patch +++ b/subprocess-raise-timeout.patch @@ -2,9 +2,11 @@ Lib/test/test_subprocess.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---- a/Lib/test/test_subprocess.py -+++ b/Lib/test/test_subprocess.py -@@ -279,7 +279,8 @@ class ProcessTestCase(BaseTestCase): +Index: Python-3.11.8/Lib/test/test_subprocess.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_subprocess.py ++++ Python-3.11.8/Lib/test/test_subprocess.py +@@ -280,7 +280,8 @@ class ProcessTestCase(BaseTestCase): "time.sleep(3600)"], # Some heavily loaded buildbots (sparc Debian 3.x) require # this much time to start and print. diff --git a/support-expat-CVE-2022-25236-patched.patch b/support-expat-CVE-2022-25236-patched.patch index 5b26c99..d6fbad9 100644 --- a/support-expat-CVE-2022-25236-patched.patch +++ b/support-expat-CVE-2022-25236-patched.patch @@ -27,8 +27,10 @@ Co-authored-by: Sebastian Pipping 1 file changed, 9 insertions(+), 14 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst ---- a/Lib/test/test_minidom.py -+++ b/Lib/test/test_minidom.py +Index: Python-3.11.8/Lib/test/test_minidom.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_minidom.py ++++ Python-3.11.8/Lib/test/test_minidom.py @@ -6,7 +6,6 @@ import io from test import support import unittest