From a7d54cb5c388da2c63f819adbcca74970c1653862c4a90d2088bc2dd95991e67 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Thu, 8 Feb 2024 12:49:59 +0000 Subject: [PATCH] Accepting request 1145174 from home:dgarcia:branches:devel:languages:python:Factory MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Update to 3.11.8: - Security - gh-113659: Skip .pth files with names starting with a dot or hidden file attribute. - Core and Builtins - gh-114887: Changed socket type validation in create_datagram_endpoint() to accept all non-stream sockets. This fixes a regression in compatibility with raw sockets. - gh-114388: Fix a RuntimeWarning emitted when assign an integer-like value that is not an instance of int to an attribute that corresponds to a C struct member of type T_UINT and T_ULONG. Fix a double RuntimeWarning emitted when assign a negative integer value to an attribute that corresponds to a C struct member of type T_UINT. - gh-89811: Check for a valid tp_version_tag before performing bytecode specializations that rely on this value being usable. - gh-113602: Fix an error that was causing the parser to try to overwrite existing errors and crashing in the process. Patch by Pablo Galindo - gh-113566: Fix a 3.11-specific crash when the repr of a Future is requested after the module has already been garbage-collected. - gh-106905: Use per AST-parser state rather than global state to track recursion depth within the AST parser to prevent potential race condition due to simultaneous parsing. - The issue primarily showed up in 3.11 by multithreaded users of ast.parse(). In 3.12 a change to when garbage collection can be triggered prevented the race condition from occurring. - gh-112716: Fix SystemError in the import statement and in __reduce__() methods of builtin types when __builtins__ is not a dict. - gh-105967: Workaround a bug in Apple’s macOS platform zlib library where zlib.crc32() and binascii.crc32() could produce incorrect results on multi-gigabyte inputs. Including when using zipfile on zips containing large data. - gh-94606: Fix UnicodeEncodeError when email.message.get_payload() reads a message with a Unicode surrogate character and the message content is not well-formed for surrogateescape encoding. Patch by Sidney Markowitz. - Library - gh-114965: Update bundled pip to 24.0 - gh-114959: tarfile no longer ignores errors when trying to extract a directory on top of a file. - gh-109475: Fix support of explicit option value “–” in argparse (e.g. --option=--). - gh-110190: Fix ctypes structs with array on Windows ARM64 platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by Diego Russo - gh-113280: Fix a leak of open socket in rare cases when error occurred in ssl.SSLSocket creation. - gh-77749: email.policy.EmailPolicy.fold() now always encodes non-ASCII characters in headers if utf8 is false. - gh-114492: Make the result of termios.tcgetattr() reproducible on Alpine Linux. Previously it could leave a random garbage in some fields. - gh-75128: Ignore an OSError in asyncio.BaseEventLoop.create_server() when IPv6 is available but the interface cannot actually support it. - gh-114257: Dismiss the FileNotFound error in ctypes.util.find_library() and just return None on Linux. - gh-101438: Avoid reference cycle in ElementTree.iterparse. The iterator returned by ElementTree.iterparse may hold on to a file descriptor. The reference cycle prevented prompt clean-up of the file descriptor if the returned iterator was not exhausted. - gh-104522: OSError raised when run a subprocess now only has filename attribute set to cwd if the error was caused by a failed attempt to change the current directory. - gh-109534: Fix a reference leak in asyncio.selector_events.BaseSelectorEventLoop when SSL handshakes fail. Patch contributed by Jamie Phan. - gh-114077: Fix possible OverflowError in socket.socket.sendfile() when pass count larger than 2 GiB on 32-bit platform. - gh-114014: Fixed a bug in fractions.Fraction where an invalid string using d in the decimals part creates a different error compared to other invalid letters/characters. Patch by Jeremiah Gabriel Pascual. - gh-113951: Fix the behavior of tag_unbind() methods of tkinter.Text and tkinter.Canvas classes with three arguments. Previously, widget.tag_unbind(tag, sequence, funcid) destroyed the current binding for sequence, leaving sequence unbound, and deleted the funcid command. Now it removes only funcid from the binding for sequence, keeping other commands, and deletes the funcid command. It leaves sequence unbound only if funcid was the last bound command. - gh-113877: Fix tkinter method winfo_pathname() on 64-bit Windows. - gh-113781: Silence unraisable AttributeError when warnings are emitted during Python finalization. - gh-113594: Fix UnicodeEncodeError in email when re-fold lines that contain unknown-8bit encoded part followed by non-unknown-8bit encoded part. - gh-113538: In asyncio.StreamReaderProtocol.connection_made(), there is callback that logs an error if the task wrapping the “connected callback” fails. This callback would itself fail if the task was cancelled. Prevent this by checking whether the task was cancelled first. If so, close the transport but don’t log an error. - gh-85567: Fix resource warnings for unclosed files in pickle and pickletools command line interfaces. - gh-101225: Increase the backlog for multiprocessing.connection.Listener objects created by multiprocessing.manager and multiprocessing.resource_sharer to significantly reduce the risk of getting a connection refused error when creating a multiprocessing.connection.Connection to them. - gh-113543: Make sure that webbrowser.MacOSXOSAScript sends webbrowser.open audit event. - gh-113028: When a second reference to a string appears in the input to pickle, and the Python implementation is in use, we are guaranteed that a single copy gets pickled and a single object is shared when reloaded. Previously, in protocol 0, when a string contained certain characters (e.g. newline) it resulted in duplicate objects. - gh-113421: Fix multiprocessing logger for %(filename)s. - gh-113358: Fix rendering tracebacks for exceptions with a broken __getattr__. - gh-113214: Fix an AttributeError during asyncio SSL protocol aborts in SSL-over-SSL scenarios. - gh-113246: Update bundled pip to 23.3.2. - gh-113199: Make http.client.HTTPResponse.read1 and http.client.HTTPResponse.readline close IO after reading all data when content length is known. Patch by Illia Volochii. - gh-113188: Fix shutil.copymode() and shutil.copystat() on Windows. Previously they worked differenly if dst is a symbolic link: they modified the permission bits of dst itself rather than the file it points to if follow_symlinks is true or src is not a symbolic link, and did not modify the permission bits if follow_symlinks is false and src is a symbolic link. - gh-61648: Detect line numbers of properties in doctests. - gh-112559: signal.signal() and signal.getsignal() no longer call repr on callable handlers. asyncio.run() and asyncio.Runner.run() no longer call repr on the task results. Patch by Yilei Yang. - gh-110190: Fix ctypes structs with array on PPC64LE platform by setting MAX_STRUCT_SIZE to 64 in stgdict. Patch by Diego Russo. - gh-79429: Ignore FileNotFoundError when remove a temporary directory in the multiprocessing finalizer. - gh-79325: Fix an infinite recursion error in tempfile.TemporaryDirectory() cleanup on Windows. - gh-110190: Fix ctypes structs with array on Arm platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by Diego Russo. - gh-81194: Fix a crash in socket.if_indextoname() with specific value (UINT_MAX). Fix an integer overflow in socket.if_indextoname() on 64-bit non-Windows platforms. - gh-75666: Fix the behavior of tkinter widget’s unbind() method with two arguments. Previously, widget.unbind(sequence, funcid) destroyed the current binding for sequence, leaving sequence unbound, and deleted the funcid command. Now it removes only funcid from the binding for sequence, keeping other commands, and deletes the funcid command. It leaves sequence unbound only if funcid was the last bound command. - gh-110345: Show the Tcl/Tk patchlevel (rather than version) in tkinter._test(). - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now raises BadZipFile when try to read an entry that overlaps with other entry or central directory. - gh-38807: Fix race condition in trace. Instead of checking if a directory exists and creating it, directly call os.makedirs() with the kwarg exist_ok=True. - gh-75705: Set unixfrom envelope in mailbox.mbox and mailbox.MMDF. - gh-105102: Allow ctypes.Union to be nested in ctypes.Structure when the system endianness is the opposite of the classes. - gh-104282: Fix null pointer dereference in lzma._decode_filter_properties() due to improper handling of BCJ filters with properties of zero length. Patch by Radislav Chugunov. - gh-102512: When os.fork() is called from a foreign thread (aka _DummyThread), the type of the thread in a child process is changed to _MainThread. Also changed its name and daemonic status, it can be now joined. - gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, which now no longer dereferences symlinks when working around file system permission errors. - bpo-43153: On Windows, tempfile.TemporaryDirectory previously masked a PermissionError with NotADirectoryError during directory cleanup. It now correctly raises PermissionError if errors are not ignored. Patch by Andrei Kulakov and Ken Jin. - bpo-35332: The shutil.rmtree() function now ignores errors when calling os.close() when ignore_errors is True, and os.close() no longer retried after error. - bpo-35928: io.TextIOWrapper now correctly handles the decoding buffer after read() and write(). - bpo-26791: shutil.move() now moves a symlink into a directory when that directory is the target of the symlink. This provides the same behavior as the mv shell command. The previous behavior raised an exception. Patch by Jeffrey Kintscher. - bpo-36959: Fix some error messages for invalid ISO format string combinations in strptime() that referred to directives not contained in the format string. Patch by Gordon P. Hemsley. - bpo-18060: Fixed a class inheritance issue that can cause segfaults when deriving two or more levels of subclasses from a base class of Structure or Union. - Documentation - gh-110746: Improved markup for valid options/values for methods ttk.treeview.column and ttk.treeview.heading, and for Layouts. - gh-95649: Document that the asyncio module contains code taken from v0.16.0 of the uvloop project, as well as the required MIT licensing information. - Tests - gh-109980: Fix test_tarfile_vs_tar in test_shutil for macOS, where system tar can include more information in the archive than shutil.make_archive. - gh-112769: The tests now correctly compare zlib version when zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For example zlib-ng defines the version as 1.3.0.zlib-ng. - gh-105089: Fix test.test_zipfile.test_core.TestWithDirectory.test_create_directory_with_write test in AIX by doing a bitwise AND of 0xFFFF on mode , so that it will be in sync with zinfo.external_attr - bpo-40648: Test modes that file can get with chmod() on Windows. - Build - gh-101778: Fix build error when there’s a dangling symlink in the directory containing ffi.h. - gh-112305: Fixed the check-clean-src step performed on out of tree builds to detect errant $(srcdir)/Python/frozen_modules/*.h files and recommend appropriate source tree cleanup steps to get a working build again. - bpo-11102: The os.major(), os.makedev(), and os.minor() functions are now available on HP-UX v3. - bpo-36351: Do not set ipv6type when cross-compiling. - IDLE - gh-96905: In idlelib code, stop redefining built-ins ‘dict’ and ‘object’. - gh-72284: Improve the lists of features, editor key bindings, and shell key bingings in the IDLE doc. - gh-113903: Fix rare failure of test.test_idle, in test_configdialog. - gh-113729: Fix the “Help -> IDLE Doc” menu bug in 3.11.7 and 3.12.1. - gh-113269: Fix test_editor hang on macOS Catalina. - gh-112898: Fix processing unsaved files when quitting IDLE on macOS. - gh-103820: Revise IDLE bindings so that events from mouse button 4/5 on non-X11 windowing systems (i.e. Win32 and Aqua) are not mistaken for scrolling. - bpo-13586: Enter the selected text when opening the “Replace” dialog. - Tools/Demos - gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.13 and multissltests to use 1.1.1w, 3.0.13, 3.1.5, and 3.2.1. - gh-115015: Fix a bug in Argument Clinic that generated incorrect code for methods with no parameters that use the METH_METHOD | METH_FASTCALL | METH_KEYWORDS calling convention. Only the positional parameter count was checked; any keyword argument passed would be silently accepted. - Refresh all patches: - CVE-2023-27043-email-parsing-errors.patch - F00251-change-user-install-location.patch - bpo-31046_ensurepip_honours_prefix.patch - distutils-reproducible-compile.patch - fix_configure_rst.patch - python-3.3.0b1-fix_date_time_compiler.patch - python-3.3.0b1-localpath.patch - python-3.3.0b1-test-posix_fadvise.patch - skip_if_buildbot-extend.patch - subprocess-raise-timeout.patch - support-expat-CVE-2022-25236-patched.patch OBS-URL: https://build.opensuse.org/request/show/1145174 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=99 --- CVE-2023-27043-email-parsing-errors.patch | 24 +- F00251-change-user-install-location.patch | 14 +- Python-3.11.7.tar.xz | 3 - Python-3.11.7.tar.xz.asc | 16 -- Python-3.11.8.tar.xz | 3 + Python-3.11.8.tar.xz.asc | 16 ++ bpo-31046_ensurepip_honours_prefix.patch | 32 +-- distutils-reproducible-compile.patch | 6 +- fix_configure_rst.patch | 14 +- python-3.3.0b1-fix_date_time_compiler.patch | 8 +- python-3.3.0b1-localpath.patch | 10 +- python-3.3.0b1-test-posix_fadvise.patch | 8 +- python311.changes | 264 ++++++++++++++++++++ python311.spec | 33 ++- skip_if_buildbot-extend.patch | 8 +- subprocess-raise-timeout.patch | 8 +- support-expat-CVE-2022-25236-patched.patch | 6 +- 17 files changed, 381 insertions(+), 92 deletions(-) delete mode 100644 Python-3.11.7.tar.xz delete mode 100644 Python-3.11.7.tar.xz.asc create mode 100644 Python-3.11.8.tar.xz create mode 100644 Python-3.11.8.tar.xz.asc diff --git a/CVE-2023-27043-email-parsing-errors.patch b/CVE-2023-27043-email-parsing-errors.patch index 6e4cc64..1ced142 100644 --- a/CVE-2023-27043-email-parsing-errors.patch +++ b/CVE-2023-27043-email-parsing-errors.patch @@ -5,8 +5,10 @@ Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst | 8 4 files changed, 344 insertions(+), 21 deletions(-) ---- a/Doc/library/email.utils.rst -+++ b/Doc/library/email.utils.rst +Index: Python-3.11.8/Doc/library/email.utils.rst +=================================================================== +--- Python-3.11.8.orig/Doc/library/email.utils.rst ++++ Python-3.11.8/Doc/library/email.utils.rst @@ -60,13 +60,18 @@ of the new API. begins with angle brackets, they are stripped off. @@ -56,15 +58,17 @@ .. function:: parsedate(date) ---- a/Lib/email/utils.py -+++ b/Lib/email/utils.py +Index: Python-3.11.8/Lib/email/utils.py +=================================================================== +--- Python-3.11.8.orig/Lib/email/utils.py ++++ Python-3.11.8/Lib/email/utils.py @@ -48,6 +48,7 @@ TICK = "'" specialsre = re.compile(r'[][\\()<>@,:;".]') escapesre = re.compile(r'[\\"]') + def _has_surrogates(s): - """Return True if s contains surrogate-escaped binary data.""" + """Return True if s may contain surrogate-escaped binary data.""" # This check is based on the fact that unless there are surrogates, utf8 @@ -106,12 +107,127 @@ def formataddr(pair, charset='utf-8'): return address @@ -237,8 +241,10 @@ return addrs[0] ---- a/Lib/test/test_email/test_email.py -+++ b/Lib/test/test_email/test_email.py +Index: Python-3.11.8/Lib/test/test_email/test_email.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_email/test_email.py ++++ Python-3.11.8/Lib/test/test_email/test_email.py @@ -17,6 +17,7 @@ from unittest.mock import patch import email @@ -448,8 +454,10 @@ # Test the iterator/generators class TestIterators(TestEmailBase): +Index: Python-3.11.8/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst +=================================================================== --- /dev/null -+++ b/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst ++++ Python-3.11.8/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst @@ -0,0 +1,8 @@ +:func:`email.utils.getaddresses` and :func:`email.utils.parseaddr` now +return ``('', '')`` 2-tuples in more situations where invalid email diff --git a/F00251-change-user-install-location.patch b/F00251-change-user-install-location.patch index ac31b43..d659f81 100644 --- a/F00251-change-user-install-location.patch +++ b/F00251-change-user-install-location.patch @@ -13,8 +13,10 @@ Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe Lib/site.py | 9 ++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) ---- a/Lib/distutils/command/install.py -+++ b/Lib/distutils/command/install.py +Index: Python-3.11.8/Lib/distutils/command/install.py +=================================================================== +--- Python-3.11.8.orig/Lib/distutils/command/install.py ++++ Python-3.11.8/Lib/distutils/command/install.py @@ -441,8 +441,19 @@ class install(Command): raise DistutilsOptionError( "must not supply exec-prefix without prefix") @@ -37,9 +39,11 @@ Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe else: if self.exec_prefix is None: ---- a/Lib/site.py -+++ b/Lib/site.py -@@ -377,8 +377,15 @@ def getsitepackages(prefixes=None): +Index: Python-3.11.8/Lib/site.py +=================================================================== +--- Python-3.11.8.orig/Lib/site.py ++++ Python-3.11.8/Lib/site.py +@@ -387,8 +387,15 @@ def getsitepackages(prefixes=None): return sitepackages def addsitepackages(known_paths, prefixes=None): diff --git a/Python-3.11.7.tar.xz b/Python-3.11.7.tar.xz deleted file mode 100644 index 8d3a65d..0000000 --- a/Python-3.11.7.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:18e1aa7e66ff3a58423d59ed22815a6954e53342122c45df20c96877c062b9b7 -size 20074108 diff --git a/Python-3.11.7.tar.xz.asc b/Python-3.11.7.tar.xz.asc deleted file mode 100644 index 3eee3d2..0000000 --- a/Python-3.11.7.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmVuFigACgkQ/+h0BBaL -2EeHPg/+LU5xs2ZDrQogDcH+A1v8RyursiggypdM5hXTrsFsTCIk4iekcI9xkhG1 -ltNX4UuCe5PUEbTgtaWP0ncXARrUnPCoQaQ1sHVDTYoHegancsk+sXZc1JM7qr0p -Y4Ig6mKjuHFMXCInQSI2GaH4t5r4Z1jGk/PGrecIHOPJgqfA/6Z3TBF5N+y3jEvS -2QazMB298q4RDhh9m3REe8LwFPHDlfw9eRohv0MB8xygg9KtxhLZrN7gLBQZvKGD -ihNw6EgJj5OZ0dvwKCCXnlZuwknuJW7vAOPHhYeenPdVdYCGoRSyN7JdD07L+5AG -O14l2rqZrz5Eu28by+kAUrcPYAfAXekw1PmtT3HSd9U/nqnUiTkkJcjyGG/e3cjJ -sUDKMNCSBq0G7j5DB3bB6VHkZjVuz+T+iR5QdfJ4kI2pYSuE/rUj1rhkUXApYsHl -7Wff0QbOW6QT1wCtQcMpJSzkTDVJVYxiqrko/ihlOhphDHYLdOIGOrxWAUwc06x/ -BhJD6tM1kEVZvifoJp1OsNwDzZ/Ku6CUs05E1vWxdeNVeANyKAgCZ5hOVmhnv866 -11zfgo/znRsMzMIyJuy0bhO0C6omVLzzfhipAbZM2jDorn37xxV0v/I0pceNtLrp -YR7Tjs7+Ihe6/oItjW53j9T7ANdgQ1RVDg98lKlPFNL+hxfctwY= -=0Pkd ------END PGP SIGNATURE----- diff --git a/Python-3.11.8.tar.xz b/Python-3.11.8.tar.xz new file mode 100644 index 0000000..9263767 --- /dev/null +++ b/Python-3.11.8.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9e06008c8901924395bc1da303eac567a729ae012baa182ab39269f650383bb3 +size 20041256 diff --git a/Python-3.11.8.tar.xz.asc b/Python-3.11.8.tar.xz.asc new file mode 100644 index 0000000..bd8cff8 --- /dev/null +++ b/Python-3.11.8.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmXCppEACgkQ/+h0BBaL +2Edi6g//dRagLHlrmPyCrch7ZqAazLMXTHb3cerXg41QEqfwIl7osk1HnqObBgVN +w8vgXy9ZlxWwv+cWvwrNLY1AWEfarhwRzWLkikHwycBIIgep1HmSvyU4wLKaN7mI +c/LxGHfQZ6suu3gCVmRFBoB/ACpT0P5qvDpoUehrADE6wCqs0vbRiW/InLCTUpOy +zZ+5ncK302JtafJkjIGf2VNB4yQATk/v7fO/z43sEQqhvzgtlWlXNmtCKshGBIt1 +mJpLEs8gCq97jObfbN7FkC3Ti/kEan7PbjDzsDKcBv/jJudvWywHtMzplgbjtOYG +AgBM8bXbVC119BwmfBpvAxgsVKmmGi9d2McJUPOcIHKiHCb17fU0srRbSV47rE9N +PWEHgQC2ICbdT9N1oimOEp16eYt5omFWfDy5C91oqUnBFtz8wqiNmyeQimegMgBe +cDpOY73C2H7Vi6rX9EbyrG+LOkfJ6Vt5rTCa+zbAPy2ihz/ajA7UNH72t1uuzFQZ +pPdUBNhtGxr5EB3zAqBxDuoh9DMOmDZACbT+npHR3Y7KaXTHYIe7Ot8CCrLpH+Ra +8Yt6/CCD7KnsCWz6pfyH+ulIL4vw+dPnC809+neiXhiUuM5qiIr9K7HidzXi0Lwj +sb8MVErS8dURFZP48e1dfbyJqsAvAosiGmjDDqbrlAC5attKjg8= +=VFx6 +-----END PGP SIGNATURE----- diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch index 1cec52f..86882ae 100644 --- a/bpo-31046_ensurepip_honours_prefix.patch +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -13,10 +13,10 @@ Co-Authored-By: Xavier de Gaye 5 files changed, 34 insertions(+), 9 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst -Index: Python-3.11.6/Doc/library/ensurepip.rst +Index: Python-3.11.8/Doc/library/ensurepip.rst =================================================================== ---- Python-3.11.6.orig/Doc/library/ensurepip.rst -+++ Python-3.11.6/Doc/library/ensurepip.rst +--- Python-3.11.8.orig/Doc/library/ensurepip.rst ++++ Python-3.11.8/Doc/library/ensurepip.rst @@ -59,7 +59,9 @@ is at least as recent as the one availab By default, ``pip`` is installed into the current virtual environment (if one is active) or into the system site packages (if there is no @@ -55,10 +55,10 @@ Index: Python-3.11.6/Doc/library/ensurepip.rst .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap .. note:: -Index: Python-3.11.6/Lib/ensurepip/__init__.py +Index: Python-3.11.8/Lib/ensurepip/__init__.py =================================================================== ---- Python-3.11.6.orig/Lib/ensurepip/__init__.py -+++ Python-3.11.6/Lib/ensurepip/__init__.py +--- Python-3.11.8.orig/Lib/ensurepip/__init__.py ++++ Python-3.11.8/Lib/ensurepip/__init__.py @@ -122,27 +122,27 @@ def _disable_pip_configuration_settings( os.environ['PIP_CONFIG_FILE'] = os.devnull @@ -121,10 +121,10 @@ Index: Python-3.11.6/Lib/ensurepip/__init__.py upgrade=args.upgrade, user=args.user, verbosity=args.verbosity, -Index: Python-3.11.6/Lib/test/test_ensurepip.py +Index: Python-3.11.8/Lib/test/test_ensurepip.py =================================================================== ---- Python-3.11.6.orig/Lib/test/test_ensurepip.py -+++ Python-3.11.6/Lib/test/test_ensurepip.py +--- Python-3.11.8.orig/Lib/test/test_ensurepip.py ++++ Python-3.11.8/Lib/test/test_ensurepip.py @@ -112,6 +112,17 @@ class TestBootstrap(EnsurepipMixin, unit unittest.mock.ANY, ) @@ -143,11 +143,11 @@ Index: Python-3.11.6/Lib/test/test_ensurepip.py def test_bootstrapping_with_user(self): ensurepip.bootstrap(user=True) -Index: Python-3.11.6/Makefile.pre.in +Index: Python-3.11.8/Makefile.pre.in =================================================================== ---- Python-3.11.6.orig/Makefile.pre.in -+++ Python-3.11.6/Makefile.pre.in -@@ -1758,7 +1758,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni +--- Python-3.11.8.orig/Makefile.pre.in ++++ Python-3.11.8/Makefile.pre.in +@@ -1761,7 +1761,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -156,7 +156,7 @@ Index: Python-3.11.6/Makefile.pre.in fi altinstall: commoninstall -@@ -1768,7 +1768,7 @@ altinstall: commoninstall +@@ -1771,7 +1771,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -165,9 +165,9 @@ Index: Python-3.11.6/Makefile.pre.in fi commoninstall: check-clean-src @FRAMEWORKALTINSTALLFIRST@ \ -Index: Python-3.11.6/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst +Index: Python-3.11.8/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst =================================================================== --- /dev/null -+++ Python-3.11.6/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst ++++ Python-3.11.8/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst @@ -0,0 +1 @@ +A directory prefix can now be specified when using :mod:`ensurepip`. diff --git a/distutils-reproducible-compile.patch b/distutils-reproducible-compile.patch index fd98baa..17e8bd2 100644 --- a/distutils-reproducible-compile.patch +++ b/distutils-reproducible-compile.patch @@ -2,8 +2,10 @@ Lib/distutils/util.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/distutils/util.py -+++ b/Lib/distutils/util.py +Index: Python-3.11.8/Lib/distutils/util.py +=================================================================== +--- Python-3.11.8.orig/Lib/distutils/util.py ++++ Python-3.11.8/Lib/distutils/util.py @@ -436,7 +436,7 @@ byte_compile(files, optimize=%r, force=% else: from py_compile import compile diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch index e45e240..2fabf1b 100644 --- a/fix_configure_rst.patch +++ b/fix_configure_rst.patch @@ -3,10 +3,10 @@ Misc/NEWS | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) -Index: Python-3.11.7/Doc/using/configure.rst +Index: Python-3.11.8/Doc/using/configure.rst =================================================================== ---- Python-3.11.7.orig/Doc/using/configure.rst -+++ Python-3.11.7/Doc/using/configure.rst +--- Python-3.11.8.orig/Doc/using/configure.rst ++++ Python-3.11.8/Doc/using/configure.rst @@ -41,7 +41,6 @@ General Options See :data:`sys.int_info.bits_per_digit `. @@ -29,11 +29,11 @@ Index: Python-3.11.7/Doc/using/configure.rst .. option:: --enable-framework=INSTALLDIR Create a Python.framework rather than a traditional Unix install. Optional -Index: Python-3.11.7/Misc/NEWS +Index: Python-3.11.8/Misc/NEWS =================================================================== ---- Python-3.11.7.orig/Misc/NEWS -+++ Python-3.11.7/Misc/NEWS -@@ -9012,7 +9012,7 @@ C API +--- Python-3.11.8.orig/Misc/NEWS ++++ Python-3.11.8/Misc/NEWS +@@ -9411,7 +9411,7 @@ C API - bpo-40939: Removed documentation for the removed ``PyParser_*`` C API. - bpo-43795: The list in :ref:`limited-api-list` now shows the public name diff --git a/python-3.3.0b1-fix_date_time_compiler.patch b/python-3.3.0b1-fix_date_time_compiler.patch index 06aab09..cda20d7 100644 --- a/python-3.3.0b1-fix_date_time_compiler.patch +++ b/python-3.3.0b1-fix_date_time_compiler.patch @@ -2,9 +2,11 @@ Makefile.pre.in | 7 +++++++ 1 file changed, 7 insertions(+) ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -1235,11 +1235,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ +Index: Python-3.11.8/Makefile.pre.in +=================================================================== +--- Python-3.11.8.orig/Makefile.pre.in ++++ Python-3.11.8/Makefile.pre.in +@@ -1240,11 +1240,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ $(DTRACE_OBJS) \ $(srcdir)/Modules/getbuildinfo.c $(CC) -c $(PY_CORE_CFLAGS) \ diff --git a/python-3.3.0b1-localpath.patch b/python-3.3.0b1-localpath.patch index ff9a376..475497e 100644 --- a/python-3.3.0b1-localpath.patch +++ b/python-3.3.0b1-localpath.patch @@ -1,7 +1,9 @@ ---- a/Lib/site.py -+++ b/Lib/site.py -@@ -76,7 +76,7 @@ import _sitebuiltins - import io +Index: Python-3.11.8/Lib/site.py +=================================================================== +--- Python-3.11.8.orig/Lib/site.py ++++ Python-3.11.8/Lib/site.py +@@ -77,7 +77,7 @@ import io + import stat # Prefixes for site-packages; add additional prefixes like /usr/local here -PREFIXES = [sys.prefix, sys.exec_prefix] diff --git a/python-3.3.0b1-test-posix_fadvise.patch b/python-3.3.0b1-test-posix_fadvise.patch index 762dd28..ac5d553 100644 --- a/python-3.3.0b1-test-posix_fadvise.patch +++ b/python-3.3.0b1-test-posix_fadvise.patch @@ -2,9 +2,11 @@ Lib/test/test_posix.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/test/test_posix.py -+++ b/Lib/test/test_posix.py -@@ -428,7 +428,7 @@ class PosixTester(unittest.TestCase): +Index: Python-3.11.8/Lib/test/test_posix.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_posix.py ++++ Python-3.11.8/Lib/test/test_posix.py +@@ -430,7 +430,7 @@ class PosixTester(unittest.TestCase): def test_posix_fadvise(self): fd = os.open(os_helper.TESTFN, os.O_RDONLY) try: diff --git a/python311.changes b/python311.changes index 55ffed6..d22b0be 100644 --- a/python311.changes +++ b/python311.changes @@ -1,3 +1,267 @@ +------------------------------------------------------------------- +Thu Feb 8 07:27:40 UTC 2024 - Daniel Garcia + +- Update to 3.11.8: + - Security + - gh-113659: Skip .pth files with names starting with a dot or + hidden file attribute. + - Core and Builtins + - gh-114887: Changed socket type validation in + create_datagram_endpoint() to accept all non-stream sockets. + This fixes a regression in compatibility with raw sockets. + - gh-114388: Fix a RuntimeWarning emitted when assign an + integer-like value that is not an instance of int to an + attribute that corresponds to a C struct member of type T_UINT + and T_ULONG. Fix a double RuntimeWarning emitted when assign a + negative integer value to an attribute that corresponds to a C + struct member of type T_UINT. + - gh-89811: Check for a valid tp_version_tag before performing + bytecode specializations that rely on this value being usable. + - gh-113602: Fix an error that was causing the parser to try to + overwrite existing errors and crashing in the process. Patch by + Pablo Galindo + - gh-113566: Fix a 3.11-specific crash when the repr of a Future + is requested after the module has already been + garbage-collected. + - gh-106905: Use per AST-parser state rather than global state to + track recursion depth within the AST parser to prevent potential + race condition due to simultaneous parsing. + - The issue primarily showed up in 3.11 by multithreaded users of + ast.parse(). In 3.12 a change to when garbage collection can be + triggered prevented the race condition from occurring. + - gh-112716: Fix SystemError in the import statement and in + __reduce__() methods of builtin types when __builtins__ is not a + dict. + - gh-105967: Workaround a bug in Apple’s macOS platform zlib + library where zlib.crc32() and binascii.crc32() could produce + incorrect results on multi-gigabyte inputs. Including when using + zipfile on zips containing large data. + - gh-94606: Fix UnicodeEncodeError when + email.message.get_payload() reads a message with a Unicode + surrogate character and the message content is not well-formed + for surrogateescape encoding. Patch by Sidney Markowitz. + - Library + - gh-114965: Update bundled pip to 24.0 + - gh-114959: tarfile no longer ignores errors when trying to + extract a directory on top of a file. + - gh-109475: Fix support of explicit option value “–” in argparse + (e.g. --option=--). + - gh-110190: Fix ctypes structs with array on Windows ARM64 + platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by + Diego Russo + - gh-113280: Fix a leak of open socket in rare cases when error + occurred in ssl.SSLSocket creation. + - gh-77749: email.policy.EmailPolicy.fold() now always encodes + non-ASCII characters in headers if utf8 is false. + - gh-114492: Make the result of termios.tcgetattr() reproducible + on Alpine Linux. Previously it could leave a random garbage in + some fields. + - gh-75128: Ignore an OSError in + asyncio.BaseEventLoop.create_server() when IPv6 is available but + the interface cannot actually support it. + - gh-114257: Dismiss the FileNotFound error in + ctypes.util.find_library() and just return None on Linux. + - gh-101438: Avoid reference cycle in ElementTree.iterparse. The + iterator returned by ElementTree.iterparse may hold on to a file + descriptor. The reference cycle prevented prompt clean-up of the + file descriptor if the returned iterator was not exhausted. + - gh-104522: OSError raised when run a subprocess now only has + filename attribute set to cwd if the error was caused by a + failed attempt to change the current directory. + - gh-109534: Fix a reference leak in + asyncio.selector_events.BaseSelectorEventLoop when SSL + handshakes fail. Patch contributed by Jamie Phan. + - gh-114077: Fix possible OverflowError in + socket.socket.sendfile() when pass count larger than 2 GiB on + 32-bit platform. + - gh-114014: Fixed a bug in fractions.Fraction where an invalid + string using d in the decimals part creates a different error + compared to other invalid letters/characters. Patch by Jeremiah + Gabriel Pascual. + - gh-113951: Fix the behavior of tag_unbind() methods of + tkinter.Text and tkinter.Canvas classes with three arguments. + Previously, widget.tag_unbind(tag, sequence, funcid) destroyed + the current binding for sequence, leaving sequence unbound, and + deleted the funcid command. Now it removes only funcid from the + binding for sequence, keeping other commands, and deletes the + funcid command. It leaves sequence unbound only if funcid was + the last bound command. + - gh-113877: Fix tkinter method winfo_pathname() on 64-bit + Windows. + - gh-113781: Silence unraisable AttributeError when warnings are + emitted during Python finalization. + - gh-113594: Fix UnicodeEncodeError in email when re-fold lines + that contain unknown-8bit encoded part followed by + non-unknown-8bit encoded part. + - gh-113538: In asyncio.StreamReaderProtocol.connection_made(), + there is callback that logs an error if the task wrapping the + “connected callback” fails. This callback would itself fail if + the task was cancelled. Prevent this by checking whether the + task was cancelled first. If so, close the transport but don’t + log an error. + - gh-85567: Fix resource warnings for unclosed files in pickle and + pickletools command line interfaces. + - gh-101225: Increase the backlog for + multiprocessing.connection.Listener objects created by + multiprocessing.manager and multiprocessing.resource_sharer to + significantly reduce the risk of getting a connection refused + error when creating a multiprocessing.connection.Connection to + them. + - gh-113543: Make sure that webbrowser.MacOSXOSAScript sends + webbrowser.open audit event. + - gh-113028: When a second reference to a string appears in the + input to pickle, and the Python implementation is in use, we are + guaranteed that a single copy gets pickled and a single object + is shared when reloaded. Previously, in protocol 0, when a + string contained certain characters (e.g. newline) it resulted + in duplicate objects. + - gh-113421: Fix multiprocessing logger for %(filename)s. + - gh-113358: Fix rendering tracebacks for exceptions with a broken + __getattr__. + - gh-113214: Fix an AttributeError during asyncio SSL protocol + aborts in SSL-over-SSL scenarios. + - gh-113246: Update bundled pip to 23.3.2. + - gh-113199: Make http.client.HTTPResponse.read1 and + http.client.HTTPResponse.readline close IO after reading all + data when content length is known. Patch by Illia Volochii. + - gh-113188: Fix shutil.copymode() and shutil.copystat() on + Windows. Previously they worked differenly if dst is a symbolic + link: they modified the permission bits of dst itself rather + than the file it points to if follow_symlinks is true or src is + not a symbolic link, and did not modify the permission bits if + follow_symlinks is false and src is a symbolic link. + - gh-61648: Detect line numbers of properties in doctests. + - gh-112559: signal.signal() and signal.getsignal() no longer call + repr on callable handlers. asyncio.run() and + asyncio.Runner.run() no longer call repr on the task results. + Patch by Yilei Yang. + - gh-110190: Fix ctypes structs with array on PPC64LE platform by + setting MAX_STRUCT_SIZE to 64 in stgdict. Patch by Diego Russo. + - gh-79429: Ignore FileNotFoundError when remove a temporary + directory in the multiprocessing finalizer. + - gh-79325: Fix an infinite recursion error in + tempfile.TemporaryDirectory() cleanup on Windows. + - gh-110190: Fix ctypes structs with array on Arm platform by + setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by Diego Russo. + - gh-81194: Fix a crash in socket.if_indextoname() with specific + value (UINT_MAX). Fix an integer overflow in + socket.if_indextoname() on 64-bit non-Windows platforms. + - gh-75666: Fix the behavior of tkinter widget’s unbind() method + with two arguments. Previously, widget.unbind(sequence, funcid) + destroyed the current binding for sequence, leaving sequence + unbound, and deleted the funcid command. Now it removes only + funcid from the binding for sequence, keeping other commands, + and deletes the funcid command. It leaves sequence unbound only + if funcid was the last bound command. + - gh-110345: Show the Tcl/Tk patchlevel (rather than version) in + tkinter._test(). + - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now + raises BadZipFile when try to read an entry that overlaps with + other entry or central directory. + - gh-38807: Fix race condition in trace. Instead of checking if a + directory exists and creating it, directly call os.makedirs() + with the kwarg exist_ok=True. + - gh-75705: Set unixfrom envelope in mailbox.mbox and + mailbox.MMDF. + - gh-105102: Allow ctypes.Union to be nested in ctypes.Structure + when the system endianness is the opposite of the classes. + - gh-104282: Fix null pointer dereference in + lzma._decode_filter_properties() due to improper handling of BCJ + filters with properties of zero length. Patch by Radislav + Chugunov. + - gh-102512: When os.fork() is called from a foreign thread (aka + _DummyThread), the type of the thread in a child process is + changed to _MainThread. Also changed its name and daemonic + status, it can be now joined. + - gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, + which now no longer dereferences symlinks when working around + file system permission errors. + - bpo-43153: On Windows, tempfile.TemporaryDirectory previously + masked a PermissionError with NotADirectoryError during + directory cleanup. It now correctly raises PermissionError if + errors are not ignored. Patch by Andrei Kulakov and Ken Jin. + - bpo-35332: The shutil.rmtree() function now ignores errors when + calling os.close() when ignore_errors is True, and os.close() no + longer retried after error. + - bpo-35928: io.TextIOWrapper now correctly handles the decoding + buffer after read() and write(). + - bpo-26791: shutil.move() now moves a symlink into a directory + when that directory is the target of the symlink. This provides + the same behavior as the mv shell command. The previous behavior + raised an exception. Patch by Jeffrey Kintscher. + - bpo-36959: Fix some error messages for invalid ISO format string + combinations in strptime() that referred to directives not + contained in the format string. Patch by Gordon P. Hemsley. + - bpo-18060: Fixed a class inheritance issue that can cause + segfaults when deriving two or more levels of subclasses from a + base class of Structure or Union. + - Documentation + - gh-110746: Improved markup for valid options/values for methods + ttk.treeview.column and ttk.treeview.heading, and for Layouts. + - gh-95649: Document that the asyncio module contains code taken + from v0.16.0 of the uvloop project, as well as the required MIT + licensing information. + - Tests + - gh-109980: Fix test_tarfile_vs_tar in test_shutil for macOS, + where system tar can include more information in the archive + than shutil.make_archive. + - gh-112769: The tests now correctly compare zlib version when + zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For + example zlib-ng defines the version as 1.3.0.zlib-ng. + - gh-105089: Fix + test.test_zipfile.test_core.TestWithDirectory.test_create_directory_with_write + test in AIX by doing a bitwise AND of 0xFFFF on mode , so that + it will be in sync with zinfo.external_attr + - bpo-40648: Test modes that file can get with chmod() on Windows. + - Build + - gh-101778: Fix build error when there’s a dangling symlink in + the directory containing ffi.h. + - gh-112305: Fixed the check-clean-src step performed on out of + tree builds to detect errant $(srcdir)/Python/frozen_modules/*.h + files and recommend appropriate source tree cleanup steps to get + a working build again. + - bpo-11102: The os.major(), os.makedev(), and os.minor() + functions are now available on HP-UX v3. + - bpo-36351: Do not set ipv6type when cross-compiling. + - IDLE + - gh-96905: In idlelib code, stop redefining built-ins ‘dict’ and + ‘object’. + - gh-72284: Improve the lists of features, editor key bindings, + and shell key bingings in the IDLE doc. + - gh-113903: Fix rare failure of test.test_idle, in + test_configdialog. + - gh-113729: Fix the “Help -> IDLE Doc” menu bug in 3.11.7 and + 3.12.1. + - gh-113269: Fix test_editor hang on macOS Catalina. + - gh-112898: Fix processing unsaved files when quitting IDLE on + macOS. + - gh-103820: Revise IDLE bindings so that events from mouse button + 4/5 on non-X11 windowing systems (i.e. Win32 and Aqua) are not + mistaken for scrolling. + - bpo-13586: Enter the selected text when opening the “Replace” + dialog. + - Tools/Demos + - gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.13 and + multissltests to use 1.1.1w, 3.0.13, 3.1.5, and 3.2.1. + - gh-115015: Fix a bug in Argument Clinic that generated incorrect + code for methods with no parameters that use the METH_METHOD | + METH_FASTCALL | METH_KEYWORDS calling convention. Only the + positional parameter count was checked; any keyword argument + passed would be silently accepted. + +- Refresh all patches: + - CVE-2023-27043-email-parsing-errors.patch + - F00251-change-user-install-location.patch + - bpo-31046_ensurepip_honours_prefix.patch + - distutils-reproducible-compile.patch + - fix_configure_rst.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - python-3.3.0b1-localpath.patch + - python-3.3.0b1-test-posix_fadvise.patch + - skip_if_buildbot-extend.patch + - subprocess-raise-timeout.patch + - support-expat-CVE-2022-25236-patched.patch + ------------------------------------------------------------------- Tue Dec 19 16:34:50 UTC 2023 - Daniel Garcia diff --git a/python311.spec b/python311.spec index 16f2357..21c0b84 100644 --- a/python311.spec +++ b/python311.spec @@ -1,7 +1,7 @@ # -# spec file +# spec file for package python311 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -94,7 +94,7 @@ %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %bcond_without profileopt Name: %{python_pkg_name}%{psuffix} -Version: 3.11.7 +Version: 3.11.8 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -407,24 +407,24 @@ other applications. %prep %setup -q -n %{tarname} -%patch02 -p1 +%patch -P 02 -p1 -%patch06 -p1 -%patch07 -p1 -%patch08 -p1 -%patch09 -p1 -%patch15 -p1 -%patch29 -p1 +%patch -P 06 -p1 +%patch -P 07 -p1 +%patch -P 08 -p1 +%patch -P 09 -p1 +%patch -P 15 -p1 +%patch -P 29 -p1 %if 0%{?suse_version} <= 1500 -%patch33 -p1 +%patch -P 33 -p1 %endif %if 0%{?sle_version} && 0%{?sle_version} <= 150300 -%patch34 -p1 +%patch -P 34 -p1 %endif -%patch35 -p1 -%patch36 -p1 -%patch39 -p1 -%patch40 -p1 +%patch -P 35 -p1 +%patch -P 36 -p1 +%patch -P 39 -p1 +%patch -P 40 -p1 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac @@ -808,7 +808,6 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %{sitedir}/idlelib %dir %{_sysconfdir}/idle%{python_version} %config %{_sysconfdir}/idle%{python_version}/* -%doc Lib/idlelib/NEWS.txt %doc Lib/idlelib/README.txt %doc Lib/idlelib/TODO.txt %doc Lib/idlelib/extend.txt diff --git a/skip_if_buildbot-extend.patch b/skip_if_buildbot-extend.patch index 0300539..55a1b60 100644 --- a/skip_if_buildbot-extend.patch +++ b/skip_if_buildbot-extend.patch @@ -2,9 +2,11 @@ Lib/test/support/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/Lib/test/support/__init__.py -+++ b/Lib/test/support/__init__.py -@@ -388,7 +388,7 @@ def skip_if_buildbot(reason=None): +Index: Python-3.11.8/Lib/test/support/__init__.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/support/__init__.py ++++ Python-3.11.8/Lib/test/support/__init__.py +@@ -383,7 +383,7 @@ def skip_if_buildbot(reason=None): if not reason: reason = 'not suitable for buildbots' try: diff --git a/subprocess-raise-timeout.patch b/subprocess-raise-timeout.patch index 76afe11..ab29d50 100644 --- a/subprocess-raise-timeout.patch +++ b/subprocess-raise-timeout.patch @@ -2,9 +2,11 @@ Lib/test/test_subprocess.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---- a/Lib/test/test_subprocess.py -+++ b/Lib/test/test_subprocess.py -@@ -279,7 +279,8 @@ class ProcessTestCase(BaseTestCase): +Index: Python-3.11.8/Lib/test/test_subprocess.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_subprocess.py ++++ Python-3.11.8/Lib/test/test_subprocess.py +@@ -280,7 +280,8 @@ class ProcessTestCase(BaseTestCase): "time.sleep(3600)"], # Some heavily loaded buildbots (sparc Debian 3.x) require # this much time to start and print. diff --git a/support-expat-CVE-2022-25236-patched.patch b/support-expat-CVE-2022-25236-patched.patch index 5b26c99..d6fbad9 100644 --- a/support-expat-CVE-2022-25236-patched.patch +++ b/support-expat-CVE-2022-25236-patched.patch @@ -27,8 +27,10 @@ Co-authored-by: Sebastian Pipping 1 file changed, 9 insertions(+), 14 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst ---- a/Lib/test/test_minidom.py -+++ b/Lib/test/test_minidom.py +Index: Python-3.11.8/Lib/test/test_minidom.py +=================================================================== +--- Python-3.11.8.orig/Lib/test/test_minidom.py ++++ Python-3.11.8/Lib/test/test_minidom.py @@ -6,7 +6,6 @@ import io from test import support import unittest