From 67d920e551bf343f2062792f59ee35cf4d361c3ace003d057d85707f9f44961a Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 24 Jan 2021 18:29:14 +0000 Subject: [PATCH 1/3] - update to 5.4.1: * Fix stub compat with older pyyaml versions that may unwittingly load it * Build modernization, remove distutils, fix metadata, build wheels, CI to GHA * Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader * Fix memory leak in implicit resolver setup * Fix py2 copy support for timezone objects * Fix compatibility with Jython OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-PyYAML?expand=0&rev=40 --- PyYAML-5.3.1.tar.gz | 3 --- PyYAML-5.4.1.tar.gz | 3 +++ python-PyYAML.changes | 11 +++++++++++ python-PyYAML.spec | 8 ++++---- 4 files changed, 18 insertions(+), 7 deletions(-) delete mode 100644 PyYAML-5.3.1.tar.gz create mode 100644 PyYAML-5.4.1.tar.gz diff --git a/PyYAML-5.3.1.tar.gz b/PyYAML-5.3.1.tar.gz deleted file mode 100644 index bfe3bd8..0000000 --- a/PyYAML-5.3.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d -size 269377 diff --git a/PyYAML-5.4.1.tar.gz b/PyYAML-5.4.1.tar.gz new file mode 100644 index 0000000..d1722a8 --- /dev/null +++ b/PyYAML-5.4.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e +size 175147 diff --git a/python-PyYAML.changes b/python-PyYAML.changes index 8bdc0ce..2e77350 100644 --- a/python-PyYAML.changes +++ b/python-PyYAML.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sun Jan 24 18:21:20 UTC 2021 - Dirk Müller + +- update to 5.4.1: + * Fix stub compat with older pyyaml versions that may unwittingly load it + * Build modernization, remove distutils, fix metadata, build wheels, CI to GHA + * Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader + * Fix memory leak in implicit resolver setup + * Fix py2 copy support for timezone objects + * Fix compatibility with Jython + ------------------------------------------------------------------- Thu Mar 19 07:23:23 UTC 2020 - Ondřej Súkup diff --git a/python-PyYAML.spec b/python-PyYAML.spec index 777ae24..cb4eb8b 100644 --- a/python-PyYAML.spec +++ b/python-PyYAML.spec @@ -1,7 +1,7 @@ # # spec file for package python-PyYAML # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,13 +19,13 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define oldpython python Name: python-PyYAML -Version: 5.3.1 +Version: 5.4.1 Release: 0 Summary: YAML parser and emitter for Python License: MIT URL: https://github.com/yaml/pyyaml Source: https://files.pythonhosted.org/packages/source/P/PyYAML/PyYAML-%{version}.tar.gz -BuildRequires: %{python_module devel} +BuildRequires: %{python_module Cython} BuildRequires: %{python_module setuptools} BuildRequires: fdupes BuildRequires: libyaml-devel @@ -75,7 +75,7 @@ ulimit -Sn 2048 %license LICENSE %doc CHANGES README examples/ %{python_sitearch}/yaml -%{python_sitearch}/_yaml.*so +%{python_sitearch}/_yaml %{python_sitearch}/PyYAML-%{version}-py%{python_version}.egg-info %changelog From 7b6c76ca1366a73c3143686f72cab0341937348dd750f244c90951c4682aac64 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 24 Jan 2021 18:30:05 +0000 Subject: [PATCH 2/3] - update to 5.4.1 (bsc#1174514, CVE-2020-14343): OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-PyYAML?expand=0&rev=41 --- python-PyYAML.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-PyYAML.changes b/python-PyYAML.changes index 2e77350..6dea17f 100644 --- a/python-PyYAML.changes +++ b/python-PyYAML.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Sun Jan 24 18:21:20 UTC 2021 - Dirk Müller -- update to 5.4.1: +- update to 5.4.1 (bsc#1174514, CVE-2020-14343): * Fix stub compat with older pyyaml versions that may unwittingly load it * Build modernization, remove distutils, fix metadata, build wheels, CI to GHA * Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader From 80c1222bbdec6db02464de0b9db5c1da4adb016d5ef6e8d9c7b32599268bbd3b Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 24 Jan 2021 18:32:52 +0000 Subject: [PATCH 3/3] OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-PyYAML?expand=0&rev=42 --- python-PyYAML.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/python-PyYAML.spec b/python-PyYAML.spec index cb4eb8b..826a577 100644 --- a/python-PyYAML.spec +++ b/python-PyYAML.spec @@ -56,6 +56,7 @@ configuration files to object serialization and persistance. %build export CFLAGS="%{optflags}" +export PYYAML_FORCE_LIBYAML=0 # we don't actually want to build the python lib %python_build # Fix example permissions. find examples/ -type f | xargs chmod a-x