Accepting request 753190 from devel:languages:python:Factory
- Move /etc/pythonstart script to shared-python-startup package. - Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792 - Add adapted-from-F00251-change-user-install-location.patch fixing pip/distutils to install into /usr/local. - python-2.7.14-CVE-2018-1000030-1.patch - python-2.7.14-CVE-2018-1000030-2.patch - Renamed remove-static-libpython.diff and python-bsddb6.diff to remove-static-libpython.patch and python-bsddb6.patch to unify filenames. - Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, CVE-2019-16056] - bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812 no error will be raised (CVE-2019-9636). remove-static-libpython.patch - bsc#1109847: add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623. - bsc#1073748: add bpo-29347-dereferencing-undefined-pointers.patch OBS-URL: https://build.opensuse.org/request/show/753190 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python?expand=0&rev=144
This commit is contained in:
commit
8c3fa96793
22
CVE-2017-18207.patch
Normal file
22
CVE-2017-18207.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From ae0ed14794ced2c51c822fc6f0d3ca92064619dd Mon Sep 17 00:00:00 2001
|
||||
From: BT123 <abcdyzhang@163.com>
|
||||
Date: Fri, 17 Nov 2017 16:45:45 +0800
|
||||
Subject: [PATCH] bug in wave.py
|
||||
|
||||
---
|
||||
Lib/wave.py | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
Index: Python-2.7.13/Lib/wave.py
|
||||
===================================================================
|
||||
--- Python-2.7.13.orig/Lib/wave.py 2018-06-07 17:00:25.370728844 +0000
|
||||
+++ Python-2.7.13/Lib/wave.py 2018-06-07 17:02:51.768202800 +0000
|
||||
@@ -272,6 +272,8 @@ class Wave_read:
|
||||
self._sampwidth = (sampwidth + 7) // 8
|
||||
else:
|
||||
raise Error, 'unknown format: %r' % (wFormatTag,)
|
||||
+ if self._nchannels == 0:
|
||||
+ raise Error, "The audio file in wav format should have at least one channel!"
|
||||
self._framesize = self._nchannels * self._sampwidth
|
||||
self._comptype = 'NONE'
|
||||
self._compname = 'not compressed'
|
40
adapted-from-F00251-change-user-install-location.patch
Normal file
40
adapted-from-F00251-change-user-install-location.patch
Normal file
@ -0,0 +1,40 @@
|
||||
Index: Python-2.7.17/Lib/distutils/command/install.py
|
||||
===================================================================
|
||||
--- Python-2.7.17.orig/Lib/distutils/command/install.py
|
||||
+++ Python-2.7.17/Lib/distutils/command/install.py
|
||||
@@ -431,8 +431,18 @@ class install (Command):
|
||||
raise DistutilsOptionError, \
|
||||
"must not supply exec-prefix without prefix"
|
||||
|
||||
- self.prefix = os.path.normpath(sys.prefix)
|
||||
- self.exec_prefix = os.path.normpath(sys.exec_prefix)
|
||||
+ # self.prefix is set to sys.prefix + /local/
|
||||
+ # if neither RPM build nor virtual environment is
|
||||
+ # detected to make pip and distutils install packages
|
||||
+ # into the separate location.
|
||||
+ if (not hasattr(sys, 'real_prefix') and
|
||||
+ 'RPM_BUILD_ROOT' not in os.environ):
|
||||
+ addition = "/local"
|
||||
+ else:
|
||||
+ addition = ""
|
||||
+
|
||||
+ self.prefix = os.path.normpath(sys.prefix) + addition
|
||||
+ self.exec_prefix = os.path.normpath(sys.exec_prefix) + addition
|
||||
|
||||
else:
|
||||
if self.exec_prefix is None:
|
||||
Index: Python-2.7.17/Lib/site.py
|
||||
===================================================================
|
||||
--- Python-2.7.17.orig/Lib/site.py
|
||||
+++ Python-2.7.17/Lib/site.py
|
||||
@@ -291,6 +291,10 @@ def getsitepackages():
|
||||
sitepackages = []
|
||||
seen = set()
|
||||
|
||||
+ # '/usr/local' is included in PREFIXES if RPM build is not detected
|
||||
+ # to make packages installed into this location visible.
|
||||
+ if ENABLE_USER_SITE and 'RPM_BUILD_ROOT' not in os.environ:
|
||||
+ PREFIXES.insert(0, "/usr/local")
|
||||
for prefix in PREFIXES:
|
||||
if not prefix or prefix in seen:
|
||||
continue
|
@ -1,10 +1,8 @@
|
||||
# legacy macros. commented but kept for the sake of possible recovery of their values
|
||||
#%py_ver %(python -c "import sys; v=sys.version_info[:2]; print '%%d.%%d'%%v" 2>/dev/null || echo PYTHON-NOT-FOUND)
|
||||
#%py_prefix %(python -c "import sys; print sys.prefix" 2>/dev/null || echo PYTHON-NOT-FOUND)
|
||||
#%py_libdir %{py_prefix}/%{_lib}/python%{py_ver}
|
||||
#%py_incdir %{py_prefix}/include/python%{py_ver}
|
||||
#%py_sitedir %{py_libdir}/site-packages
|
||||
#%__python2 /usr/bin/python2
|
||||
%py_prefix %(python -c "import sys; print sys.prefix" 2>/dev/null || echo PYTHON-NOT-FOUND)
|
||||
%py_libdir %{py_prefix}/%{_lib}/python%{py_ver}
|
||||
%py_incdir %{py_prefix}/include/python%{py_ver}
|
||||
%py_sitedir %{py_libdir}/site-packages
|
||||
|
||||
# these might be still in use somewhere
|
||||
%py_compile(O) \
|
||||
|
@ -9,3 +9,7 @@ for spec in python-doc.spec python.spec; do
|
||||
sed -n -e '/COMMON-PREP-END/,$p' $spec;
|
||||
} | uniq > $spec.tmp && mv $spec.tmp $spec
|
||||
done
|
||||
|
||||
# I really don't want to keep all three *.changes files separate
|
||||
cp python-base.changes python.changes
|
||||
cp python-base.changes python-doc.changes
|
||||
|
1362
python-base.changes
1362
python-base.changes
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python-base
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2019 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -22,7 +22,7 @@ Release: 0
|
||||
Summary: Python Interpreter base package
|
||||
License: Python-2.0
|
||||
Group: Development/Languages/Python
|
||||
Url: http://www.python.org/
|
||||
URL: http://www.python.org/
|
||||
%define tarversion %{version}
|
||||
%define tarname Python-%{tarversion}
|
||||
Source0: http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz
|
||||
@ -43,12 +43,12 @@ Patch7: python-2.6-gettext-plurals.patch
|
||||
Patch8: python-2.6b3-curses-panel.patch
|
||||
Patch10: sparc_longdouble.patch
|
||||
Patch13: python-2.7.2-fix_date_time_compiler.patch
|
||||
Patch17: remove-static-libpython.diff
|
||||
Patch17: remove-static-libpython.patch
|
||||
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751 dimstar@opensuse.org -- gettext: when looking in default_localedir also check in locale-bundle.
|
||||
Patch20: python-bundle-lang.patch
|
||||
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
|
||||
Patch22: python-2.7-libffi-aarch64.patch
|
||||
Patch24: python-bsddb6.diff
|
||||
Patch24: python-bsddb6.patch
|
||||
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
|
||||
Patch33: python-2.7.9-ssl_ca_path.patch
|
||||
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
|
||||
@ -66,14 +66,23 @@ Patch47: openssl-111-middlebox-compat.patch
|
||||
# PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
|
||||
Patch48: openssl-111-ssl_options.patch
|
||||
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com
|
||||
# https://github.com/python/cpython/pull/11569
|
||||
# gh#python/cpython#11569
|
||||
# Fix segfault in ssl's cert parser
|
||||
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
|
||||
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131 mcepl@suse.com
|
||||
# Initialize sysconfig variables in test_site.
|
||||
Patch50: bpo36160-init-sysconfig_vars.patch
|
||||
# PATCH-FIX-UPSTREAM https://github.com/python/cpython/pull/12341
|
||||
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437 psimons@suse.com
|
||||
# Add check for channels of wav file in Lib/wave.py
|
||||
Patch51: CVE-2017-18207.patch
|
||||
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
|
||||
Patch55: bpo36302-sort-module-sources.patch
|
||||
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
|
||||
# https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
|
||||
# Set values of prefix and exec_prefix in distutils install command
|
||||
# to /usr/local if executable is /usr/bin/python* and RPM build
|
||||
# is not detected to make pip and distutils install into separate location
|
||||
Patch56: adapted-from-F00251-change-user-install-location.patch
|
||||
# COMMON-PATCH-END
|
||||
%define python_version %(echo %{tarversion} | head -c 3)
|
||||
BuildRequires: automake
|
||||
@ -185,7 +194,9 @@ other applications.
|
||||
%patch48 -p1
|
||||
%patch49 -p1
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
%patch55 -p1
|
||||
%patch56 -p1
|
||||
|
||||
# drop Autoconf version requirement
|
||||
sed -i 's/^version_required/dnl version_required/' configure.ac
|
||||
|
2145
python-doc.changes
2145
python-doc.changes
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python-doc
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2019 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -22,7 +22,7 @@ Release: 0
|
||||
Summary: Additional Package Documentation for Python
|
||||
License: Python-2.0
|
||||
Group: Development/Languages/Python
|
||||
Url: http://www.python.org/
|
||||
URL: http://www.python.org/
|
||||
%define tarname Python-%{version}
|
||||
Source0: %{tarname}.tar.xz
|
||||
# docs for current version are regenerated every day
|
||||
@ -43,12 +43,12 @@ Patch7: python-2.6-gettext-plurals.patch
|
||||
Patch8: python-2.6b3-curses-panel.patch
|
||||
Patch10: sparc_longdouble.patch
|
||||
Patch13: python-2.7.2-fix_date_time_compiler.patch
|
||||
Patch17: remove-static-libpython.diff
|
||||
Patch17: remove-static-libpython.patch
|
||||
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751 dimstar@opensuse.org -- gettext: when looking in default_localedir also check in locale-bundle.
|
||||
Patch20: python-bundle-lang.patch
|
||||
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
|
||||
Patch22: python-2.7-libffi-aarch64.patch
|
||||
Patch24: python-bsddb6.diff
|
||||
Patch24: python-bsddb6.patch
|
||||
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
|
||||
Patch33: python-2.7.9-ssl_ca_path.patch
|
||||
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
|
||||
@ -66,14 +66,23 @@ Patch47: openssl-111-middlebox-compat.patch
|
||||
# PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
|
||||
Patch48: openssl-111-ssl_options.patch
|
||||
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com
|
||||
# https://github.com/python/cpython/pull/11569
|
||||
# gh#python/cpython#11569
|
||||
# Fix segfault in ssl's cert parser
|
||||
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
|
||||
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131 mcepl@suse.com
|
||||
# Initialize sysconfig variables in test_site.
|
||||
Patch50: bpo36160-init-sysconfig_vars.patch
|
||||
# PATCH-FIX-UPSTREAM https://github.com/python/cpython/pull/12341
|
||||
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437 psimons@suse.com
|
||||
# Add check for channels of wav file in Lib/wave.py
|
||||
Patch51: CVE-2017-18207.patch
|
||||
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
|
||||
Patch55: bpo36302-sort-module-sources.patch
|
||||
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
|
||||
# https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
|
||||
# Set values of prefix and exec_prefix in distutils install command
|
||||
# to /usr/local if executable is /usr/bin/python* and RPM build
|
||||
# is not detected to make pip and distutils install into separate location
|
||||
Patch56: adapted-from-F00251-change-user-install-location.patch
|
||||
# COMMON-PATCH-END
|
||||
Provides: pyth_doc
|
||||
Provides: pyth_ps
|
||||
@ -131,7 +140,9 @@ Python, and Macintosh Module Reference in PDF format.
|
||||
%patch48 -p1
|
||||
%patch49 -p1
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
%patch55 -p1
|
||||
%patch56 -p1
|
||||
|
||||
# drop Autoconf version requirement
|
||||
sed -i 's/^version_required/dnl version_required/' configure.ac
|
||||
|
856
python.changes
856
python.changes
File diff suppressed because it is too large
Load Diff
@ -1,2 +0,0 @@
|
||||
# add python startup script for interactive sessions
|
||||
setenv PYTHONSTARTUP /etc/pythonstart
|
@ -1,2 +0,0 @@
|
||||
# add python startup script for interactive sessions
|
||||
export PYTHONSTARTUP=/etc/pythonstart
|
34
python.spec
34
python.spec
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2019 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -22,14 +22,11 @@ Release: 0
|
||||
Summary: Python Interpreter
|
||||
License: Python-2.0
|
||||
Group: Development/Languages/Python
|
||||
Url: http://www.python.org/
|
||||
URL: http://www.python.org/
|
||||
%define tarversion %{version}
|
||||
%define tarname Python-%{tarversion}
|
||||
Source0: http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz
|
||||
Source1: README.SUSE
|
||||
Source2: pythonstart
|
||||
Source3: python.sh
|
||||
Source4: python.csh
|
||||
Source8: sle_tls_checks_policy.py
|
||||
#Source11: testfiles.tar.bz2
|
||||
# issues with copyrighted Unicode testing files
|
||||
@ -48,12 +45,12 @@ Patch7: python-2.6-gettext-plurals.patch
|
||||
Patch8: python-2.6b3-curses-panel.patch
|
||||
Patch10: sparc_longdouble.patch
|
||||
Patch13: python-2.7.2-fix_date_time_compiler.patch
|
||||
Patch17: remove-static-libpython.diff
|
||||
Patch17: remove-static-libpython.patch
|
||||
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751 dimstar@opensuse.org -- gettext: when looking in default_localedir also check in locale-bundle.
|
||||
Patch20: python-bundle-lang.patch
|
||||
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
|
||||
Patch22: python-2.7-libffi-aarch64.patch
|
||||
Patch24: python-bsddb6.diff
|
||||
Patch24: python-bsddb6.patch
|
||||
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
|
||||
Patch33: python-2.7.9-ssl_ca_path.patch
|
||||
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
|
||||
@ -71,14 +68,23 @@ Patch47: openssl-111-middlebox-compat.patch
|
||||
# PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
|
||||
Patch48: openssl-111-ssl_options.patch
|
||||
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com
|
||||
# https://github.com/python/cpython/pull/11569
|
||||
# gh#python/cpython#11569
|
||||
# Fix segfault in ssl's cert parser
|
||||
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
|
||||
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131 mcepl@suse.com
|
||||
# Initialize sysconfig variables in test_site.
|
||||
Patch50: bpo36160-init-sysconfig_vars.patch
|
||||
# PATCH-FIX-UPSTREAM https://github.com/python/cpython/pull/12341
|
||||
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437 psimons@suse.com
|
||||
# Add check for channels of wav file in Lib/wave.py
|
||||
Patch51: CVE-2017-18207.patch
|
||||
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
|
||||
Patch55: bpo36302-sort-module-sources.patch
|
||||
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
|
||||
# https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
|
||||
# Set values of prefix and exec_prefix in distutils install command
|
||||
# to /usr/local if executable is /usr/bin/python* and RPM build
|
||||
# is not detected to make pip and distutils install into separate location
|
||||
Patch56: adapted-from-F00251-change-user-install-location.patch
|
||||
# COMMON-PATCH-END
|
||||
BuildRequires: automake
|
||||
BuildRequires: db-devel
|
||||
@ -236,7 +242,9 @@ that rely on earlier non-verification behavior.
|
||||
%patch48 -p1
|
||||
%patch49 -p1
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
%patch55 -p1
|
||||
%patch56 -p1
|
||||
|
||||
# drop Autoconf version requirement
|
||||
sed -i 's/^version_required/dnl version_required/' configure.ac
|
||||
@ -420,12 +428,6 @@ install -d -m755 %{buildroot}%{_sysconfdir}/%{idle_name}
|
||||
ln -sf /etc/%{idle_name}/$file %{buildroot}/%{_libdir}/python%{python_version}/idlelib/
|
||||
done
|
||||
)
|
||||
########################################
|
||||
# startup script
|
||||
########################################
|
||||
install -m 644 %{SOURCE2} %{buildroot}/etc
|
||||
install -d -m 755 %{buildroot}%{_sysconfdir}/profile.d
|
||||
install -m 644 %{SOURCE3} %{SOURCE4} %{buildroot}%{_sysconfdir}/profile.d
|
||||
|
||||
%post -p /sbin/ldconfig
|
||||
|
||||
@ -476,8 +478,6 @@ install -m 644 %{SOURCE3} %{SOURCE4} %{buildroot}%{_sysconfdir}/profile.d
|
||||
%doc %{_docdir}/%{name}/README
|
||||
%doc %{_docdir}/%{name}/LICENSE
|
||||
%doc %{_docdir}/%{name}/README.SUSE
|
||||
%config %{_sysconfdir}/pythonstart
|
||||
%config %{_sysconfdir}/profile.d/python.*
|
||||
%dir %{_libdir}/python%{python_version}
|
||||
%{_libdir}/python%{python_version}/ssl.py*
|
||||
%{_libdir}/python%{python_version}/bsddb
|
||||
|
33
pythonstart
33
pythonstart
@ -1,33 +0,0 @@
|
||||
# startup script for python to enable saving of interpreter history and
|
||||
# enabling name completion
|
||||
|
||||
# import needed modules
|
||||
import atexit
|
||||
import os
|
||||
import readline
|
||||
import rlcompleter
|
||||
|
||||
# where is history saved
|
||||
historyPath = os.path.expanduser("~/.pyhistory")
|
||||
|
||||
# handler for saving history
|
||||
def save_history(historyPath=historyPath):
|
||||
import readline
|
||||
try:
|
||||
readline.write_history_file(historyPath)
|
||||
except:
|
||||
pass
|
||||
|
||||
# read history, if it exists
|
||||
if os.path.exists(historyPath):
|
||||
readline.set_history_length(10000)
|
||||
readline.read_history_file(historyPath)
|
||||
|
||||
# register saving handler
|
||||
atexit.register(save_history)
|
||||
|
||||
# enable completion
|
||||
readline.parse_and_bind('tab: complete')
|
||||
|
||||
# cleanup
|
||||
del os, atexit, readline, rlcompleter, save_history, historyPath
|
Loading…
x
Reference in New Issue
Block a user