- Remove upstreamed patches:
- CVE-2019-18348-CRLF_injection_via_host_part.patch
- python-2.7.14-CVE-2017-1000158.patch
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
- CVE-2018-1061-DOS-via-regexp-difflib.patch
- CVE-2019-10160-netloc-port-regression.patch
- CVE-2019-16056-email-parse-addr.patch
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
Caller.
- Fixed possible leak in `PyArg_Parse` and similar
`PY_SSIZE_T_CLEAN` is not defined.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=306
This commit is contained in:
Git OBS Bridge
parent
97f5f8e975
commit
971ad33422
@ -93,8 +93,8 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
encoding to prevent them from overflowing into to content
|
encoding to prevent them from overflowing into to content
|
||||||
section of the encoded file. This prevents malicious or
|
section of the encoded file. This prevents malicious or
|
||||||
accidental modification of data during the decoding process.
|
accidental modification of data during the decoding process.
|
||||||
- Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch
|
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
|
||||||
by Ben Caller.
|
Caller.
|
||||||
- Fixed line numbers and column offsets for AST nodes for calls
|
- Fixed line numbers and column offsets for AST nodes for calls
|
||||||
without arguments in decorators.
|
without arguments in decorators.
|
||||||
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
||||||
@ -108,9 +108,16 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
PC/dl_nt.c.
|
PC/dl_nt.c.
|
||||||
- Prevent failure of test_relative_path in test_py_compile on
|
- Prevent failure of test_relative_path in test_py_compile on
|
||||||
macOS Catalina.
|
macOS Catalina.
|
||||||
- Fixed possible leak in :c:func:`PyArg_Parse` and similar
|
- Fixed possible leak in `PyArg_Parse` and similar
|
||||||
functions for format units "es#" and "et#" when the macro
|
functions for format units "es#" and "et#" when the macro
|
||||||
:c:macro:`PY_SSIZE_T_CLEAN` is not defined.
|
`PY_SSIZE_T_CLEAN` is not defined.
|
||||||
|
- Remove upstreamed patches:
|
||||||
|
- CVE-2019-18348-CRLF_injection_via_host_part.patch
|
||||||
|
- python-2.7.14-CVE-2017-1000158.patch
|
||||||
|
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
|
||||||
|
- CVE-2018-1061-DOS-via-regexp-difflib.patch
|
||||||
|
- CVE-2019-10160-netloc-port-regression.patch
|
||||||
|
- CVE-2019-16056-email-parse-addr.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|||||||
@ -93,8 +93,8 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
encoding to prevent them from overflowing into to content
|
encoding to prevent them from overflowing into to content
|
||||||
section of the encoded file. This prevents malicious or
|
section of the encoded file. This prevents malicious or
|
||||||
accidental modification of data during the decoding process.
|
accidental modification of data during the decoding process.
|
||||||
- Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch
|
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
|
||||||
by Ben Caller.
|
Caller.
|
||||||
- Fixed line numbers and column offsets for AST nodes for calls
|
- Fixed line numbers and column offsets for AST nodes for calls
|
||||||
without arguments in decorators.
|
without arguments in decorators.
|
||||||
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
||||||
@ -108,9 +108,16 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
PC/dl_nt.c.
|
PC/dl_nt.c.
|
||||||
- Prevent failure of test_relative_path in test_py_compile on
|
- Prevent failure of test_relative_path in test_py_compile on
|
||||||
macOS Catalina.
|
macOS Catalina.
|
||||||
- Fixed possible leak in :c:func:`PyArg_Parse` and similar
|
- Fixed possible leak in `PyArg_Parse` and similar
|
||||||
functions for format units "es#" and "et#" when the macro
|
functions for format units "es#" and "et#" when the macro
|
||||||
:c:macro:`PY_SSIZE_T_CLEAN` is not defined.
|
`PY_SSIZE_T_CLEAN` is not defined.
|
||||||
|
- Remove upstreamed patches:
|
||||||
|
- CVE-2019-18348-CRLF_injection_via_host_part.patch
|
||||||
|
- python-2.7.14-CVE-2017-1000158.patch
|
||||||
|
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
|
||||||
|
- CVE-2018-1061-DOS-via-regexp-difflib.patch
|
||||||
|
- CVE-2019-10160-netloc-port-regression.patch
|
||||||
|
- CVE-2019-16056-email-parse-addr.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|||||||
@ -93,8 +93,8 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
encoding to prevent them from overflowing into to content
|
encoding to prevent them from overflowing into to content
|
||||||
section of the encoded file. This prevents malicious or
|
section of the encoded file. This prevents malicious or
|
||||||
accidental modification of data during the decoding process.
|
accidental modification of data during the decoding process.
|
||||||
- Fixes a ReDoS vulnerability in :mod:`http.cookiejar`. Patch
|
- Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
|
||||||
by Ben Caller.
|
Caller.
|
||||||
- Fixed line numbers and column offsets for AST nodes for calls
|
- Fixed line numbers and column offsets for AST nodes for calls
|
||||||
without arguments in decorators.
|
without arguments in decorators.
|
||||||
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
- bsc#1155094 (CVE-2019-18348) Disallow control characters in
|
||||||
@ -108,9 +108,16 @@ Thu Apr 23 09:17:24 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
|||||||
PC/dl_nt.c.
|
PC/dl_nt.c.
|
||||||
- Prevent failure of test_relative_path in test_py_compile on
|
- Prevent failure of test_relative_path in test_py_compile on
|
||||||
macOS Catalina.
|
macOS Catalina.
|
||||||
- Fixed possible leak in :c:func:`PyArg_Parse` and similar
|
- Fixed possible leak in `PyArg_Parse` and similar
|
||||||
functions for format units "es#" and "et#" when the macro
|
functions for format units "es#" and "et#" when the macro
|
||||||
:c:macro:`PY_SSIZE_T_CLEAN` is not defined.
|
`PY_SSIZE_T_CLEAN` is not defined.
|
||||||
|
- Remove upstreamed patches:
|
||||||
|
- CVE-2019-18348-CRLF_injection_via_host_part.patch
|
||||||
|
- python-2.7.14-CVE-2017-1000158.patch
|
||||||
|
- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
|
||||||
|
- CVE-2018-1061-DOS-via-regexp-difflib.patch
|
||||||
|
- CVE-2019-10160-netloc-port-regression.patch
|
||||||
|
- CVE-2019-16056-email-parse-addr.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user