pool/python
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
318 Commits 2 Branches 0 Tags
Commit Graph

171 Commits

Author SHA256 Message Date
Matej Cepl
3b6fb6241d - bsc#1221854 (CVE-2024-0450) Add 
CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
  detecting the vulnerability of the "quoted-overlap" zipbomb
  (from gh#python/cpython!110016).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=416
 2024-05-18 16:51:08 +00:00
Matej Cepl
773b5da2c2 - Switch to using the system libexpat (bsc#1219559, 
CVE-2023-52425)
- Make sure to remove all embedded versions of other packages
  (including expat).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=414
 2024-05-11 05:48:37 +00:00
Matej Cepl
93c812d448 - Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was 
unneeded.
- Add CVE-2022-48560-after-free-heappushpop.patch fixing
  use-after-free in Python via heappushpop in heapq (bsc#1214675,
  CVE-2022-48560).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=411
 2024-04-23 15:53:53 +00:00
Matej Cepl
6c006a7c74 Remove superfluous CVE-2022-48560-after-free-heappushpop.patch. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=409
 2024-04-17 10:46:39 +00:00
Matej Cepl
39b345bbe2 Switch off tests again. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=408
 2024-04-16 21:24:47 +00:00
Matej Cepl
7ccba948f3 - Modify CVE-2023-27043-email-parsing-errors.patch to fix the 
unicode string handling in email.utils.parseaddr()
  (bsc#1222537).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=407
 2024-04-16 20:26:40 +00:00
Matej Cepl
86d87a8612 - Switch on tests again. 
- Add bsc1222537-py2-email-addr-parse.patch to fix the unicode
  string handling in email.utils.parseaddr() (bsc#1222537).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=405
 2024-04-16 15:40:54 +00:00
Matej Cepl
0eeee1a907 - Switch off tests. ONLY FOR FACTORY!!! (bsc#1219306) 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=400
 2024-03-18 09:55:09 +00:00
Matej Cepl
a81a414e00 Accepting request 1155418 from home:dgarcia:branches:openSUSE:Factory:Rings:1-MinimalX 
- Build with -std=gnu89 to build correctly with gcc14, bsc#1220970

OBS-URL: https://build.opensuse.org/request/show/1155418
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=398
 2024-03-06 06:48:36 +00:00
Matej Cepl
515bbd01ae Accepting request 1137557 from home:dgarcia:branches:devel:languages:python:Factory 
- Add CVE-2023-27043-email-parsing-errors.patch to
  gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).

OBS-URL: https://build.opensuse.org/request/show/1137557
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=396
 2024-01-08 13:39:18 +00:00
Matej Cepl
929efa73b4 Fix changelog 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=392
 2023-11-27 17:09:47 +00:00
Matej Cepl
051c784297 - Allow nis.so for SLE-12. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=390
 2023-11-27 14:02:23 +00:00
Matej Cepl
10bb24e527 - (bsc#1214691, CVE-2022-48566) Add 
CVE-2022-48566-compare_digest-more-constant.patch to make
  compare_digest more constant-time.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=385
 2023-09-16 16:30:00 +00:00
Matej Cepl
fe93386c91 - (bsc#1214685, CVE-2022-48565) Add 
CVE-2022-48565-plistlib-XML-vulns.patch (from
  gh#python/cpython#86217) reject XML entity declarations in
  plist files.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=384
 2023-09-14 21:54:10 +00:00
Matej Cepl
0012499f47 Accepting request 1110536 from home:dgarcia:branches:devel:languages:python:Factory 
- Add CVE-2023-40217-avoid-ssl-pre-close.patch fixing
  gh#python/cpython#108310, backport from upstream patch
  gh#python/cpython#108315
  (bsc#1214692, CVE-2023-40217)

OBS-URL: https://build.opensuse.org/request/show/1110536
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=382
 2023-09-13 12:22:49 +00:00
Matej Cepl
4a7548ec68 - IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED! 
- Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941)
  partially reverting CVE-2023-27043-email-parsing-errors.patch,
  because of the regression in gh#python/cpython#106669.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=374
 2023-08-11 18:04:06 +00:00
Matej Cepl
8e5f3115ae Preliminary WIP state 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=373
 2023-07-13 21:50:15 +00:00
Matej Cepl
3095c8247c - Fix the application of the python-2.7.17-switch-off-failing-SSL-tests.patch. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=369
 2023-06-07 15:44:38 +00:00
Matej Cepl
55461311b5 Remove silly comment in the changelog 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=366
 2023-06-06 10:29:31 +00:00
Matej Cepl
78634bafca Accepting request 1089783 from home:Andreas_Schwab:Factory 
- python-2.7.5-multilib.patch: Update for riscv64
- Don't fail if _ctypes or dl extension was not built

OBS-URL: https://build.opensuse.org/request/show/1089783
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=364
 2023-05-30 11:53:04 +00:00
Matej Cepl
1108b564fe - The condition around libnsl-devel BuildRequires is NOT 
switching off NIS support on SLE < 15, support for NIS used to
  be in the glibc itself. Partial revert of sr#1061583.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=362
 2023-05-29 18:52:32 +00:00
Matej Cepl
c0fecb5ffe - Add PygmentsBridge-trime_doctest_flags.patch to allow build of 
the documentation even with the current Sphinx. (SUSE-ONLY
  PATCH, DO NOT SEND UPSTREAM!)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=360
 2023-05-24 20:56:16 +00:00
Matej Cepl
cd31207dec Forgot to run pre_checkin.sh 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=359
 2023-05-24 18:54:17 +00:00
Matej Cepl
74c4b15a95 Accepting request 1085043 from home:dimstar:Factory 
- Add _multibuild to define 2nd spec file as additional flavor.
  Eliminates the need for source package links in OBS.

OBS-URL: https://build.opensuse.org/request/show/1085043
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=356
 2023-05-05 13:32:20 +00:00
Matej Cepl
f552945ee9 - Why in the world we download from HTTP? 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=355
 2023-04-30 18:18:35 +00:00
Matej Cepl
d52e9cd8c4 - Enable --with-system-ffi for non-standard architectures. 
- SLE-12 builds nis.so as well.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=352
 2023-03-29 10:23:12 +00:00
Matej Cepl
9f86e564da - Add CVE-2023-24329-blank-URL-bypass.patch (CVE-2023-24329, 
bsc#1208471) blocklists bypass via the urllib.parse component
  when supplying a URL that starts with blank characters

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=344
 2023-03-01 22:01:21 +00:00
Matej Cepl
ea48fe2e7a Accepting request 1061583 from home:kukuk:branches:devel:languages:python:Factory 
- Disable NIS for new products, it's deprecated and gets removed

- Disable NIS for new products, it's deprecated and gets removed

OBS-URL: https://build.opensuse.org/request/show/1061583
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=341
 2023-01-27 16:14:53 +00:00
Matej Cepl
2a9d6402e8 - Add skip_unverified_test.patch because apparently switching off 
SSL verification doesn't work on older SLE.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=339
 2023-01-19 08:45:16 +00:00
Matej Cepl
6a9d569c25 - Restore python-2.7.9-sles-disable-verification-by-default.patch 
for SLE-12.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=337
 2022-11-22 20:56:11 +00:00
Matej Cepl
3f9f4e7cb7 - Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid 
CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding
  extremely long domain names.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=334
 2022-11-09 19:07:01 +00:00
Matej Cepl
eb3f10bd75 Accepting request 1003076 from home:bmwiedemann:branches:devel:languages:python:Factory 
- Add bpo34990-2038-problem-compileall.patch making compileall.py
  compliant with year 2038 (bsc#1202666, gh#python/cpython#79171),
  backport of fix to Python 2.7.

OBS-URL: https://build.opensuse.org/request/show/1003076
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=332
 2022-09-15 07:46:07 +00:00
Steve Kowalik
de85457a6c - Add patch CVE-2021-28861-double-slash-path.patch: 
* BaseHTTPServer: Fix an open redirection vulnerability in the HTTP server
    when an URI path starts with //. (bsc#1202624, CVE-2021-28861)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=330
 2022-09-07 04:48:27 +00:00
Matej Cepl
da24c1af97 - Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid 
CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the
  command injection in the mailcap module.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=326
 2022-06-09 16:47:44 +00:00
Matej Cepl
3edb04a7cd Accepting request 962755 from home:msmeissn:branches:devel:languages:python:Factory 
- python-2.7.9-sles-disable-verification-by-default.patch: remove
  as it by default now always does strict enforcement anyway and it
  is 2022.

OBS-URL: https://build.opensuse.org/request/show/962755
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=322
 2022-03-18 17:01:12 +00:00
Matej Cepl
2dad11ae4d - Recover again proper value of %python2_package_prefix 
(bsc#1175619).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=320
 2022-03-02 00:59:44 +00:00
Matej Cepl
f6d8c1bb6a Fix changelogs 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=319
 2022-02-26 20:11:49 +00:00
Matej Cepl
dc8a4b385b - Update bundled pip wheel to the latest SLE version patched 
against bsc#1186819 (CVE-2021-3572).
- Run pre_checkin.sh as well (so other than python-base
  changelogs are synced as well).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=318
 2022-02-26 12:44:02 +00:00
Matej Cepl
9442b9b6ab - BuildRequire rpm-build-python: The provider to inject python(abi) 
has been moved there. rpm-build pulls rpm-build-python
  automatically in when building anything against python3-base, but
  this implies that the initial build of python3-base does not
  trigger the automatic installation.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=317
 2022-02-18 11:02:04 +00:00
Matej Cepl
a2b1f34add - Older SLE versions should use old OpenSSL. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=316
 2022-02-18 10:52:31 +00:00
Matej Cepl
510e372768 Forgot to run pre_checkin.sh 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=313
 2022-02-09 16:55:07 +00:00
Matej Cepl
68c3ceb48d - Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146, 
bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib
  not trust the PASV response.

- build against openssl 1.1.x (incompatible with openssl 3.0x)
  for now.

- on sle12, python2 modules will still be called python-xxxx until EOL,
  for newer SLE versions they will be python2-xxxx

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=310
 2022-02-06 07:47:48 +00:00
Matej Cepl
556d0713a6 Accepting request 936021 from home:dirkmueller:Factory 
- build against openssl 1.1.x (incompatible with openssl 3.0x) for now

OBS-URL: https://build.opensuse.org/request/show/936021
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=309
 2021-12-06 15:16:14 +00:00
Matej Cepl
a1e48140c5 Accepting request 925378 from home:dimstar:Factory 
- BuildRequire rpm-build-python: The provider to inject python(abi)
  has been moved there. rpm-build pulls rpm-build-python
  automatically in when building anything against python3-base, but
  this implies that the initial build of python3-base does not
  trigger the automatic installation.

- BuildRequire rpm-build-python: The provider to inject python(abi)
  has been moved there. rpm-build pulls rpm-build-python
  automatically in when building anything against python3-base, but
  this implies that the initial build of python3-base does not
  trigger the automatic installation.

- BuildRequire rpm-build-python: The provider to inject python(abi)
  has been moved there. rpm-build pulls rpm-build-python
  automatically in when building anything against python3-base, but
  this implies that the initial build of python3-base does not
  trigger the automatic installation.

OBS-URL: https://build.opensuse.org/request/show/925378
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=307
 2021-10-15 13:31:18 +00:00
Matej Cepl
971ad33422 - Remove upstreamed patches: 
- CVE-2019-18348-CRLF_injection_via_host_part.patch
  - python-2.7.14-CVE-2017-1000158.patch
  - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
  - CVE-2018-1061-DOS-via-regexp-difflib.patch
  - CVE-2019-10160-netloc-port-regression.patch
  - CVE-2019-16056-email-parse-addr.patch
  - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben
    Caller.
  - Fixed possible leak in `PyArg_Parse` and similar
    `PY_SSIZE_T_CLEAN` is not defined.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=306
 2021-10-08 20:45:22 +00:00
Matej Cepl
97f5f8e975 - Modify Lib/ensurepip/__init__.py to contain the same version 
numbers as are in reality the ones in the bundled wheels
  (bsc#1187668).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=305
 2021-10-04 21:15:18 +00:00
Matej Cepl
793c3bb790 - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 
(CVE-2019-20907, bpo#39017) avoiding possible infinite loop
  in specifically crafted tarball.
  Add recursion.tar as a testing tarball for the patch.
- Provide the newest setuptools wheel (bsc#1176262,
  CVE-2019-20916) in their correct form (bsc#1180686).
- Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211
  (CVE-2020-26116, bpo#39603) no longer allowing special characters in
  the method parameter of HTTPConnection.putrequest in httplib, stopping
  injection of headers. Such characters now raise ValueError. 
  - bsc#1155094 (CVE-2019-18348) Disallow control characters in
    hostnames in http.client. Such potentially malicious header
    injection URLs now cause a InvalidURL to be raised.
- bsc#1109847 (CVE-2018-14647): add
  CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing
  bpo-34623.
  fixing bpo-35746 (CVE-2019-5010).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=304
 2021-09-25 21:16:13 +00:00
Matej Cepl
7919fc45c1 Run pre_checkin.sh 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=303
 2021-09-17 19:43:07 +00:00
Matej Cepl
de8c3896ee Accepting request 914418 from home:fusionfuture:branches:devel:languages:python:Factory 
- Renamed patch for assigned CVE:
  * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
    CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
    (boo#1189241, CVE-2021-3737)

OBS-URL: https://build.opensuse.org/request/show/914418
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=299
 2021-08-26 21:32:53 +00:00
Matej Cepl
e77cbb0e48 Accepting request 913777 from home:fusionfuture:branches:devel:languages:python:Factory 
- Renamed patch for assigned CVE:
  * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
    (boo#1189287, CVE-2021-3733)
- Fix python-doc build (bpo#35293):
  * sphinx-update-removed-function.patch
- Update documentation formatting for Sphinx 3.0 (bpo#40204).

OBS-URL: https://build.opensuse.org/request/show/913777
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=298
 2021-08-26 06:56:34 +00:00