pool/python310
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with

Browse Source 
patched libexpat below 2.6.0 that doesn't update the version number,
  just in SLE.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=128
This commit is contained in:
Matej Cepl 2024-06-21 09:49:34 +00:00 committed by Git OBS Bridge
parent 78324fb6c5
commit 31dd9389f8
3 changed files with 66 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
CVE-2023-52425-libexpat-2.6.0-backport.patch Normal file
View File

@ -0,0 +1,57 @@
---
Lib/test/test_pyexpat.py | 4 ++++
Lib/test/test_sax.py | 3 +++
Lib/test/test_xml_etree.py | 7 +++++++
3 files changed, 14 insertions(+)
--- a/Lib/test/test_pyexpat.py
+++ b/Lib/test/test_pyexpat.py
@@ -766,6 +766,10 @@ class ReparseDeferralTest(unittest.TestC
self.assertEqual(started, ['doc'])
def test_reparse_deferral_disabled(self):
+ if expat.version_info < (2, 6, 0):
+ self.skipTest(f'Expat {expat.version_info} does not '
+ 'support reparse deferral')
+
started = []
def start_element(name, _):
--- a/Lib/test/test_sax.py
+++ b/Lib/test/test_sax.py
@@ -1240,6 +1240,9 @@ class ExpatReaderTest(XmlTestBase):
self.assertEqual(result.getvalue(), start + b"<doc></doc>")
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
result = BytesIO()
xmlgen = XMLGenerator(result)
--- a/Lib/test/test_xml_etree.py
+++ b/Lib/test/test_xml_etree.py
@@ -1420,9 +1420,13 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'root')])
self.assertIsNone(parser.close())
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Fail with patched version of Expat {pyexpat.version_info}')
def test_simple_xml_chunk_1(self):
self.test_simple_xml(chunk_size=1, flush=True)
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Fail with patched version of Expat {pyexpat.version_info}')
def test_simple_xml_chunk_5(self):
self.test_simple_xml(chunk_size=5, flush=True)
@@ -1648,6 +1652,9 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'doc')])
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
parser = ET.XMLPullParser(events=('start', 'end'))

7
python310.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri Apr 19 08:37:04 UTC 2024 - Matej Cepl <mcepl@suse.com>
- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with
patched libexpat below 2.6.0 that doesn't update the version number,
just in SLE.
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Mar 24 00:43:14 UTC 2024 - Matej Cepl <mcepl@cepl.eu> Sun Mar 24 00:43:14 UTC 2024 - Matej Cepl <mcepl@cepl.eu>

4
python310.spec
View File

@ -192,9 +192,9 @@ Patch20: CVE-2023-27043-email-parsing-errors.patch
# * gh#python/cpython#104221 # * gh#python/cpython#104221
# * gh#python/cpython#107246 # * gh#python/cpython#107246
Patch21: fix-sphinx-72.patch Patch21: fix-sphinx-72.patch
# PATCH-FIX-UPSTREAM old-libexpat.patch gh#python/cpython#117187 mcepl@suse.com # PATCH-FIX-UPSTREAM CVE-2023-52425-libexpat-2.6.0-backport.patch gh#python/cpython#117187 mcepl@suse.com
# Make the test suite work with libexpat < 2.6.0 # Make the test suite work with libexpat < 2.6.0
Patch22: old-libexpat.patch Patch22: CVE-2023-52425-libexpat-2.6.0-backport.patch
BuildRequires: autoconf-archive BuildRequires: autoconf-archive
BuildRequires: automake BuildRequires: automake
BuildRequires: fdupes BuildRequires: fdupes