diff --git a/Python-3.10.6.tar.xz b/Python-3.10.6.tar.xz deleted file mode 100644 index d3ccbef..0000000 --- a/Python-3.10.6.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f795ff87d11d4b0c7c33bc8851b0c28648d8a4583aa2100a98c22b4326b6d3f3 -size 19600672 diff --git a/Python-3.10.6.tar.xz.asc b/Python-3.10.6.tar.xz.asc deleted file mode 100644 index 888d94f..0000000 --- a/Python-3.10.6.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmLoOeYACgkQ/+h0BBaL -2EeOCw/8DZ+RhttyrfzanYVN8lkWASoyG3BO9dcUpuKgq70kcfnMVySDMoKcluJM -ACJGbJf7XvyiUaylbpiJsvgIbbdhprcJR0O/xCQqouBbjZEW/oOMJWTVOALlOAEG -PutOdZpxFUltFu49g9fumvZxfouN+/GGYJy3RA13MDl/kL+UWMzaHh4U54+fuD/K -iAxezTitzj/sRhgmpqoOPXN8wzalifAc5bJWRe2xcQQHFJQjOAbg3lA4tmiKGOuJ -inbacNNkkkWj6cMirIcwZ+25wXiBmTFlEl/Q/yOeHxJkiVDxD6/MKKarV0LNRLZL -eug4D+jp+XpCC48IvMQhZ7tUe3BlgUIyyUeq2hmiVkNzFHLNEG4Drihj/Zic3lt8 -LbcAOWEvR58qBoz6foPNahudBqlAL/jaKMDAOAd5X5oOUDXwWag4MjH5lJwb1S0D -cctY9azwCCGss6iFyi/zD2RB7QXrF+NRbUcEoMIjJJ/w5mB3sAKMTEV3wbOyrDkG -x4NQDfozZtvrVACJ9A6j4Vnh4CO4Gl/8dpV2ABcoIjE5IZgSyak/GhUaNIdBHkno -LgEKGYY8Wp/rw7PgHlhxYYcn0I/Y2Ej6ki03weRrD6Lpt6AUKh2eQCgjFC1xBSUh -2eM7eOOD8FD4h+urrTTmNAiTl7OFLtQfwhWzonrsCOJJF3Yqcho= -=0eZA ------END PGP SIGNATURE----- diff --git a/Python-3.10.7.tar.xz b/Python-3.10.7.tar.xz new file mode 100644 index 0000000..8f494d2 --- /dev/null +++ b/Python-3.10.7.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6eed8415b7516fb2f260906db5d48dd4c06acc0cb24a7d6cc15296a604dcdc48 +size 19618696 diff --git a/Python-3.10.7.tar.xz.asc b/Python-3.10.7.tar.xz.asc new file mode 100644 index 0000000..1fc8949 --- /dev/null +++ b/Python-3.10.7.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmMV9eMACgkQ/+h0BBaL +2Ec6FQ//eXrKOb5NoocNPIs9o5Jcbk5jtWxnOp3mqjO8D/LBYc8gwovZMPd+903w +In2QWtPSK22ZWdaR4DqizK9GjBRi+Y/ZEFfh3uiPM0I2/jGkr5BXizRZNdTo3GyB +/OuPiBKBVqMgTSGrpO4M24yUekqGdPfzg614GroWSr/16UVVUQADE8DP+BJCTIbk +v+t+AIYsALR0cUO+uqp2QbWf7N2aF+r08g59Vyb09+Nr2ZfjjINIbHQgRtHv7ZoI +7BsWiGW3qIeY8XxYt1/kWv4yMqaTyABdmdEHeM0vCzeEUpurj5072isGvOpI92N4 +LZ6nK8GR4pBS+OfOB7bgzUTC+tQ48wPQwb9lZTuWfSXGYotVdTXs1zW6o1T+vply +MrMZcsc6Y9o8fX3Mkkv4zT9S6JkXtq/MUTIZ27cZr492DzJNaKBG+NqF22FKR35M +ojLK24YpGyw2PCIlUSiFfAqkGNu53U5rP3N71mh7Ao00nx8WhKj4YAci0tBkfHyw +NYoX4tz7ybiR3zV5kyrmJv4G2x89cgosfHuEL2Lr+Irf3PV5vgjXHteAwu8Egdej +myokqzWEwoqNtrK9JsSYE3bcWmrVU9R/siQnNJXKWj+AkHKG0jMsrIh6iRvQGDhp +Q3Avu3ZQ/K9rreZ4Jk1DHX3BoDvRIFdEjBDAB+b6UUQEGE32nj8= +=O8kG +-----END PGP SIGNATURE----- diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch index bbca1cd..9d62100 100644 --- a/fix_configure_rst.patch +++ b/fix_configure_rst.patch @@ -29,7 +29,7 @@ Create a Python.framework rather than a traditional Unix install. Optional --- a/Misc/NEWS +++ b/Misc/NEWS -@@ -2683,7 +2683,7 @@ C API +@@ -2783,7 +2783,7 @@ C API ----- - bpo-43795: The list in :ref:`stable-abi-list` now shows the public name diff --git a/python310.changes b/python310.changes index cf8b6dc..17901eb 100644 --- a/python310.changes +++ b/python310.changes @@ -1,3 +1,55 @@ +------------------------------------------------------------------- +Sun Sep 11 08:32:53 UTC 2022 - Matej Cepl + +- Update to 3.10.7: + - Fix for CVE-2020-10735 (bsc#1203125) Converting between int + and str in bases other than 2 (binary), 4, 8 (octal), 16 + (hexadecimal), or 32 such as base 10 (decimal) now raises + a ValueError if the number of digits in string form is above + a limit to avoid potential denial of service attacks due to + the algorithmic complexity. + - Other bug fixes: + - Fixed a bug that caused _PyCode_GetExtra to return garbage + for negative indexes. + - Fix format string in _PyPegen_raise_error_known_location + that can lead to memory corruption on some 64bit systems. + The function was building a tuple with i (int) instead of + n (Py_ssize_t) for Py_ssize_t arguments. + - Fix misleading contents of error message when converting an + all-whitespace string to float. + - coroutine.throw() now properly initializes the frame.f_back + when resuming a stack of coroutines. This allows e.g. + traceback.print_stack() to work correctly when an exception + (such as CancelledError) is thrown into a coroutine. + - ast.parse() will no longer parse function definitions with + positional-only params when passed feature_version less + than (3, 8). + - Correct conversion of numbers.Rational’s to float. + - Fix a performance regression in logging + TimedRotatingFileHandler. Only check for special files when + the rollover time has passed. + - Fix unused localName parameter in the Attr class in + xml.dom.minidom. + - Update bundled pip to 22.2.2. + - Fail gracefully if EPERM or ENOSYS is raised when loading + crypt methods. This may happen when trying to load MD5 on + a Linux kernel with FIPS enabled. + - Improve discoverability of the higher level + concurrent.futures module by providing clearer links from + the lower level threading and multiprocessing modules. + - Update the default RFC base URL from deprecated + tools.ietf.org to datatracker.ietf.org + - Fix stylesheet not working in Windows CHM htmlhelp docs. + - The documentation now lists which members of C structs are + part of the Limited API/Stable ABI. + - Mitigate the inherent race condition from using + find_unused_port() in testSockName() by trying to find an + unused port a few times before failing. + - Build and test with OpenSSL 1.1.1q + - Document handling of extensions in Save As dialogs. + - Include prompts when saving Shell (interactive input and + output). + ------------------------------------------------------------------- Wed Aug 17 11:08:56 UTC 2022 - Dirk Müller diff --git a/python310.spec b/python310.spec index 3bbb087..7f8e1af 100644 --- a/python310.spec +++ b/python310.spec @@ -67,7 +67,7 @@ Obsoletes: python39%{?1:-%{1}} %define tarversion %{version} %endif # We don't process beta signs well -%define folderversion 3.10.6 +%define folderversion 3.10.7 %define tarname Python-%{tarversion} %define sitedir %{_libdir}/python%{python_version} # three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 @@ -103,7 +103,7 @@ Obsoletes: python39%{?1:-%{1}} %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %bcond_without profileopt Name: %{python_pkg_name}%{psuffix} -Version: 3.10.6 +Version: 3.10.7 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 diff --git a/support-expat-CVE-2022-25236-patched.patch b/support-expat-CVE-2022-25236-patched.patch index e7b3acb..5b26c99 100644 --- a/support-expat-CVE-2022-25236-patched.patch +++ b/support-expat-CVE-2022-25236-patched.patch @@ -23,8 +23,8 @@ Also, test_minidom.py: Support Expat >=2.4.5 Co-authored-by: Sebastian Pipping --- - Lib/test/test_minidom.py | 25 ++++++++++--------------- - 1 file changed, 10 insertions(+), 15 deletions(-) + Lib/test/test_minidom.py | 23 +++++++++-------------- + 1 file changed, 9 insertions(+), 14 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst --- a/Lib/test/test_minidom.py @@ -36,8 +36,8 @@ Co-authored-by: Sebastian Pipping -import pyexpat import xml.dom.minidom - from xml.dom.minidom import parse, Node, Document, parseString -@@ -1149,13 +1148,11 @@ class MinidomTest(unittest.TestCase): + from xml.dom.minidom import parse, Attr, Node, Document, parseString +@@ -1163,13 +1162,11 @@ class MinidomTest(unittest.TestCase): # Verify that character decoding errors raise exceptions instead # of crashing @@ -56,7 +56,7 @@ Co-authored-by: Sebastian Pipping b'Comment \xe7a va ? Tr\xe8s bien ?') doc.unlink() -@@ -1617,12 +1614,10 @@ class MinidomTest(unittest.TestCase): +@@ -1631,12 +1628,10 @@ class MinidomTest(unittest.TestCase): self.confirm(doc2.namespaceURI == xml.dom.EMPTY_NAMESPACE) def testExceptionOnSpacesInXMLNSValue(self):