pool/python310
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update to 3.10.11:

Browse Source 
- Core and Builtins
    - gh-102416: Do not memoize incorrectly automatically
      generated loop rules in the parser. Patch by Pablo Galindo.
    - gh-102356: Fix a bug that caused a crash when deallocating
      deeply nested filter objects. Patch by Marta Gómez Macías.
    - gh-102397: Fix segfault from race condition in signal
      handling during garbage collection. Patch by Kumar Aditya.
    - gh-102126: Fix deadlock at shutdown when clearing thread
      states if any finalizer tries to acquire the runtime head
      lock. Patch by Kumar Aditya.
    - gh-102027: Fix SSE2 and SSE3 detection in _blake2 internal
      module. Patch by Max Bachmann.
    - gh-101967: Fix possible segfault in
      positional_only_passed_as_keyword function, when new list
      created.
    - gh-101765: Fix SystemError / segmentation fault in iter
      __reduce__ when internal access of builtins.__dict__ keys
      mutates the iter object.
  - Library
    - gh-102947: Improve traceback when dataclasses.fields() is
      called on a non-dataclass. Patch by Alex Waygood
    - gh-101979: Fix a bug where parentheses in the metavar
      argument to argparse.ArgumentParser.add_argument() were
      dropped. Patch by Yeojin Kim.
    - gh-102179: Fix os.dup2() error message for negative fds.
    - gh-101961: For the binary mode, fileinput.hookcompressed()
      doesn’t set the encoding value even if the value is
      None. Patch by Gihwan Kim.
    - gh-101936: The default value of fp becomes io.BytesIO

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=85
This commit is contained in:
Matej Cepl 2023-04-27 21:53:08 +00:00 committed by Git OBS Bridge
parent 0a6bd2edcb
commit e8a35797e6
8 changed files with 120 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
CVE-2007-4559-filter-tarfile_extractall.patch
View File

@ -1513,7 +1513,7 @@ Content-Transfer-Encoding: 8bit
with open(os.path.join(TEMPDIR, "ustar/regtype"), "rb") as fobj:
data = fobj.read()
@@ -454,7 +460,7 @@ class CommonReadTest(ReadTest):
@@ -455,7 +461,7 @@ class CommonReadTest(ReadTest):
t = tar.next()
with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"):
@ -1522,7 +1522,7 @@ Content-Transfer-Encoding: 8bit
with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"):
tar.extractfile(t).read()
@@ -609,16 +615,16 @@ class MiscReadTestBase(CommonReadTest):
@@ -610,16 +616,16 @@ class MiscReadTestBase(CommonReadTest):
def test_extract_hardlink(self):
# Test hardlink extraction (e.g. bug #857297).
with tarfile.open(tarname, errorlevel=1, encoding="iso8859-1") as tar:
@ -1542,7 +1542,7 @@ Content-Transfer-Encoding: 8bit
self.addCleanup(os_helper.unlink, os.path.join(TEMPDIR, "ustar/symtype"))
with open(os.path.join(TEMPDIR, "ustar/symtype"), "rb") as f:
data = f.read()
@@ -632,13 +638,14 @@ class MiscReadTestBase(CommonReadTest):
@@ -633,13 +639,14 @@ class MiscReadTestBase(CommonReadTest):
os.mkdir(DIR)
try:
directories = [t for t in tar if t.isdir()]
@ -1559,7 +1559,7 @@ Content-Transfer-Encoding: 8bit
def format_mtime(mtime):
if isinstance(mtime, float):
return "{} ({})".format(mtime, mtime.hex())
@@ -661,7 +668,7 @@ class MiscReadTestBase(CommonReadTest):
@@ -662,7 +669,7 @@ class MiscReadTestBase(CommonReadTest):
try:
with tarfile.open(tarname, encoding="iso8859-1") as tar:
tarinfo = tar.getmember(dirtype)
@ -1568,7 +1568,7 @@ Content-Transfer-Encoding: 8bit
extracted = os.path.join(DIR, dirtype)
self.assertEqual(os.path.getmtime(extracted), tarinfo.mtime)
if sys.platform != "win32":
@@ -674,7 +681,7 @@ class MiscReadTestBase(CommonReadTest):
@@ -675,7 +682,7 @@ class MiscReadTestBase(CommonReadTest):
with os_helper.temp_dir(DIR), \
tarfile.open(tarname, encoding="iso8859-1") as tar:
directories = [t for t in tar if t.isdir()]
@ -1577,7 +1577,7 @@ Content-Transfer-Encoding: 8bit
for tarinfo in directories:
path = DIR / tarinfo.name
self.assertEqual(os.path.getmtime(path), tarinfo.mtime)
@@ -685,7 +692,7 @@ class MiscReadTestBase(CommonReadTest):
@@ -686,7 +693,7 @@ class MiscReadTestBase(CommonReadTest):
with os_helper.temp_dir(DIR), \
tarfile.open(tarname, encoding="iso8859-1") as tar:
tarinfo = tar.getmember(dirtype)
@ -1586,7 +1586,7 @@ Content-Transfer-Encoding: 8bit
extracted = DIR / dirtype
self.assertEqual(os.path.getmtime(extracted), tarinfo.mtime)
@@ -1041,7 +1048,7 @@ class GNUReadTest(LongnameTest, ReadTest
@@ -1042,7 +1049,7 @@ class GNUReadTest(LongnameTest, ReadTest
# an all platforms, and after that a test that will work only on
# platforms/filesystems that prove to support sparse files.
def _test_sparse_file(self, name):
@ -1595,7 +1595,7 @@ Content-Transfer-Encoding: 8bit
filename = os.path.join(TEMPDIR, name)
with open(filename, "rb") as fobj:
data = fobj.read()
@@ -1408,7 +1415,8 @@ class WriteTest(WriteTestBase, unittest.
@@ -1409,7 +1416,8 @@ class WriteTest(WriteTestBase, unittest.
with tarfile.open(temparchive, errorlevel=2) as tar:
# this should not raise OSError: [Errno 17] File exists
try:
@ -1605,7 +1605,7 @@ Content-Transfer-Encoding: 8bit
except OSError:
self.fail("extractall failed with symlinked files")
finally:
@@ -2440,6 +2448,15 @@ class CommandLineTest(unittest.TestCase)
@@ -2441,6 +2449,15 @@ class CommandLineTest(unittest.TestCase)
for tardata in files:
tf.add(tardata, arcname=os.path.basename(tardata))
@ -1621,7 +1621,7 @@ Content-Transfer-Encoding: 8bit
def test_bad_use(self):
rc, out, err = self.tarfilecmd_failure()
self.assertEqual(out, b'')
@@ -2596,6 +2613,25 @@ class CommandLineTest(unittest.TestCase)
@@ -2597,6 +2614,25 @@ class CommandLineTest(unittest.TestCase)
finally:
os_helper.rmtree(tarextdir)
@ -1647,7 +1647,7 @@ Content-Transfer-Encoding: 8bit
def test_extract_command_different_directory(self):
self.make_simple_tarfile(tmpname)
try:
@@ -2679,7 +2715,7 @@ class LinkEmulationTest(ReadTest, unitte
@@ -2680,7 +2716,7 @@ class LinkEmulationTest(ReadTest, unitte
# symbolic or hard links tarfile tries to extract these types of members
# as the regular files they point to.
def _test_link_extraction(self, name):
@ -1656,7 +1656,7 @@ Content-Transfer-Encoding: 8bit
with open(os.path.join(TEMPDIR, name), "rb") as f:
data = f.read()
self.assertEqual(sha256sum(data), sha256_regtype)
@@ -2811,8 +2847,10 @@ class NumericOwnerTest(unittest.TestCase
@@ -2812,8 +2848,10 @@ class NumericOwnerTest(unittest.TestCase
mock_chown):
with self._setup_test(mock_geteuid) as (tarfl, filename_1, _,
filename_2):
@ -1669,7 +1669,7 @@ Content-Transfer-Encoding: 8bit
# convert to filesystem paths
f_filename_1 = os.path.join(TEMPDIR, filename_1)
@@ -2830,7 +2868,8 @@ class NumericOwnerTest(unittest.TestCase
@@ -2831,7 +2869,8 @@ class NumericOwnerTest(unittest.TestCase
mock_chown):
with self._setup_test(mock_geteuid) as (tarfl, filename_1, dirname_1,
filename_2):
@ -1679,7 +1679,7 @@ Content-Transfer-Encoding: 8bit
# convert to filesystem paths
f_filename_1 = os.path.join(TEMPDIR, filename_1)
@@ -2855,7 +2894,8 @@ class NumericOwnerTest(unittest.TestCase
@@ -2856,7 +2895,8 @@ class NumericOwnerTest(unittest.TestCase
def test_extract_without_numeric_owner(self, mock_geteuid, mock_chmod,
mock_chown):
with self._setup_test(mock_geteuid) as (tarfl, filename_1, _, _):
@ -1689,7 +1689,7 @@ Content-Transfer-Encoding: 8bit
# convert to filesystem paths
f_filename_1 = os.path.join(TEMPDIR, filename_1)
@@ -2869,6 +2909,890 @@ class NumericOwnerTest(unittest.TestCase
@@ -2870,6 +2910,890 @@ class NumericOwnerTest(unittest.TestCase
tarfl.extract, filename_1, TEMPDIR, False, True)

3
Python-3.10.10.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0419e9085bf51b7a672009b3f50dbf1859acdf18ba725d0ec19aa5c8503f0ea3
size 19627028

16
Python-3.10.10.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmPiQfoACgkQ/+h0BBaL
2EcB8hAAmFEIHZopWn+A4tDxd001eViLrOmjygqPn1doAQ3dAgyESt4Z/HDtN6rB
+6z5rsx+qdcP9kfb/+3V0gKBh/3V4bEpnD+EQtpONWhKbCcqOfq1ok1V+uNH8uOF
ixxWkY+MWJzPPhlQiW/sm9FP6CdnaeriKf1JMCUt9aiganpo2CQv5gPE/0PlSGO5
BEKjCcyHHPIEAxC6jLm/+33PSzbhGq+YstK/1tcqUrJfkifipovmSZeFyzULPonK
MATPyliOupo3ixPs3LoJUjNpGD4fH+p2Lg1ZOgYv7vGmeLcadNVanRlqRg76m+ke
zvp/MAqQg4Fr75m2+mfDG/Md+PrSMvz71i55a1Q1NcYdW6QR62m08FCZg7/+t5pD
H91ywhMqTv1nySsEZGfuETPTs7gMCtyBeDjIhXBMcfbhGivd7r5zZJ8MUD/FSASC
fQ/vEVeHWQeWpfFgxLfLmRnkjIS7JCGlM9z6zsZqbppWqeA94sBIf4ka2JG2DnGP
1Pvn+ragiHt1++i2yVhmoAB0t44/SgXacCce5AT3yB71brT21cOXQs0Gq80MwVPI
nVbzdOtuGNGcvEi2fbO2IEcgegSHaOHo9PvYTRropSz3V7A95x8mA1xjZf2y77H5
/mfJ4687YIItCIcNE5Zzj6GspWlWP31OvRFIIefnKYf2JuU+qt8=
=B3xo
-----END PGP SIGNATURE-----

3
Python-3.10.11.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3c3bc3048303721c904a03eb8326b631e921f11cc3be2988456a42f115daf04c
size 19640792

16
Python-3.10.11.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmQsoHwACgkQ/+h0BBaL
2Efs9BAAheWCnenhHhXi0m0DgyB6eEVH8xmZrBqA1WMgGQOqWVZmEnJdc0IXyFWQ
1A4C59d6rEvu8jvXTLvsqGEmehofKqq0bXB1tMUBn9CwSiELOm19WvCHc/Htwo2U
DsvAsXXO7vBkKBT9+CQ4BmkGzPUTrBLZRHsQX/M/tpx81jnQVunoMojyPK19sf1I
C+YnxE0cQVL9+INd0WtbVByJIwzBBDCLqTQWL//73CqFs8IO6PsjFXqmlVqVfpmz
aEXuGeRkRgy7kZaDdLcnhBq7a6vgaecfgfRUGyBgwgakfrHA5SOdsWdAonjA676J
6DHmFIf82R4wo7Vu0WAfFAq9jJfVxXN7n5Y/N/cxzqjhrfO341vCflN1c16VAFnu
ok7n50poENO/tMRerOEj5baL+mToi8Wh+cYHY6tNpaM2iP+bSyjoS+Ff225xhdNV
fqGuyaH7cPgGgoXECrSb7iTWYZxJxQV9S8OlR2gX8IlA+XrbGWQl0PvmErhO3FqN
W88gBmYrzrSl6+dzF62yn2gKFc2K5k6NmCcySFfjY87G7RhEf1ixPeDyMSvbKlVw
sJWeoXuCNPL+PQV+V76UAbn3bEvH87fyImxoYHNAIbHh8JaTvO5vIKDrrsw92siQ
6Pud3Oy6DcD5gWX2KcaAjQjruh18dljsbYN+2KVFfQHM8SYeXns=
=enP4
-----END PGP SIGNATURE-----

44
invalid-json.patch
View File

@ -1,44 +0,0 @@
---
Doc/howto/logging-cookbook.rst | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
--- a/Doc/howto/logging-cookbook.rst
+++ b/Doc/howto/logging-cookbook.rst
@@ -340,10 +340,12 @@ adding a ``filters`` section parallel to
.. code-block:: json
- "filters": {
- "warnings_and_below": {
- "()" : "__main__.filter_maker",
- "level": "WARNING"
+ {
+ "filters": {
+ "warnings_and_below": {
+ "()" : "__main__.filter_maker",
+ "level": "WARNING"
+ }
}
}
@@ -351,12 +353,14 @@ and changing the section on the ``stdout
.. code-block:: json
- "stdout": {
- "class": "logging.StreamHandler",
- "level": "INFO",
- "formatter": "simple",
- "stream": "ext://sys.stdout",
- "filters": ["warnings_and_below"]
+ {
+ "stdout": {
+ "class": "logging.StreamHandler",
+ "level": "INFO",
+ "formatter": "simple",
+ "stream": "ext://sys.stdout",
+ "filters": ["warnings_and_below"]
+ }
}
A filter is just a function, so we can define the ``filter_maker`` (a factory

85
python310.changes
View File

@ -1,10 +1,93 @@
-------------------------------------------------------------------
Thu Apr 27 21:19:52 UTC 2023 - Matej Cepl <mcepl@suse.com>
Thu Apr 27 21:23:19 UTC 2023 - Matej Cepl <mcepl@suse.com>
- Add CVE-2007-4559-filter-tarfile_extractall.patch to fix
CVE-2007-4559 (bsc#1203750) by adding the filter for
tarfile.extractall (PEP 706).
-------------------------------------------------------------------
Thu Apr 27 21:19:52 UTC 2023 - Matej Cepl <mcepl@suse.com>
- Update to 3.10.11:
- Core and Builtins
- gh-102416: Do not memoize incorrectly automatically
generated loop rules in the parser. Patch by Pablo Galindo.
- gh-102356: Fix a bug that caused a crash when deallocating
deeply nested filter objects. Patch by Marta Gómez Macías.
- gh-102397: Fix segfault from race condition in signal
handling during garbage collection. Patch by Kumar Aditya.
- gh-102126: Fix deadlock at shutdown when clearing thread
states if any finalizer tries to acquire the runtime head
lock. Patch by Kumar Aditya.
- gh-102027: Fix SSE2 and SSE3 detection in _blake2 internal
module. Patch by Max Bachmann.
- gh-101967: Fix possible segfault in
positional_only_passed_as_keyword function, when new list
created.
- gh-101765: Fix SystemError / segmentation fault in iter
__reduce__ when internal access of builtins.__dict__ keys
mutates the iter object.
- Library
- gh-102947: Improve traceback when dataclasses.fields() is
called on a non-dataclass. Patch by Alex Waygood
- gh-101979: Fix a bug where parentheses in the metavar
argument to argparse.ArgumentParser.add_argument() were
dropped. Patch by Yeojin Kim.
- gh-102179: Fix os.dup2() error message for negative fds.
- gh-101961: For the binary mode, fileinput.hookcompressed()
doesnt set the encoding value even if the value is
None. Patch by Gihwan Kim.
- gh-101936: The default value of fp becomes io.BytesIO
if HTTPError is initialized without a designated fp
parameter. Patch by Long Vo.
- gh-101566: In zipfile, apply fix for extractall on the
underlying zipfile after being wrapped in Path.
- gh-101997: Upgrade pip wheel bundled with ensurepip (pip
23.0.1)
- gh-101892: Callable iterators no longer raise SystemError
when the callable object exhausts the iterator but forgets
to either return a sentinel value or raise StopIteration.
- gh-97786: Fix potential undefined behaviour in corner cases
of floating-point-to-time conversions.
- gh-101517: Fixed bug where bdb looks up the source line
with linecache with a lineno=None, which causes it to fail
with an unhandled exception.
- gh-101673: Fix a pdb bug where ll clears the changes to
local variables.
- gh-96931: Fix incorrect results from
ssl.SSLSocket.shared_ciphers()
- gh-88233: Correctly preserve “extra” fields in zipfile
regardless of their ordering relative to a zip64 “extra.”
- gh-95495: When built against OpenSSL 3.0, the ssl module
had a bug where it reported unauthenticated EOFs (i.e.
without close_notify) as a clean TLS-level EOF. It now
raises SSLEOFError, matching the behavior in previous
versions of OpenSSL. The options attribute on SSLContext
also no longer includes OP_IGNORE_UNEXPECTED_EOF by
default. This option may be set to specify the previous
OpenSSL 3.0 behavior.
- gh-94440: Fix a concurrent.futures.process bug where
ProcessPoolExecutor shutdown could hang after a future has
been quickly submitted and canceled.
- Documentation
- gh-103112: Add docstring to http.client.HTTPResponse.read()
to fix pydoc output.
- gh-85417: Update cmath documentation to clarify behaviour
on branch cuts.
- gh-97725: Fix asyncio.Task.print_stack() description for
file=None. Patch by Oleg Iarygin.
- Tests
- gh-102980: Improve test coverage on pdb.
- gh-102537: Adjust the error handling strategy in
test_zoneinfo.TzPathTest.python_tzpath_context. Patch by
Paul Ganssle.
- gh-101377: Improved test_locale_calendar_formatweekday of
calendar.
- Build
- gh-102711: Fix -Wstrict-prototypes compiler warnings.
- Removed upstreamed:
- invalid-json.patch
-------------------------------------------------------------------
Mon Mar 13 08:39:53 UTC 2023 - Matej Cepl <mcepl@suse.com>

8
python310.spec
View File

@ -103,7 +103,7 @@ Obsoletes: python39%{?1:-%{1}}
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
%bcond_without profileopt
Name: %{python_pkg_name}%{psuffix}
Version: 3.10.10
Version: 3.10.11
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
@ -170,12 +170,9 @@ Patch36: support-expat-CVE-2022-25236-patched.patch
# blocklist bypass via the urllib.parse component when supplying
# a URL that starts with blank characters
Patch37: CVE-2023-24329-blank-URL-bypass.patch
# PATCH-FIX-UPSTREAM invalid-json.patch gh#python/cpython#102582 mcepl@suse.com
# We require valid JSON in documentation
Patch38: invalid-json.patch
# PATCH-FIX-UPSTREAM CVE-2007-4559-filter-tarfile_extractall.patch bsc#1203750 mcepl@suse.com
# PEP 706 Filter for tarfile.extractall
Patch39: CVE-2007-4559-filter-tarfile_extractall.patch
Patch38: CVE-2007-4559-filter-tarfile_extractall.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@ -450,7 +447,6 @@ other applications.
%patch36 -p1
%patch37 -p1
%patch38 -p1
%patch39 -p1
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac