pool/python311
SHA256
11
0
Fork 1
Code Issues Pull Requests Activity

- Update to Python 3.11.4:

Browse Source 
- gh-103142: The version of OpenSSL used in Windows and
    Mac installers has been upgraded to 1.1.1u to address
    CVE-2023-2650, CVE-2023-0465, CVE-2023-0466, CVE-2023-0464,
    as well as CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303
    fixed previously in 1.1.1t (gh-101727).
  - gh-102153: urllib.parse.urlsplit() now strips leading C0
    control and space characters following the specification for
    URLs defined by WHATWG in response to CVE-2023-24329
    (bsc#1208471).
  - gh-99889: Fixed a security in flaw in uu.decode() that could
    allow for directory traversal based on the input if no
    out_file was specified.
  - gh-104049: Do not expose the local on-disk
    location in directory indexes produced by
    http.client.SimpleHTTPRequestHandler.
  - gh-103935: trace.__main__ now uses io.open_code() for files
    to be executed instead of raw open().
  - gh-102953: The extraction methods in tarfile, and
    shutil.unpack_archive(), have a new filter argument that
    allows limiting tar features than may be surprising or
    dangerous, such as creating files outside the destination
    directory. See Extraction filters for details (fixing
    CVE-2007-4559, bsc#1203750).
- Remove upstreamed patches:
  - CVE-2007-4559-filter-tarfile_extractall.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=71
This commit is contained in:
Matej Cepl
2023-06-28 19:51:47 +00:00
committed by Git OBS Bridge
parent 6bf0620e58
commit b8797f4452
7 changed files with 50 additions and 2640 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python311.spec
View File

@@ -94,7 +94,7 @@
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
%bcond_without profileopt
Name: %{python_pkg_name}%{psuffix}
Version: 3.11.3
Version: 3.11.4
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
@@ -157,9 +157,6 @@ Patch35: fix_configure_rst.patch
# PATCH-FIX-UPSTREAM support-expat-CVE-2022-25236-patched.patch jsc#SLE-21253 mcepl@suse.com
# Makes Python resilient to changes of API of libexpat
Patch36: support-expat-CVE-2022-25236-patched.patch
# PATCH-FIX-UPSTREAM CVE-2007-4559-filter-tarfile_extractall.patch bsc#1203750 mcepl@suse.com
# PEP 706 Filter for tarfile.extractall
Patch37: CVE-2007-4559-filter-tarfile_extractall.patch
# PATCH-FIX-UPSTREAM 103213-fetch-CONFIG_ARGS.patch gh#python/cpython#103053 mcepl@suse.com
# Fetch CONFIG_ARGS from original python instance
Patch38: 103213-fetch-CONFIG_ARGS.patch
@@ -424,7 +421,6 @@ other applications.
%endif
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch38 -p1
%patch39 -p1