python311

pool/python311

SHA256

Fork 2

48953809e4 Add CVE-2025-6075-expandvars-perf-degrad.patch factory Matěj Cepl 2025-11-15 19:16:35 +01:00
06d1a72674 Mark the upgrade to 3.11.14 as fixing CVE-2025-8291, bsc#1251305. Matěj Cepl 2025-11-11 22:21:05 +01:00
c61cd14450 Accepting request 1311759 from devel:languages:python:Factory Ana Guerrero 2025-10-17 15:25:27 +00:00
c3b20ea06a - Update to 3.11.14: - Security - gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file. - gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only garbage-collected once they are no longer referenced by subparsers created by ExternalEntityParserCreate(). Patch by Sebastian Pipping. - gh-135661: Fix parsing start and end tags in html.parser.HTMLParser according to the HTML5 standard. * Whitespaces no longer accepted between </ and the tag name. E.g. </ script> does not end the script section. * Vertical tabulation (\v) and non-ASCII whitespaces no longer recognized as whitespaces. The only whitespaces are \t\n\r\f and space. * Null character (U+0000) no longer ends the tag name. * Attributes and slashes after the tag name in end tags are now ignored, instead of terminating after the first > in quoted attribute value. E.g. </script/foo=">"/>. * Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. <a foo=bar/ //>. * Multiple = between attribute name and value are no longer collapsed. E.g. <a foo==bar> produces attribute “foo” with value “=bar”. - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in Matej Cepl 2025-10-16 16:27:30 +00:00
4fd1005be3 Accepting request 1308253 from devel:languages:python:Factory Ana Guerrero 2025-10-02 17:19:31 +00:00
09df53c2ab - Add gh139257-Support-docutils-0.22.patch to fix build with latest docutils (>=0.22) gh#python/cpython#139257 Matej Cepl 2025-09-30 16:22:12 +00:00
e11e1b86fe Accepting request 1306450 from devel:languages:python:Factory Ana Guerrero 2025-09-23 14:05:55 +00:00
e86b781354 - Drop AppStream buildrequires and don't run appstreamcli validate as part of the build process: the appdata.xml is not updated by source directly, so we have more contol. Having Appstream or the deprecated appstream-glib result in a build cycle. Markéta Machová 2025-09-22 09:07:56 +00:00
5c22d91c83 - Require AppStream to validate appdata file instead of deprecated appstream-glib. - Update idle3.appdata.xml to pass the more pedantic appstreamcli. Matej Cepl 2025-09-18 13:55:02 +00:00
6ec5a86d6c Accepting request 1297128 from devel:languages:python:Factory Dominique Leuenberger 2025-08-04 13:22:22 +00:00
6077f92a3d update the patch Matej Cepl 2025-08-01 20:22:03 +00:00
0c195902dd - Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now validates archives to ensure member offsets are non-negative (gh#python/cpython#130577, CVE-2025-8194, bsc#1247249). Matej Cepl 2025-08-01 20:18:10 +00:00
e06b229157 Accepting request 1294514 from devel:languages:python:Factory Ana Guerrero 2025-07-20 13:28:51 +00:00
1bf3058aba Fix tests Matej Cepl 2025-07-02 16:13:50 +00:00
420a5bd2d2 - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). Matej Cepl 2025-07-02 15:58:03 +00:00
4cd370afa9 Accepting request 1289839 from home:dgarcia:branches:devel:languages:python:Factory Matej Cepl 2025-07-02 14:13:50 +00:00
3701c69ddb Accepting request 1288599 from devel:languages:python:Factory Ana Guerrero 2025-06-26 09:38:07 +00:00
b51967df3e Also addresses CVE-2025-4435 (gh#135034, bsc#1244061). Matej Cepl 2025-06-25 19:49:10 +00:00
6b34ffaa68 Accepting request 1284263 from devel:languages:python:Factory Ana Guerrero 2025-06-11 14:20:10 +00:00
28749a59dd - Update to 3.11.13: - Security - gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138 (bsc#1244059), CVE-2025-4330 (bsc#1244060), and CVE-2025-4517 (bsc#1244032). - gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler (CVE-2025-4516, bsc#1243273). - gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. - Library - gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address. - gh-134062: ipaddress: fix collisions in __hash__() for IPv4Network and IPv6Network objects. - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output according to RFC 3596, §2.5. Patch by Bénédikt Tran. - bpo-43633: Improve the textual representation of IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2) in ipaddress. Patch by Oleksandr Pavliuk. - Remove upstreamed patches: - gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch - CVE-2025-4516-DecodeError-handler.patch Matej Cepl 2025-06-09 17:26:24 +00:00
ebd01e5a57 Accepting request 1281358 from devel:languages:python:Factory Ana Guerrero 2025-06-02 19:58:44 +00:00
c1db13ef0f Update the patch Matej Cepl 2025-05-29 16:42:17 +00:00
4e3f0dd903 remove trailing spaces Matej Cepl 2025-05-28 09:17:38 +00:00
69fa4c8b8f Use the upstream patch Matej Cepl 2025-05-27 14:13:40 +00:00
d5adcdb437 Fix patch Matej Cepl 2025-05-22 14:14:05 +00:00
ee7afa01a6 - Add CVE-2025-4516-DecodeError-handler.patch fixing CVE-2025-4516 (bsc#1243273) blocking DecodeError handling vulnerability, which could lead to DoS. Matej Cepl 2025-05-22 13:01:41 +00:00
323372859b - Use extended %autopatch. Matej Cepl 2025-05-17 10:02:52 +00:00
d36495652f Accepting request 1276662 from devel:languages:python:Factory Ana Guerrero 2025-05-13 18:11:45 +00:00
ea222077b1 strip trailing spaces Matej Cepl 2025-05-12 11:13:34 +00:00
42e3868a51 - Remove python-3.3.0b1-test-posix_fadvise.patch (not needed since kernel 3.6-rc1) Matej Cepl 2025-05-10 11:43:09 +00:00
d91107c793 Accepting request 1270996 from devel:languages:python:Factory Ana Guerrero 2025-04-24 15:24:53 +00:00
1dad22a352 - Add gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch which makes test_ssl not to stop ThreadedEchoServer on OSError, which makes test_ssl pass with OpenSSL 3.5 (bsc#1241067, gh#python/cpython!126572) Matej Cepl 2025-04-19 18:46:57 +00:00
42d2447d53 Accepting request 1269623 from devel:languages:python:Factory Ana Guerrero 2025-04-16 18:37:19 +00:00
6bf579cdde Fix changelog Matej Cepl 2025-04-15 13:00:57 +00:00
93c48806cf - Update to 3.11.12: - gh-131809: Update bundled libexpat to 2.7.1 - gh-131261: Upgrade to libexpat 2.7.0 - gh-105704: When using urllib.parse.urlsplit() and urllib.parse.urlparse() host parsing would not reject domain names containing square brackets ([ and ]). Square brackets are only valid for IPv6 and IPvFuture hosts according to RFC 3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704). - gh-121284: Fix bug in the folding of rfc2047 encoded-words when flattening an email message using a modern email policy. Previously when an encoded-word was too long for a line, it would be decoded, split across lines, and re-encoded. But commas and other special characters in the original text could be left unencoded and unquoted. This could theoretically be used to spoof header lines using a carefully constructed encoded-word if the resulting rendered email was transmitted or re-parsed. - gh-80222: Fix bug in the folding of quoted strings when flattening an email message using a modern email policy. Previously when a quoted string was folded so that it spanned more than one line, the surrounding quotes and internal escapes would be omitted. This could theoretically be used to spoof header lines using a carefully constructed quoted string if the resulting rendered email was transmitted or re-parsed. - gh-119511: Fix a potential denial of service in the imaplib module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. On many systems this is harmless as unused virtual memory is only Matej Cepl 2025-04-11 08:56:48 +00:00
78b43d2db4 Accepting request 1252659 from devel:languages:python:Factory Dominique Leuenberger 2025-03-16 17:57:50 +00:00
6935cf305a Allow to disable PGO Matej Cepl 2025-03-13 08:01:05 +00:00
af76ca1218 Accepting request 1251955 from devel:languages:python:Factory Ana Guerrero 2025-03-11 19:42:22 +00:00
578ac9ee0d Fix bug reference in the changelog Matej Cepl 2025-03-11 06:56:33 +00:00
04b6209620 Fix bug reference in the changelog Matej Cepl 2025-03-11 06:13:03 +00:00
1bdf112298 - Skip PGO with %want_reproducible_builds (boo#1040589) Matej Cepl 2025-03-10 18:50:17 +00:00
0f5a6b091f Accepting request 1243983 from devel:languages:python:Factory Ana Guerrero 2025-02-07 21:46:39 +00:00
3e044ac945 Remove unnecessary patch file. Matej Cepl 2025-02-04 14:57:26 +00:00
108a2a7e18 - Add CVE-2025-0938-sq-brackets-domain-names.patch which disallows square brackets ([ and ]) in domain names for parsed URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704) Matej Cepl 2025-02-04 14:51:05 +00:00
ddc3db9f5e Accepting request 1241349 from devel:languages:python:Factory Ana Guerrero 2025-02-03 20:41:50 +00:00
a36cc2d393 - Configure externally_managed with a bcond https://en.opensuse.org/openSUSE:Python:Externally_managed bsc#1228165 Matej Cepl 2025-01-30 12:53:34 +00:00
2f4b16c511 Accepting request 1228380 from devel:languages:python:Factory Ana Guerrero 2024-12-06 13:24:50 +00:00
9fa0280821 - Update to 3.11.11: - Tools/Demos - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15 and multissltests to use 3.0.15, 3.1.7, and 3.2.3. - Tests - gh-125041: Re-enable skipped tests for zlib on the s390x architecture: only skip checks of the compressed bytes, which can be different between zlib’s software implementation and the hardware-accelerated implementation. - Security - gh-126623: Upgrade libexpat to 2.6.4 - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified. - Library - gh-124651: Properly quote template strings in venv activation scripts (bsc#1232241, CVE-2024-9287). - Removed upstreamed patches: - CVE-2024-9287-venv_path_unquoted.patch Matej Cepl 2024-12-04 21:44:34 +00:00
77563efde5 Accepting request 1227946 from devel:languages:python:Factory Ana Guerrero 2024-12-04 14:26:23 +00:00
12e9f4c239 - Add add-loongarch64-support.patch to support loongarch64 Matej Cepl 2024-12-03 09:29:46 +00:00
f5aae8a813 - Fix changelog (renamed from CVE-2024-8088-zipfile-Path-sanitization.patch) - CVE-2024-6232-ReDOS-backtrack-tarfile.patch - CVE-2024-7592-quad-complex-cookies.patch * CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch - Remove upstreamed patches: - CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch Matej Cepl 2024-12-02 22:50:54 +00:00
daf38491cb Accepting request 1224080 from devel:languages:python:Factory Ana Guerrero 2024-11-15 14:37:40 +00:00
48c5537865 - Remove -IVendor/ from python-config boo#1231795 Matej Cepl 2024-11-14 07:14:37 +00:00
4a5e3afeb0 Accepting request 1220125 from devel:languages:python:Factory Dominique Leuenberger 2024-11-03 06:17:01 +00:00
f67c1ef5a0 - Add CVE-2024-9287-venv_path_unquoted.patch to properly quote path names provided when creating a virtual environment (bsc#1232241, CVE-2024-9287) Matej Cepl 2024-11-01 16:39:46 +00:00
5823595707 Accepting request 1219469 from devel:languages:python:Factory Dominique Leuenberger 2024-10-31 15:08:32 +00:00
94e7ee7c44 Fix the changelog Matej Cepl 2024-10-03 15:04:47 +00:00
ecc51fd1a6 - Drop .pyc files from docdir for reproducible builds Matej Cepl 2024-10-02 16:19:39 +00:00
a2eeecf0ed Accepting request 1199725 from devel:languages:python:Factory Ana Guerrero 2024-09-18 13:25:57 +00:00
8d7964cbfc - Update to 3.11.10: - Security - gh-123678: Upgrade libexpat to 2.6.3 - gh-121957: Fixed missing audit events around interactive use of Python, now also properly firing for `python -i, as well as for python -m asyncio. The event in question is cpython.run_stdin. - gh-122133: Authenticate the socket connection for the socket.socketpair() fallback on platforms where AF_UNIX is not available like Windows. Patch by Gregory P. Smith <greg@krypto.org> and Seth Larson <seth@python.org>. Reported by Ellie <el@horse64.org> - gh-121285: Remove backtracking from tarfile header parsing for hdrcharset, PAX, and GNU sparse headers (bsc#1230227, CVE-2024-6232). - gh-118486: :func:os.mkdir on Windows now accepts *mode* of 0o700 to restrict the new directory to the current user. This fixes CVE-2024-4030 affecting :func:tempfile.mkdtemp in scenarios where the base temporary directory is more permissive than the default. - gh-116741: Update bundled libexpat to 2.6.2 - Library - gh-123270: Applied a more surgical fix for malformed payloads in :class:zipfile.Path causing infinite loops (gh-122905) without breaking contents using legitimate characters (bsc#1229704, CVE-2024-8088). - gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes by :mod:http.cookies (bsc#1229596, CVE-2024-7592). - gh-122905: :class:zipfile.Path` objects now sanitize names 1741817519334369620/tmp_refs/heads/main 1741817519334369620/main Matej Cepl 2024-09-09 17:03:10 +00:00
f2ba782fa5 - Add gh120226-fix-sendfile-test-kernel-610.patch to avoid failing test_sendfile_close_peer_in_the_middle_of_receiving tests on Linux >= 6.10 (GH-120227). Matej Cepl 2024-09-02 09:45:35 +00:00
b98a243190 Accepting request 1197475 from devel:languages:python:Factory Dominique Leuenberger 2024-08-30 11:25:42 +00:00
4c1b2b97e5 - Add CVE-2024-8088-inf-loop-zipfile_Path.patch to prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, CVE-2024-8088). Matej Cepl 2024-08-29 12:48:46 +00:00
d310e96459 Accepting request 1192372 from devel:languages:python:Factory Dominique Leuenberger 2024-08-10 17:05:45 +00:00
19a07a5898 - %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999) Matej Cepl 2024-08-07 20:15:48 +00:00
763dd72636 - Add CVE-2024-6923-email-hdr-inject.patch to prevent email header injection due to unquoted newlines (bsc#1228780, CVE-2024-6923). Matej Cepl 2024-08-07 12:14:54 +00:00
a00e4c0107 Accepting request 1190344 from devel:languages:python:Factory Dominique Leuenberger 2024-07-31 11:28:00 +00:00
7a43c0a133 - Remove %suse_update_desktop_file macro as it is not useful any more. Matej Cepl 2024-07-22 21:29:24 +00:00
3fa86c4781 Revert %autopatch. Matej Cepl 2024-07-18 22:46:00 +00:00
511b0d3f92 - Adding bso1227999-reproducible-builds.patch fixing bsc#1227999 adding reproducibility patches from gh#python/cpython!121872 and gh#python/cpython!121883. - Trying %autopatch again (bsc#1189495 seems to be fixed) Matej Cepl 2024-07-18 22:39:01 +00:00
63b5b7e315 - Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). Matej Cepl 2024-07-15 12:14:33 +00:00
7124f7199f Accepting request 1185397 from devel:languages:python:Factory Ana Guerrero 2024-07-09 18:02:51 +00:00
1170d3a502 Accepting request 1184845 from home:dgarcia:usr-local-cpython Matej Cepl 2024-07-04 13:17:01 +00:00
b6c310cc5a Accepting request 1183510 from devel:languages:python:Factory Ana Guerrero 2024-06-28 13:46:47 +00:00
2f6f68cb45 - Add CVE-2024-4032-private-IP-addrs.patch to fix bsc#1226448 (CVE-2024-4032) rearranging definition of private v global IP addresses. Matej Cepl 2024-06-25 21:58:48 +00:00
992cbf442e multiple threads (bsc#1226447, CVE-2024-0397). Matej Cepl 2024-06-21 14:02:10 +00:00
d00c2f8ffd Accepting request 1171202 from devel:languages:python:Factory Ana Guerrero 2024-05-02 21:42:42 +00:00
77ce54fe8f - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. Matej Cepl 2024-05-01 23:30:08 +00:00
e54275a76b - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch Matej Cepl 2024-05-01 09:01:36 +00:00
37ecd27cc8 Update CVE-2023-52425-libexpat-2.6.0-backport.patch Matej Cepl 2024-04-30 15:37:14 +00:00
32bb272437 Accepting request 1169286 from devel:languages:python:Factory Ana Guerrero 2024-04-21 18:24:16 +00:00
116be53bb3 Accepting request 1169083 from home:dgarcia:branches:devel:languages:python:Factory Matej Cepl 2024-04-19 22:20:05 +00:00
fe7f29284c Accepting request 1166573 from home:dgarcia:branches:devel:languages:python:Factory Matej Cepl 2024-04-10 14:25:37 +00:00
19bdd05c49 Accepting request 1161081 from devel:languages:python:Factory Ana Guerrero 2024-03-25 20:06:04 +00:00
246a8799b3 - Add reference to CVE-2024-0450 (bsc#1221854) to changelog. other entry or central directory (bsc#1221854, CVE-2024-0450). Matej Cepl 2024-03-24 07:52:22 +00:00
eceb720075 - Because of bsc#1189495 we have to revert use of %autopatch. Matej Cepl 2024-03-22 21:22:48 +00:00
b1a4352010 Accepting request 1157149 from devel:languages:python:Factory Ana Guerrero 2024-03-13 21:16:00 +00:00
11b7cca704 typo Matej Cepl 2024-03-12 10:27:24 +00:00
cc88adec5d Fix environmental variables. Matej Cepl 2024-03-12 09:04:03 +00:00
5070284313 Cleanup Matej Cepl 2024-03-12 08:54:59 +00:00
6acd83df79 autosetup actually doesn't have -m/-M, it's autopatch Matej Cepl 2024-03-12 08:53:52 +00:00
f2e8cdf7ce - Rewrite %prep to use %autosetup et al. for compatibility with rpm 4.20. Matej Cepl 2024-03-12 08:46:16 +00:00
61edd8bfc6 - bsc#1221260 add bsc1221260-test_asyncio-ResourceWarning.patch to eliminate ResourceWarning which broke the test suite in test_asyncio. Matej Cepl 2024-03-12 08:20:37 +00:00
2697832d56 Accepting request 1155683 from home:pmonrealgonzalez:branches:devel:languages:python:Factory Matej Cepl 2024-03-06 21:50:48 +00:00
d0d6107118 Accepting request 1153186 from devel:languages:python:Factory Dominique Leuenberger 2024-03-01 22:35:58 +00:00
5c654e8335 We cannot run test_delete_false Matej Cepl 2024-02-29 09:21:47 +00:00
27413421cf Fix the changelog. Matej Cepl 2024-02-29 07:17:18 +00:00
af31ac92dd - (bsc#1219666, CVE-2023-6597) Add CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from gh#python/cpython!99930) fixing symlink bug in cleanup of tempfile.TemporaryDirectory. - Repurpose skip-failing-tests.patch to increase timeout for test.test_asyncio.test_tasks.TimeoutTests.test_timeout_time, which fails on slow machines in IBS (s390x). Matej Cepl 2024-02-29 07:16:40 +00:00
b0bca7ad80 - Remove double definition of /usr/bin/idle%%{version} in %%files. Matej Cepl 2024-02-20 22:15:23 +00:00
96b991b360 Accepting request 1146838 from devel:languages:python:Factory Ana Guerrero 2024-02-18 19:22:52 +00:00

1 2

Commit Graph Select branches Hide Pull Requests factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

factory