- Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now

validates archives to ensure member offsets are non-negative
  (gh#python/cpython#130577, CVE-2025-8194, bsc#1247249).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python313?expand=0&rev=113

CVE-2025-6069-quad-complex-HTMLParser.patch

@@ -0,0 +1,247 @@
+From 9043edabc7e2f0dd655146e0a4571e2a0b2906af Mon Sep 17 00:00:00 2001
+From: Serhiy Storchaka <storchaka@gmail.com>
+Date: Fri, 13 Jun 2025 19:57:48 +0300
+Subject: [PATCH] gh-135462: Fix quadratic complexity in processing special
+ input in HTMLParser (GH-135464)
+
+End-of-file errors are now handled according to the HTML5 specs --
+comments and declarations are automatically closed, tags are ignored.
+(cherry picked from commit 6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41)
+
+Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
+---
+ Lib/html/parser.py                                                       |   41 +++-
+ Lib/test/test_htmlparser.py                                              |   97 +++++++---
+ Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst |    4 
+ 3 files changed, 111 insertions(+), 31 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst
+
+Index: Python-3.13.5/Lib/html/parser.py
+===================================================================
+--- Python-3.13.5.orig/Lib/html/parser.py	2025-06-11 17:36:57.000000000 +0200
++++ Python-3.13.5/Lib/html/parser.py	2025-07-02 16:49:52.020175099 +0200
+@@ -27,6 +27,7 @@
+ attr_charref = re.compile(r'&(#[0-9]+|#[xX][0-9a-fA-F]+|[a-zA-Z][a-zA-Z0-9]*)[;=]?')
+ 
+ starttagopen = re.compile('<[a-zA-Z]')
++endtagopen = re.compile('</[a-zA-Z]')
+ piclose = re.compile('>')
+ commentclose = re.compile(r'--\s*>')
+ # Note:
+@@ -195,7 +196,7 @@
+                     k = self.parse_pi(i)
+                 elif startswith("<!", i):
+                     k = self.parse_html_declaration(i)
+-                elif (i + 1) < n:
++                elif (i + 1) < n or end:
+                     self.handle_data("<")
+                     k = i + 1
+                 else:
+@@ -203,17 +204,35 @@
+                 if k < 0:
+                     if not end:
+                         break
+-                    k = rawdata.find('>', i + 1)
+-                    if k < 0:
+-                        k = rawdata.find('<', i + 1)
+-                        if k < 0:
+-                            k = i + 1
++                    if starttagopen.match(rawdata, i):  # < + letter
++                        pass
++                    elif startswith("</", i):
++                        if i + 2 == n:
++                            self.handle_data("</")
++                        elif endtagopen.match(rawdata, i):  # </ + letter
++                            pass
++                        else:
++                            # bogus comment
++                            self.handle_comment(rawdata[i+2:])
++                    elif startswith("<!--", i):
++                        j = n
++                        for suffix in ("--!", "--", "-"):
++                            if rawdata.endswith(suffix, i+4):
++                                j -= len(suffix)
++                                break
++                        self.handle_comment(rawdata[i+4:j])
++                    elif startswith("<![CDATA[", i):
++                        self.unknown_decl(rawdata[i+3:])
++                    elif rawdata[i:i+9].lower() == '<!doctype':
++                        self.handle_decl(rawdata[i+2:])
++                    elif startswith("<!", i):
++                        # bogus comment
++                        self.handle_comment(rawdata[i+2:])
++                    elif startswith("<?", i):
++                        self.handle_pi(rawdata[i+2:])
+                     else:
+-                        k += 1
+-                    if self.convert_charrefs and not self.cdata_elem:
+-                        self.handle_data(unescape(rawdata[i:k]))
+-                    else:
+-                        self.handle_data(rawdata[i:k])
++                        raise AssertionError("we should not get here!")
++                    k = n
+                 i = self.updatepos(i, k)
+             elif startswith("&#", i):
+                 match = charref.match(rawdata, i)
+Index: Python-3.13.5/Lib/test/test_htmlparser.py
+===================================================================
+--- Python-3.13.5.orig/Lib/test/test_htmlparser.py	2025-06-11 17:36:57.000000000 +0200
++++ Python-3.13.5/Lib/test/test_htmlparser.py	2025-07-02 16:49:52.020821697 +0200
+@@ -5,6 +5,7 @@
+ import unittest
+ 
+ from unittest.mock import patch
++from test import support
+ 
+ 
+ class EventCollector(html.parser.HTMLParser):
+@@ -430,28 +431,34 @@
+                             ('data', '<'),
+                             ('starttag', 'bc<', [('a', None)]),
+                             ('endtag', 'html'),
+-                            ('data', '\n<img src="URL>'),
+-                            ('comment', '/img'),
+-                            ('endtag', 'html<')])
++                            ('data', '\n')])
+ 
+     def test_starttag_junk_chars(self):
++        self._run_check("<", [('data', '<')])
++        self._run_check("<>", [('data', '<>')])
++        self._run_check("< >", [('data', '< >')])
++        self._run_check("< ", [('data', '< ')])
+         self._run_check("</>", [])
++        self._run_check("<$>", [('data', '<$>')])
+         self._run_check("</$>", [('comment', '$')])
+         self._run_check("</", [('data', '</')])
+-        self._run_check("</a", [('data', '</a')])
++        self._run_check("</a", [])
++        self._run_check("</ a>", [('endtag', 'a')])
++        self._run_check("</ a", [('comment', ' a')])
+         self._run_check("<a<a>", [('starttag', 'a<a', [])])
+         self._run_check("</a<a>", [('endtag', 'a<a')])
+-        self._run_check("<!", [('data', '<!')])
+-        self._run_check("<a", [('data', '<a')])
+-        self._run_check("<a foo='bar'", [('data', "<a foo='bar'")])
+-        self._run_check("<a foo='bar", [('data', "<a foo='bar")])
+-        self._run_check("<a foo='>'", [('data', "<a foo='>'")])
+-        self._run_check("<a foo='>", [('data', "<a foo='>")])
++        self._run_check("<!", [('comment', '')])
++        self._run_check("<a", [])
++        self._run_check("<a foo='bar'", [])
++        self._run_check("<a foo='bar", [])
++        self._run_check("<a foo='>'", [])
++        self._run_check("<a foo='>", [])
+         self._run_check("<a$>", [('starttag', 'a$', [])])
+         self._run_check("<a$b>", [('starttag', 'a$b', [])])
+         self._run_check("<a$b/>", [('startendtag', 'a$b', [])])
+         self._run_check("<a$b  >", [('starttag', 'a$b', [])])
+         self._run_check("<a$b  />", [('startendtag', 'a$b', [])])
++        self._run_check("</a$b>", [('endtag', 'a$b')])
+ 
+     def test_slashes_in_starttag(self):
+         self._run_check('<a foo="var"/>', [('startendtag', 'a', [('foo', 'var')])])
+@@ -576,21 +583,50 @@
+         for html, expected in data:
+             self._run_check(html, expected)
+ 
+-    def test_EOF_in_comments_or_decls(self):
++    def test_eof_in_comments(self):
+         data = [
+-            ('<!', [('data', '<!')]),
+-            ('<!-', [('data', '<!-')]),
+-            ('<!--', [('data', '<!--')]),
+-            ('<![', [('data', '<![')]),
+-            ('<![CDATA[', [('data', '<![CDATA[')]),
+-            ('<![CDATA[x', [('data', '<![CDATA[x')]),
+-            ('<!DOCTYPE', [('data', '<!DOCTYPE')]),
+-            ('<!DOCTYPE HTML', [('data', '<!DOCTYPE HTML')]),
++            ('<!--', [('comment', '')]),
++            ('<!---', [('comment', '')]),
++            ('<!----', [('comment', '')]),
++            ('<!-----', [('comment', '-')]),
++            ('<!------', [('comment', '--')]),
++            ('<!----!', [('comment', '')]),
++            ('<!---!', [('comment', '-!')]),
++            ('<!---!>', [('comment', '-!>')]),
++            ('<!--foo', [('comment', 'foo')]),
++            ('<!--foo-', [('comment', 'foo')]),
++            ('<!--foo--', [('comment', 'foo')]),
++            ('<!--foo--!', [('comment', 'foo')]),
++            ('<!--<!--', [('comment', '<!')]),
++            ('<!--<!--!', [('comment', '<!')]),
+         ]
+         for html, expected in data:
+             self._run_check(html, expected)
++
++    def test_eof_in_declarations(self):
++        data = [
++            ('<!', [('comment', '')]),
++            ('<!-', [('comment', '-')]),
++            ('<![', [('comment', '[')]),
++            ('<![CDATA[', [('unknown decl', 'CDATA[')]),
++            ('<![CDATA[x', [('unknown decl', 'CDATA[x')]),
++            ('<![CDATA[x]', [('unknown decl', 'CDATA[x]')]),
++            ('<![CDATA[x]]', [('unknown decl', 'CDATA[x]]')]),
++            ('<!DOCTYPE', [('decl', 'DOCTYPE')]),
++            ('<!DOCTYPE ', [('decl', 'DOCTYPE ')]),
++            ('<!DOCTYPE html', [('decl', 'DOCTYPE html')]),
++            ('<!DOCTYPE html ', [('decl', 'DOCTYPE html ')]),
++            ('<!DOCTYPE html PUBLIC', [('decl', 'DOCTYPE html PUBLIC')]),
++            ('<!DOCTYPE html PUBLIC "foo', [('decl', 'DOCTYPE html PUBLIC "foo')]),
++            ('<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "foo',
++             [('decl', 'DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "foo')]),
++        ]
++        for html, expected in data:
++            self._run_check(html, expected)
++
+     def test_bogus_comments(self):
+-        html = ('<! not really a comment >'
++        html = ('<!ELEMENT br EMPTY>'
++                '<! not really a comment >'
+                 '<! not a comment either -->'
+                 '<! -- close enough -->'
+                 '<!><!<-- this was an empty comment>'
+@@ -604,6 +640,7 @@
+                 '<![CDATA]]>'  # required '[' after CDATA
+         )
+         expected = [
++            ('comment', 'ELEMENT br EMPTY'),
+             ('comment', ' not really a comment '),
+             ('comment', ' not a comment either --'),
+             ('comment', ' -- close enough --'),
+@@ -684,6 +721,26 @@
+              ('endtag', 'a'), ('data', ' bar & baz')]
+         )
+ 
++    @support.requires_resource('cpu')
++    def test_eof_no_quadratic_complexity(self):
++        # Each of these examples used to take about an hour.
++        # Now they take a fraction of a second.
++        def check(source):
++            parser = html.parser.HTMLParser()
++            parser.feed(source)
++            parser.close()
++        n = 120_000
++        check("<a " * n)
++        check("<a a=" * n)
++        check("</a " * 14 * n)
++        check("</a a=" * 11 * n)
++        check("<!--" * 4 * n)
++        check("<!" * 60 * n)
++        check("<?" * 19 * n)
++        check("</$" * 15 * n)
++        check("<![CDATA[" * 9 * n)
++        check("<!doctype" * 35 * n)
++
+ 
+ class AttributesTestCase(TestCaseBase):
+ 
+Index: Python-3.13.5/Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ Python-3.13.5/Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst	2025-07-02 16:49:52.021124951 +0200
+@@ -0,0 +1,4 @@
++Fix quadratic complexity in processing specially crafted input in
++:class:`html.parser.HTMLParser`. End-of-file errors are now handled according
++to the HTML5 specs -- comments and declarations are automatically closed,
++tags are ignored.

CVE-2025-8194-tarfile-no-neg-offsets.patch

@@ -0,0 +1,212 @@
+From fd29bcd380150035ef825b762d8cd085bdab6e53 Mon Sep 17 00:00:00 2001
+From: Alexander Urieles <aeurielesn@users.noreply.github.com>
+Date: Mon, 28 Jul 2025 17:37:26 +0200
+Subject: [PATCH] gh-130577: tarfile now validates archives to ensure member
+ offsets are non-negative (GH-137027) (cherry picked from commit
+ 7040aa54f14676938970e10c5f74ea93cd56aa38)
+
+Co-authored-by: Alexander Urieles <aeurielesn@users.noreply.github.com>
+Co-authored-by: Gregory P. Smith <greg@krypto.org>
+---
+ Lib/tarfile.py                                                          |    3 
+ Lib/test/test_tarfile.py                                                |  156 ++++++++++
+ Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst |    3 
+ 3 files changed, 162 insertions(+)
+ create mode 100644 Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst
+
+Index: Python-3.13.5/Lib/tarfile.py
+===================================================================
+--- Python-3.13.5.orig/Lib/tarfile.py	2025-08-01 22:13:44.185826095 +0200
++++ Python-3.13.5/Lib/tarfile.py	2025-08-01 22:13:45.524140183 +0200
+@@ -1636,6 +1636,9 @@
+         """Round up a byte count by BLOCKSIZE and return it,
+            e.g. _block(834) => 1024.
+         """
++        # Only non-negative offsets are allowed
++        if count < 0:
++            raise InvalidHeaderError("invalid offset")
+         blocks, remainder = divmod(count, BLOCKSIZE)
+         if remainder:
+             blocks += 1
+Index: Python-3.13.5/Lib/test/test_tarfile.py
+===================================================================
+--- Python-3.13.5.orig/Lib/test/test_tarfile.py	2025-06-11 17:36:57.000000000 +0200
++++ Python-3.13.5/Lib/test/test_tarfile.py	2025-08-01 22:13:45.524778259 +0200
+@@ -50,6 +50,7 @@
+ xzname = os.path.join(TEMPDIR, "testtar.tar.xz")
+ tmpname = os.path.join(TEMPDIR, "tmp.tar")
+ dotlessname = os.path.join(TEMPDIR, "testtar")
++SPACE = b" "
+ 
+ sha256_regtype = (
+     "e09e4bc8b3c9d9177e77256353b36c159f5f040531bbd4b024a8f9b9196c71ce"
+@@ -4578,6 +4579,161 @@
+         ar.extractall(self.testdir, filter='fully_trusted')
+ 
+ 
++class OffsetValidationTests(unittest.TestCase):
++    tarname = tmpname
++    invalid_posix_header = (
++        # name: 100 bytes
++        tarfile.NUL * tarfile.LENGTH_NAME
++        # mode, space, null terminator: 8 bytes
++        + b"000755" + SPACE + tarfile.NUL
++        # uid, space, null terminator: 8 bytes
++        + b"000001" + SPACE + tarfile.NUL
++        # gid, space, null terminator: 8 bytes
++        + b"000001" + SPACE + tarfile.NUL
++        # size, space: 12 bytes
++        + b"\xff" * 11 + SPACE
++        # mtime, space: 12 bytes
++        + tarfile.NUL * 11 + SPACE
++        # chksum: 8 bytes
++        + b"0011407" + tarfile.NUL
++        # type: 1 byte
++        + tarfile.REGTYPE
++        # linkname: 100 bytes
++        + tarfile.NUL * tarfile.LENGTH_LINK
++        # magic: 6 bytes, version: 2 bytes
++        + tarfile.POSIX_MAGIC
++        # uname: 32 bytes
++        + tarfile.NUL * 32
++        # gname: 32 bytes
++        + tarfile.NUL * 32
++        # devmajor, space, null terminator: 8 bytes
++        + tarfile.NUL * 6 + SPACE + tarfile.NUL
++        # devminor, space, null terminator: 8 bytes
++        + tarfile.NUL * 6 + SPACE + tarfile.NUL
++        # prefix: 155 bytes
++        + tarfile.NUL * tarfile.LENGTH_PREFIX
++        # padding: 12 bytes
++        + tarfile.NUL * 12
++    )
++    invalid_gnu_header = (
++        # name: 100 bytes
++        tarfile.NUL * tarfile.LENGTH_NAME
++        # mode, null terminator: 8 bytes
++        + b"0000755" + tarfile.NUL
++        # uid, null terminator: 8 bytes
++        + b"0000001" + tarfile.NUL
++        # gid, space, null terminator: 8 bytes
++        + b"0000001" + tarfile.NUL
++        # size, space: 12 bytes
++        + b"\xff" * 11 + SPACE
++        # mtime, space: 12 bytes
++        + tarfile.NUL * 11 + SPACE
++        # chksum: 8 bytes
++        + b"0011327" + tarfile.NUL
++        # type: 1 byte
++        + tarfile.REGTYPE
++        # linkname: 100 bytes
++        + tarfile.NUL * tarfile.LENGTH_LINK
++        # magic: 8 bytes
++        + tarfile.GNU_MAGIC
++        # uname: 32 bytes
++        + tarfile.NUL * 32
++        # gname: 32 bytes
++        + tarfile.NUL * 32
++        # devmajor, null terminator: 8 bytes
++        + tarfile.NUL * 8
++        # devminor, null terminator: 8 bytes
++        + tarfile.NUL * 8
++        # padding: 167 bytes
++        + tarfile.NUL * 167
++    )
++    invalid_v7_header = (
++        # name: 100 bytes
++        tarfile.NUL * tarfile.LENGTH_NAME
++        # mode, space, null terminator: 8 bytes
++        + b"000755" + SPACE + tarfile.NUL
++        # uid, space, null terminator: 8 bytes
++        + b"000001" + SPACE + tarfile.NUL
++        # gid, space, null terminator: 8 bytes
++        + b"000001" + SPACE + tarfile.NUL
++        # size, space: 12 bytes
++        + b"\xff" * 11 + SPACE
++        # mtime, space: 12 bytes
++        + tarfile.NUL * 11 + SPACE
++        # chksum: 8 bytes
++        + b"0010070" + tarfile.NUL
++        # type: 1 byte
++        + tarfile.REGTYPE
++        # linkname: 100 bytes
++        + tarfile.NUL * tarfile.LENGTH_LINK
++        # padding: 255 bytes
++        + tarfile.NUL * 255
++    )
++    valid_gnu_header = tarfile.TarInfo("filename").tobuf(tarfile.GNU_FORMAT)
++    data_block = b"\xff" * tarfile.BLOCKSIZE
++
++    def _write_buffer(self, buffer):
++        with open(self.tarname, "wb") as f:
++            f.write(buffer)
++
++    def _get_members(self, ignore_zeros=None):
++        with open(self.tarname, "rb") as f:
++            with tarfile.open(
++                mode="r", fileobj=f, ignore_zeros=ignore_zeros
++            ) as tar:
++                return tar.getmembers()
++
++    def _assert_raises_read_error_exception(self):
++        with self.assertRaisesRegex(
++            tarfile.ReadError, "file could not be opened successfully"
++        ):
++            self._get_members()
++
++    def test_invalid_offset_header_validations(self):
++        for tar_format, invalid_header in (
++            ("posix", self.invalid_posix_header),
++            ("gnu", self.invalid_gnu_header),
++            ("v7", self.invalid_v7_header),
++        ):
++            with self.subTest(format=tar_format):
++                self._write_buffer(invalid_header)
++                self._assert_raises_read_error_exception()
++
++    def test_early_stop_at_invalid_offset_header(self):
++        buffer = self.valid_gnu_header + self.invalid_gnu_header + self.valid_gnu_header
++        self._write_buffer(buffer)
++        members = self._get_members()
++        self.assertEqual(len(members), 1)
++        self.assertEqual(members[0].name, "filename")
++        self.assertEqual(members[0].offset, 0)
++
++    def test_ignore_invalid_archive(self):
++        # 3 invalid headers with their respective data
++        buffer = (self.invalid_gnu_header + self.data_block) * 3
++        self._write_buffer(buffer)
++        members = self._get_members(ignore_zeros=True)
++        self.assertEqual(len(members), 0)
++
++    def test_ignore_invalid_offset_headers(self):
++        for first_block, second_block, expected_offset in (
++            (
++                (self.valid_gnu_header),
++                (self.invalid_gnu_header + self.data_block),
++                0,
++            ),
++            (
++                (self.invalid_gnu_header + self.data_block),
++                (self.valid_gnu_header),
++                1024,
++            ),
++        ):
++            self._write_buffer(first_block + second_block)
++            members = self._get_members(ignore_zeros=True)
++            self.assertEqual(len(members), 1)
++            self.assertEqual(members[0].name, "filename")
++            self.assertEqual(members[0].offset, expected_offset)
++
++
+ def setUpModule():
+     os_helper.unlink(TEMPDIR)
+     os.makedirs(TEMPDIR)
+Index: Python-3.13.5/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ Python-3.13.5/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst	2025-08-01 22:13:45.525174751 +0200
+@@ -0,0 +1,3 @@
++:mod:`tarfile` now validates archives to ensure member offsets are
++non-negative.  (Contributed by Alexander Enrique Urieles Nieto in
++:gh:`130577`.)

bsc1243155-sphinx-non-determinism.patch

@@ -14,10 +14,10 @@ https://github.com/python/cpython/issues/130979
  Doc/tools/extensions/audit_events.py |   11 ++++++++---
  1 file changed, 8 insertions(+), 3 deletions(-)
 
-Index: Python-3.13.6/Doc/tools/extensions/audit_events.py
+Index: Python-3.13.5/Doc/tools/extensions/audit_events.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/audit_events.py	2025-08-07 12:16:58.257103336 +0200
-+++ Python-3.13.6/Doc/tools/extensions/audit_events.py	2025-08-07 12:17:02.709401389 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/audit_events.py	2025-07-02 15:51:58.388560540 +0200
++++ Python-3.13.5/Doc/tools/extensions/audit_events.py	2025-07-02 15:51:58.411254070 +0200
 @@ -72,8 +72,13 @@
              logger.warning(msg)
              return

doc-py38-to-py36.patch

@@ -27,10 +27,10 @@
  Doc/tools/extensions/pydoc_topics.py          |   22 +++++-----
  18 files changed, 159 insertions(+), 130 deletions(-)
 
-Index: Python-3.13.6/Doc/Makefile
+Index: Python-3.13.5/Doc/Makefile
 ===================================================================
---- Python-3.13.6.orig/Doc/Makefile	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/Makefile	2025-08-07 12:16:58.253706854 +0200
+--- Python-3.13.5.orig/Doc/Makefile	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/Makefile	2025-06-12 21:38:04.908380762 +0200
 @@ -14,15 +14,15 @@
  SOURCES      =
  DISTVERSION  = $(shell $(PYTHON) tools/extensions/patchlevel.py)
@@ -51,10 +51,10 @@ Index: Python-3.13.6/Doc/Makefile
                  $(PAPEROPT_$(PAPER)) \
                  $(SPHINXOPTS) $(SPHINXERRORHANDLING) \
                  . build/$(BUILDER) $(SOURCES)
-Index: Python-3.13.6/Doc/c-api/arg.rst
+Index: Python-3.13.5/Doc/c-api/arg.rst
 ===================================================================
---- Python-3.13.6.orig/Doc/c-api/arg.rst	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/c-api/arg.rst	2025-08-07 12:16:58.254160756 +0200
+--- Python-3.13.5.orig/Doc/c-api/arg.rst	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/c-api/arg.rst	2025-06-12 21:38:04.908705133 +0200
 @@ -334,7 +334,6 @@
     should raise an exception and leave the content of *address* unmodified.
  
@@ -63,10 +63,10 @@ Index: Python-3.13.6/Doc/c-api/arg.rst
  
     If the *converter* returns :c:macro:`!Py_CLEANUP_SUPPORTED`, it may get called a
     second time if the argument parsing eventually fails, giving the converter a
-Index: Python-3.13.6/Doc/c-api/typeobj.rst
+Index: Python-3.13.5/Doc/c-api/typeobj.rst
 ===================================================================
---- Python-3.13.6.orig/Doc/c-api/typeobj.rst	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/c-api/typeobj.rst	2025-08-07 12:16:58.254692184 +0200
+--- Python-3.13.5.orig/Doc/c-api/typeobj.rst	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/c-api/typeobj.rst	2025-06-12 21:38:04.908874058 +0200
 @@ -610,7 +610,7 @@
     Functions like :c:func:`PyObject_NewVar` will take the value of N as an
     argument, and store in the instance's :c:member:`~PyVarObject.ob_size` field.
@@ -97,10 +97,10 @@ Index: Python-3.13.6/Doc/c-api/typeobj.rst
     include :c:type:`PyObject` or :c:type:`PyVarObject` (depending on
     whether :c:member:`~PyVarObject.ob_size` should be included). These are
     usually defined by the macro :c:macro:`PyObject_HEAD` or
-Index: Python-3.13.6/Doc/conf.py
+Index: Python-3.13.5/Doc/conf.py
 ===================================================================
---- Python-3.13.6.orig/Doc/conf.py	2025-08-07 12:16:45.115568663 +0200
-+++ Python-3.13.6/Doc/conf.py	2025-08-07 12:16:58.255236531 +0200
+--- Python-3.13.5.orig/Doc/conf.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/conf.py	2025-06-12 21:38:04.909609597 +0200
 @@ -11,6 +11,8 @@
  from importlib import import_module
  from importlib.util import find_spec
@@ -127,7 +127,7 @@ Index: Python-3.13.6/Doc/conf.py
  '''
  
  manpages_url = 'https://manpages.debian.org/{path}'
-@@ -96,7 +98,7 @@
+@@ -92,7 +94,7 @@
  
  # Minimum version of sphinx required
  # Keep this version in sync with ``Doc/requirements.txt``.
@@ -136,7 +136,7 @@ Index: Python-3.13.6/Doc/conf.py
  
  # Create table of contents entries for domain objects (e.g. functions, classes,
  # attributes, etc.). Default is True.
-@@ -258,6 +260,9 @@
+@@ -323,6 +325,9 @@
  # Avoid a warning with Sphinx >= 4.0
  root_doc = 'contents'
  
@@ -146,7 +146,7 @@ Index: Python-3.13.6/Doc/conf.py
  # Allow translation of index directives
  gettext_additional_targets = [
      'index',
-@@ -297,7 +302,7 @@
+@@ -362,7 +367,7 @@
  # (See .readthedocs.yml and https://docs.readthedocs.io/en/stable/reference/environment-variables.html)
  is_deployment_preview = os.getenv("READTHEDOCS_VERSION_TYPE") == "external"
  repository_url = os.getenv("READTHEDOCS_GIT_CLONE_URL", "")
@@ -155,7 +155,7 @@ Index: Python-3.13.6/Doc/conf.py
  html_context = {
      "is_deployment_preview": is_deployment_preview,
      "repository_url": repository_url or None,
-@@ -542,6 +547,16 @@
+@@ -607,6 +612,16 @@
  }
  extlinks_detect_hardcoded_links = True
  
@@ -172,22 +172,22 @@ Index: Python-3.13.6/Doc/conf.py
  # Options for c_annotations extension
  # -----------------------------------
  
-Index: Python-3.13.6/Doc/library/doctest.rst
+Index: Python-3.13.5/Doc/library/doctest.rst
 ===================================================================
---- Python-3.13.6.orig/Doc/library/doctest.rst	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/library/doctest.rst	2025-08-07 12:16:58.255583157 +0200
-@@ -310,7 +310,6 @@
- .. currentmodule:: None
+--- Python-3.13.5.orig/Doc/library/doctest.rst	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/library/doctest.rst	2025-06-12 21:38:04.909944989 +0200
+@@ -308,7 +308,6 @@
+ searched.  Objects imported into the module are not searched.
  
  .. attribute:: module.__test__
 -   :no-typesetting:
  
- .. currentmodule:: doctest
- 
-Index: Python-3.13.6/Doc/library/email.compat32-message.rst
+ In addition, there are cases when you want tests to be part of a module but not part
+ of the help text, which requires that the tests not be included in the docstring.
+Index: Python-3.13.5/Doc/library/email.compat32-message.rst
 ===================================================================
---- Python-3.13.6.orig/Doc/library/email.compat32-message.rst	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/library/email.compat32-message.rst	2025-08-07 12:16:58.256095517 +0200
+--- Python-3.13.5.orig/Doc/library/email.compat32-message.rst	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/library/email.compat32-message.rst	2025-06-12 21:38:04.910320877 +0200
 @@ -7,7 +7,6 @@
     :synopsis: The base class representing email messages in a fashion
                backward compatible with Python 3.2
@@ -196,11 +196,11 @@ Index: Python-3.13.6/Doc/library/email.compat32-message.rst
  
  
  The :class:`Message` class is very similar to the
-Index: Python-3.13.6/Doc/library/xml.etree.elementtree.rst
+Index: Python-3.13.5/Doc/library/xml.etree.elementtree.rst
 ===================================================================
---- Python-3.13.6.orig/Doc/library/xml.etree.elementtree.rst	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/library/xml.etree.elementtree.rst	2025-08-07 12:16:58.256380542 +0200
-@@ -873,7 +873,6 @@
+--- Python-3.13.5.orig/Doc/library/xml.etree.elementtree.rst	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/library/xml.etree.elementtree.rst	2025-06-12 21:38:04.910594893 +0200
+@@ -874,7 +874,6 @@
  
  .. module:: xml.etree.ElementTree
     :noindex:
@@ -208,10 +208,10 @@ Index: Python-3.13.6/Doc/library/xml.etree.elementtree.rst
  
  .. class:: Element(tag, attrib={}, **extra)
  
-Index: Python-3.13.6/Doc/tools/check-warnings.py
+Index: Python-3.13.5/Doc/tools/check-warnings.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/check-warnings.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/check-warnings.py	2025-08-07 12:16:58.256796101 +0200
+--- Python-3.13.5.orig/Doc/tools/check-warnings.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/check-warnings.py	2025-06-12 21:38:04.910896050 +0200
 @@ -228,7 +228,8 @@
              print(filename)
              for warning in warnings:
@@ -231,10 +231,10 @@ Index: Python-3.13.6/Doc/tools/check-warnings.py
          for warning in warnings
          if "Doc/" in warning
      }
-Index: Python-3.13.6/Doc/tools/extensions/audit_events.py
+Index: Python-3.13.5/Doc/tools/extensions/audit_events.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/audit_events.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/audit_events.py	2025-08-07 12:16:58.257103336 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/audit_events.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/audit_events.py	2025-06-12 21:38:04.911151491 +0200
 @@ -1,9 +1,6 @@
  """Support for documenting audit events."""
  
@@ -370,10 +370,10 @@ Index: Python-3.13.6/Doc/tools/extensions/audit_events.py
      ) -> nodes.row:
          row = nodes.row()
          name_node = nodes.paragraph("", nodes.Text(name))
-Index: Python-3.13.6/Doc/tools/extensions/availability.py
+Index: Python-3.13.5/Doc/tools/extensions/availability.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/availability.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/availability.py	2025-08-07 12:16:58.257352322 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/availability.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/availability.py	2025-06-12 21:38:04.911376735 +0200
 @@ -1,8 +1,6 @@
  """Support for documenting platform availability"""
  
@@ -427,10 +427,10 @@ Index: Python-3.13.6/Doc/tools/extensions/availability.py
      app.add_directive("availability", Availability)
  
      return {
-Index: Python-3.13.6/Doc/tools/extensions/c_annotations.py
+Index: Python-3.13.5/Doc/tools/extensions/c_annotations.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/c_annotations.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/c_annotations.py	2025-08-07 12:16:58.257571556 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/c_annotations.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/c_annotations.py	2025-06-12 21:38:04.911575881 +0200
 @@ -9,22 +9,26 @@
  * Set ``stable_abi_file`` to the path to stable ABI list.
  """
@@ -568,10 +568,10 @@ Index: Python-3.13.6/Doc/tools/extensions/c_annotations.py
      return {
          "version": "1.0",
          "parallel_read_safe": True,
-Index: Python-3.13.6/Doc/tools/extensions/changes.py
+Index: Python-3.13.5/Doc/tools/extensions/changes.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/changes.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/changes.py	2025-08-07 12:16:58.257773818 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/changes.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/changes.py	2025-06-12 21:38:04.911758715 +0200
 @@ -1,7 +1,5 @@
  """Support for documenting version of changes, additions, deprecations."""
  
@@ -607,10 +607,10 @@ Index: Python-3.13.6/Doc/tools/extensions/changes.py
      # Override Sphinx's directives with support for 'next'
      app.add_directive("versionadded", PyVersionChange, override=True)
      app.add_directive("versionchanged", PyVersionChange, override=True)
-Index: Python-3.13.6/Doc/tools/extensions/glossary_search.py
+Index: Python-3.13.5/Doc/tools/extensions/glossary_search.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/glossary_search.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/glossary_search.py	2025-08-07 12:16:58.257959947 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/glossary_search.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/glossary_search.py	2025-06-12 21:38:04.911907976 +0200
 @@ -1,21 +1,27 @@
  """Feature search results for glossary items prominently."""
  
@@ -654,10 +654,10 @@ Index: Python-3.13.6/Doc/tools/extensions/glossary_search.py
      app.connect('doctree-resolved', process_glossary_nodes)
      app.connect('build-finished', write_glossary_json)
  
-Index: Python-3.13.6/Doc/tools/extensions/implementation_detail.py
+Index: Python-3.13.5/Doc/tools/extensions/implementation_detail.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/implementation_detail.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/implementation_detail.py	2025-08-07 12:16:58.258140488 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/implementation_detail.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/implementation_detail.py	2025-06-12 21:38:04.912061736 +0200
 @@ -1,17 +1,10 @@
  """Support for marking up implementation details."""
  
@@ -708,10 +708,10 @@ Index: Python-3.13.6/Doc/tools/extensions/implementation_detail.py
      app.add_directive("impl-detail", ImplementationDetail)
  
      return {
-Index: Python-3.13.6/Doc/tools/extensions/issue_role.py
+Index: Python-3.13.5/Doc/tools/extensions/issue_role.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/issue_role.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/issue_role.py	2025-08-07 12:16:58.258306293 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/issue_role.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/issue_role.py	2025-06-12 21:38:04.912236134 +0200
 @@ -1,22 +1,18 @@
  """Support for referencing issues in the tracker."""
  
@@ -757,10 +757,10 @@ Index: Python-3.13.6/Doc/tools/extensions/issue_role.py
      app.add_role("issue", BPOIssue())
      app.add_role("gh", GitHubIssue())
  
-Index: Python-3.13.6/Doc/tools/extensions/misc_news.py
+Index: Python-3.13.5/Doc/tools/extensions/misc_news.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/misc_news.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/misc_news.py	2025-08-07 12:16:58.258481107 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/misc_news.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/misc_news.py	2025-06-12 21:38:04.912390144 +0200
 @@ -1,7 +1,5 @@
  """Support for including Misc/NEWS."""
  
@@ -813,10 +813,10 @@ Index: Python-3.13.6/Doc/tools/extensions/misc_news.py
      app.add_directive("miscnews", MiscNews)
  
      return {
-Index: Python-3.13.6/Doc/tools/extensions/patchlevel.py
+Index: Python-3.13.5/Doc/tools/extensions/patchlevel.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/patchlevel.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/patchlevel.py	2025-08-07 12:16:58.258716335 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/patchlevel.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/patchlevel.py	2025-06-12 21:38:04.912563631 +0200
 @@ -3,7 +3,7 @@
  import re
  import sys
@@ -854,10 +854,10 @@ Index: Python-3.13.6/Doc/tools/extensions/patchlevel.py
      version = f"{info.major}.{info.minor}"
      release = f"{info.major}.{info.minor}.{info.micro}"
      if info.releaselevel != "final":
-Index: Python-3.13.6/Doc/tools/extensions/pydoc_topics.py
+Index: Python-3.13.5/Doc/tools/extensions/pydoc_topics.py
 ===================================================================
---- Python-3.13.6.orig/Doc/tools/extensions/pydoc_topics.py	2025-08-06 15:05:20.000000000 +0200
-+++ Python-3.13.6/Doc/tools/extensions/pydoc_topics.py	2025-08-07 12:16:58.258911962 +0200
+--- Python-3.13.5.orig/Doc/tools/extensions/pydoc_topics.py	2025-06-12 21:37:37.257659788 +0200
++++ Python-3.13.5/Doc/tools/extensions/pydoc_topics.py	2025-06-12 21:38:04.912726688 +0200
 @@ -1,21 +1,23 @@
  """Support for building "topic help" for pydoc."""
  

gh138131-exclude-pycache-from-digest.patch

@@ -1,30 +0,0 @@
-From 4bb41b28d5bac09bccd636d8c5fefe1a462f63a7 Mon Sep 17 00:00:00 2001
-From: Alm <alon.menczer@gmail.com>
-Date: Mon, 25 Aug 2025 08:56:38 +0300
-Subject: [PATCH 1/4] Exclude .pyc files from the computed digest in the jit
- stencils
-
----
- Tools/jit/_targets.py | 3 +++
- 1 file changed, 3 insertions(+)
-
-Index: Python-3.13.7/Tools/jit/_targets.py
-===================================================================
---- Python-3.13.7.orig/Tools/jit/_targets.py
-+++ Python-3.13.7/Tools/jit/_targets.py
-@@ -53,6 +53,9 @@ class _Target(typing.Generic[_S, _R]):
-         hasher.update(PYTHON_EXECUTOR_CASES_C_H.read_bytes())
-         hasher.update((out / "pyconfig.h").read_bytes())
-         for dirpath, _, filenames in sorted(os.walk(TOOLS_JIT)):
-+            # Exclude cache files from digest computation to ensure reproducible builds.
-+            if dirpath.endswith("__pycache__"):
-+                continue
-             for filename in filenames:
-                 hasher.update(pathlib.Path(dirpath, filename).read_bytes())
-         return hasher.hexdigest()
-Index: Python-3.13.7/Misc/NEWS.d/next/Build/2025-08-27-09-52-45.gh-issue-138061.fMVS9w.rst
-===================================================================
---- /dev/null
-+++ Python-3.13.7/Misc/NEWS.d/next/Build/2025-08-27-09-52-45.gh-issue-138061.fMVS9w.rst
-@@ -0,0 +1 @@
-+Ensure reproducible builds by making JIT stencil header generation deterministic.

gh139257-Support-docutils-0.22.patch

@@ -1,36 +0,0 @@
-From 19b61747df3d62c822285c488753d6fbdf91e3ac Mon Sep 17 00:00:00 2001
-From: Daniel Garcia Moreno <daniel.garcia@suse.com>
-Date: Tue, 23 Sep 2025 10:20:16 +0200
-Subject: [PATCH 1/2] gh-139257: Support docutils >= 0.22
-
----
- Doc/tools/extensions/pyspecific.py | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
-Index: Python-3.13.7/Doc/tools/extensions/pyspecific.py
-===================================================================
---- Python-3.13.7.orig/Doc/tools/extensions/pyspecific.py
-+++ Python-3.13.7/Doc/tools/extensions/pyspecific.py
-@@ -25,11 +25,21 @@ from sphinx.util.docutils import SphinxD
- SOURCE_URI = 'https://github.com/python/cpython/tree/3.13/%s'
- 
- # monkey-patch reST parser to disable alphabetic and roman enumerated lists
-+def _disable_alphabetic_and_roman(text):
-+    try:
-+        # docutils >= 0.22
-+        from docutils.parsers.rst.states import InvalidRomanNumeralError
-+        raise InvalidRomanNumeralError(text)
-+    except ImportError:
-+        # docutils < 0.22
-+        return None
-+
-+
- from docutils.parsers.rst.states import Body
- Body.enum.converters['loweralpha'] = \
-     Body.enum.converters['upperalpha'] = \
-     Body.enum.converters['lowerroman'] = \
--    Body.enum.converters['upperroman'] = lambda x: None
-+    Body.enum.converters['upperroman'] = _disable_alphabetic_and_roman
- 
- 
- class PyAwaitableMixin(object):

idle3.appdata.xml

@@ -1,16 +1,16 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
-<component type="desktop-application">
-  <id>org.python.IDLE3</id>
-  <launchable type="desktop-id">idle3.desktop</launchable>
-
+<!-- Copyright 2017 Zbigniew Jędrzejewski-Szmek -->
+<application>
+  <id type="desktop">idle3.desktop</id>
   <name>IDLE3</name>
+  <metadata_licence>CC0</metadata_licence>
+  <project_license>Python-2.0</project_license>
   <summary>Python 3 Integrated Development and Learning Environment</summary>
-
   <description>
     <p>
       IDLE is Python’s Integrated Development and Learning Environment.
-      The GUI is uniform between Windows, Unix, and macOS.
+      The GUI is uniform between Windows, Unix, and Mac OS X.
       IDLE provides an easy way to start writing, running, and debugging
       Python code.
     </p>
@@ -25,27 +25,11 @@
        <li>a debugger with persistent breakpoints, stepping, and viewing of global and local namespaces.</li>
     </ul>
   </description>
-
-  <developer id="org.python">
-    <name>Python Software Foundation</name>
-  </developer>
-
   <url type="homepage">https://docs.python.org/3/library/idle.html</url>
-
   <screenshots>
-    <screenshot type="default">
-      <image>https://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-main-window.png</image>
-    </screenshot>
-    <screenshot>
-      <image>https://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-class-browser.png</image>
-    </screenshot>
-    <screenshot>
-      <image>https://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-code-viewer.png</image>
-    </screenshot>
+    <screenshot type="default">http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-main-window.png</screenshot>
+    <screenshot>http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-class-browser.png</screenshot>
+    <screenshot>http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-code-viewer.png</screenshot>
   </screenshots>
-
-  <project_license>Python-2.0</project_license>
-  <metadata_license>CC0-1.0</metadata_license>
   <update_contact>zbyszek@in.waw.pl</update_contact>
-</component>
-
+</application>

python313.changes

@@ -1,444 +1,3 @@
--------------------------------------------------------------------
-Wed Oct 15 09:15:38 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
-
-- Update to 3.13.9:
-  - Library
-    - gh-139783: Fix inspect.getsourcelines() for the case when a
-      decorator is followed by a comment or an empty line.
-- Update to 3.13.8:
-  - macOS
-    - gh-124111: Update macOS installer to use Tcl/Tk 8.6.17.
-    - gh-139573: Updated bundled version of OpenSSL to 3.0.18.
-  - Windows
-    - gh-139573: Updated bundled version of OpenSSL to 3.0.18.
-    - gh-138896: Fix error installing C runtime on non-updated Windows
-      machines
-  - Tools/Demos
-    - gh-139330: SBOM generation tool didn’t cross-check the version
-      and checksum values against the Modules/expat/refresh.sh script,
-      leading to the values becoming out-of-date during routine
-      updates.
-    - gh-137873: The iOS test runner has been simplified, resolving
-      some issues that have been observed using the runner in GitHub
-      Actions and Azure Pipelines test environments.
-  - Tests
-    - gh-139208: Fix regrtest --fast-ci --verbose: don’t ignore the
-      --verbose option anymore. Patch by Victor Stinner.
-  - Security
-    - gh-139400: xml.parsers.expat: Make sure that parent Expat
-      parsers are only garbage-collected once they are no longer
-      referenced by subparsers created by
-      ExternalEntityParserCreate(). Patch by Sebastian Pipping.
-    - gh-139283: sqlite3: correctly handle maximum number of rows to
-      fetch in Cursor.fetchmany and reject negative values for
-      Cursor.arraysize. Patch by Bénédikt Tran.
-    - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser
-      according to the HTML5 standard: ] ]> and ]] > no longer end the
-      CDATA section. Add private method _set_support_cdata() which can
-      be used to specify how to parse <[CDATA[ — as a CDATA section in
-      foreign content (SVG or MathML) or as a bogus comment in the
-      HTML namespace.
-  - Library
-    - gh-139312: Upgrade bundled libexpat to 2.7.3
-    - gh-139289: Do a real lazy-import on rlcompleter in pdb and
-      restore the existing completer after importing rlcompleter.
-    - gh-139210: Fix use-after-free when reporting unknown event in
-      xml.etree.ElementTree.iterparse(). Patch by Ken Jin.
-    - gh-138860: Lazy import rlcompleter in pdb to avoid deadlock in
-      subprocess.
-    - gh-112729: Fix crash when calling _interpreters.create when the
-      process is out of memory.
-    - gh-139076: Fix a bug in the pydoc module that was hiding
-      functions in a Python module if they were implemented in an
-      extension module and the module did not have __all__.
-    - gh-138998: Update bundled libexpat to 2.7.2
-    - gh-130567: Fix possible crash in locale.strxfrm() due to a
-      platform bug on macOS.
-    - gh-138779: Support device numbers larger than 2**63-1 for the
-      st_rdev field of the os.stat_result structure.
-    - gh-128636: Fix crash in PyREPL when os.environ is overwritten
-      with an invalid value for mac
-    - gh-88375: Fix normalization of the robots.txt rules and URLs in
-      the urllib.robotparser module. No longer ignore trailing ?.
-      Distinguish raw special characters ?, = and & from the
-      percent-encoded ones.
-    - gh-138515: email is added to Emscripten build.
-    - gh-111788: Fix parsing errors in the urllib.robotparser module.
-      Don’t fail trying to parse weird paths. Don’t fail trying to
-      decode non-UTF-8 robots.txt files.
-    - gh-138432: zoneinfo.reset_tzpath() will now convert any
-      os.PathLike objects it receives into strings before adding them
-      to TZPATH. It will raise TypeError if anything other than a
-      string is found after this conversion. If given an os.PathLike
-      object that represents a relative path, it will now raise
-      ValueError instead of TypeError, and present a more informative
-      error message.
-    - gh-138008: Fix segmentation faults in the ctypes module due to
-      invalid argtypes. Patch by Dung Nguyen.
-    - gh-60462: Fix locale.strxfrm() on Solaris (and possibly other
-      platforms).
-    - gh-138204: Forbid expansion of shared anonymous memory maps on
-      Linux, which caused a bus error.
-    - gh-138010: Fix an issue where defining a class with a
-      @warnings.deprecated-decorated base class may not invoke the
-      correct __init_subclass__() method in cases involving multiple
-      inheritance. Patch by Brian Schubert.
-    - gh-138133: Prevent infinite traceback loop when sending CTRL^C
-      to Python through strace.
-    - gh-134869: Fix an issue where pressing Ctrl+C during tab
-      completion in the REPL would leave the autocompletion menu in a
-      corrupted state.
-    - gh-137317: inspect.signature() now correctly handles classes
-      that use a descriptor on a wrapped __init__() or __new__()
-      method. Contributed by Yongyu Yan.
-    - gh-137754: Fix import of the zoneinfo module if the C
-      implementation of the datetime module is not available.
-    - gh-137490: Handle ECANCELED in the same way as EINTR in
-      signal.sigwaitinfo() on NetBSD.
-    - gh-137477: Fix inspect.getblock(), inspect.getsourcelines() and
-      inspect.getsource() for generator expressions.
-    - gh-137017: Fix threading.Thread.is_alive to remain True until
-      the underlying OS thread is fully cleaned up. This avoids false
-      negatives in edge cases involving thread monitoring or premature
-      threading.Thread.is_alive calls.
-    - gh-136134: SMTP.auth_cram_md5() now raises an SMTPException
-      instead of a ValueError if Python has been built without MD5
-      support. In particular, SMTP clients will not attempt to use
-      this method even if the remote server is assumed to support it.
-      Patch by Bénédikt Tran.
-    - gh-136134: IMAP4.login_cram_md5 now raises an IMAP4.error if
-      CRAM-MD5 authentication is not supported. Patch by Bénédikt
-      Tran.
-    - gh-135386: Fix opening a dbm.sqlite3 database for reading from
-      read-only file or directory.
-    - gh-126631: Fix multiprocessing forkserver bug which prevented
-      __main__ from being preloaded.
-    - gh-123085: In a bare call to importlib.resources.files(), ensure
-      the caller’s frame is properly detected when importlib.resources
-      is itself available as a compiled module only (no source).
-    - gh-118981: Fix potential hang in
-      multiprocessing.popen_spawn_posix that can happen when the child
-      proc dies early by closing the child fds right away.
-    - gh-78319: UTF8 support for the IMAP APPEND command has been made
-      RFC compliant.
-    - bpo-38735: Fix failure when importing a module from the root
-      directory on unix-like platforms with sys.pycache_prefix set.
-    - bpo-41839: Allow negative priority values from
-      os.sched_get_priority_min() and os.sched_get_priority_max()
-      functions.
-  - Core and Builtins
-    - gh-134466: Don’t run PyREPL in a degraded environment where
-      setting termios attributes is not allowed.
-    - gh-71810: Raise OverflowError for (-1).to_bytes() for signed
-      conversions when bytes count is zero. Patch by Sergey B
-      Kirpichev.
-    - gh-105487: Remove non-existent __copy__(), __deepcopy__(), and
-      __bases__ from the __dir__() entries of types.GenericAlias.
-    - gh-134163: Fix a hang when the process is out of memory inside
-      an exception handler.
-    - gh-138479: Fix a crash when a generic object’s __typing_subst__
-      returns an object that isn’t a tuple.
-    - gh-137576: Fix for incorrect source code being shown in
-      tracebacks from the Basic REPL when PYTHONSTARTUP is given.
-      Patch by Adam Hartz.
-    - gh-132744: Certain calls now check for runaway recursion and
-      respect the system recursion limit.
-  - C API
-    - gh-87135: Attempting to acquire the GIL after runtime
-      finalization has begun in a different thread now causes the
-      thread to hang rather than terminate, which avoids potential
-      crashes or memory corruption caused by attempting to terminate a
-      thread that is running code not specifically designed to support
-      termination. In most cases this hanging is harmless since the
-      process will soon exit anyway.
-      While not officially marked deprecated until 3.14,
-      PyThread_exit_thread is no longer called internally and remains
-      solely for interface compatibility. Its behavior is inconsistent
-      across platforms, and it can only be used safely in the unlikely
-      case that every function in the entire call stack has been
-      designed to support the platform-dependent termination
-      mechanism. It is recommended that users of this function change
-      their design to not require thread termination. In the unlikely
-      case that thread termination is needed and can be done safely,
-      users may migrate to calling platform-specific APIs such as
-      pthread_exit (POSIX) or _endthreadex (Windows) directly.
-  - Build
-    - gh-135734: Python can correctly be configured and built with
-      ./configure --enable-optimizations --disable-test-modules.
-      Previously, the profile data generation step failed due to PGO
-      tests where immortalization couldn’t be properly suppressed.
-      Patch by Bénédikt Tran.
-
--------------------------------------------------------------------
-Mon Sep 29 06:52:07 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
-
-- Add gh139257-Support-docutils-0.22.patch to fix build with latest
-  docutils (>=0.22) gh#python/cpython#139257
-
--------------------------------------------------------------------
-Mon Sep 22 06:41:53 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
-
-- Drop AppStream: this results in a different cycle than
-  appstream-glib. As the appdata.xml is controlled by ourselves, we
-  can get away with just manually validating it when changing it.
-
--------------------------------------------------------------------
-Thu Sep 18 08:15:31 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
-
-- Require AppStream to validate appdata file instead of deprecated
-  appstream-glib.
-- Update idle3.appdata.xml to pass the more pedantic appstreamcli.
-
--------------------------------------------------------------------
-Tue Sep  9 10:11:58 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
-
-- Add gh138131-exclude-pycache-from-digest.patch fixing reproducible
-  build for python-nogil.
-  (bsc#1244680, gh#python/cpython#138131)
-
--------------------------------------------------------------------
-Fri Aug 15 12:31:08 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
-
-- Update to 3.13.7:
-  - gh-137583: Fix a deadlock introduced in 3.13.6 when a call
-    to ssl.SSLSocket.recv was blocked in one thread, and then
-    another method on the object (such as ssl.SSLSocket.send) was
-    subsequently called in another thread.
-  - gh-137044: Return large limit values as positive integers
-    instead of negative integers in resource.getrlimit().
-    Accept large values and reject negative values (except
-    RLIM_INFINITY) for limits in resource.setrlimit().
-  - gh-136914: Fix retrieval of doctest.DocTest.lineno
-    for objects decorated with functools.cache() or
-    functools.cached_property.
-  - gh-131788: Make ResourceTracker.send from multiprocessing
-    re-entrant safe
-  - gh-136155: We are now checking for fatal errors in EPUB
-    builds in CI.
-  - gh-137400: Fix a crash in the free threading build when
-    disabling profiling or tracing across all threads with
-    PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads()
-    or their Python equivalents threading.settrace_all_threads()
-    and threading.setprofile_all_threads().
-- Remove upstreamed patch:
-  - gh137583-only-lock-SSL-context.patch
-
--------------------------------------------------------------------
-Tue Aug 12 09:16:40 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
-
-- Add gh137583-only-lock-SSL-context.patch fixing the
-  regression in 3.13.6 by breaking non-blocking TLS connections
-  (gh#python/cpython#137583).
-
--------------------------------------------------------------------
-Thu Aug  7 10:08:11 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
-
-- Update to 3.13.6:
-  - Security
-    - gh-135661: Fix parsing start and end tags in
-      html.parser.HTMLParser according to the HTML5 standard.
-        - Whitespaces no longer accepted between </ and the tag
-          name. E.g. </ script> does not end the script section.
-        - Vertical tabulation (\v) and non-ASCII whitespaces no
-          longer recognized as whitespaces. The only whitespaces
-          are \t\n\r\f and space.
-        - Null character (U+0000) no longer ends the tag name.
-        - Attributes and slashes after the tag name in end tags
-          are now ignored, instead of terminating after the first
-          > in quoted attribute value. E.g. </script/foo=">"/>.
-        - Multiple slashes and whitespaces between the last
-          attribute and closing > are now ignored in both start
-          and end tags. E.g. <a foo=bar/ //>.
-        - Multiple = between attribute name and value are no
-          longer collapsed. E.g. <a foo==bar> produces attribute
-          “foo” with value “=bar”.
-    - gh-102555: Fix comment parsing in html.parser.HTMLParser
-      according to the HTML5 standard. --!> now ends the comment.
-      -- > no longer ends the comment. Support abnormally ended
-      empty comments <--> and <--->.
-    - gh-135462: Fix quadratic complexity in processing specially
-      crafted input in html.parser.HTMLParser. End-of-file errors
-      are now handled according to the HTML5 specs – comments and
-      declarations are automatically closed, tags are ignored
-      (CVE-2025-6069, bsc#1244705).
-    - gh-118350: Fix support of escapable raw text mode (elements
-      “textarea” and “title”) in html.parser.HTMLParser.
-  - Core and Builtins
-    - gh-58124: Fix name of the Python encoding in Unicode errors
-      of the code page codec: use “cp65000” and “cp65001” instead
-      of “CP_UTF7” and “CP_UTF8” which are not valid Python code
-      names. Patch by Victor Stinner.
-    - gh-137314: Fixed a regression where raw f-strings
-      incorrectly interpreted escape sequences in format
-      specifications. Raw f-strings now properly preserve literal
-      backslashes in format specs, matching the behavior from
-      Python 3.11. For example, rf"{obj:\xFF}" now correctly
-      produces '\\xFF' instead of 'ÿ'. Patch by Pablo Galindo.
-    - gh-136541: Fix some issues with the perf trampolines
-      on x86-64 and aarch64. The trampolines were not being
-      generated correctly for some cases, which could lead to
-      the perf integration not working correctly. Patch by Pablo
-      Galindo.
-    - gh-109700: Fix memory error handling in
-      PyDict_SetDefault().
-    - gh-78465: Fix error message for cls.__new__(cls, ...) where
-      cls is not instantiable builtin or extension type (with
-      tp_new set to NULL).
-    - gh-135871: Non-blocking mutex lock attempts now return
-      immediately when the lock is busy instead of briefly
-      spinning in the free threading build.
-    - gh-135607: Fix potential weakref races in an object’s
-      destructor on the free threaded build.
-    - gh-135496: Fix typo in the f-string conversion type error
-      (“exclamanation” -> “exclamation”).
-    - gh-130077: Properly raise custom syntax errors when
-      incorrect syntax containing names that are prefixes of soft
-      keywords is encountered. Patch by Pablo Galindo.
-    - gh-135148: Fixed a bug where f-string debug expressions
-      (using =) would incorrectly strip out parts of strings
-      containing escaped quotes and # characters. Patch by Pablo
-      Galindo.
-    - gh-133136: Limit excess memory usage in the free threading
-      build when a large dictionary or list is resized and
-      accessed by multiple threads.
-    - gh-132617: Fix dict.update() modification check that could
-      incorrectly raise a “dict mutated during update” error when
-      a different dictionary was modified that happens to share
-      the same underlying keys object.
-    - gh-91153: Fix a crash when a bytearray is concurrently
-      mutated during item assignment.
-    - gh-127971: Fix off-by-one read beyond the end of a string
-      in string search.
-    - gh-125723: Fix crash with gi_frame.f_locals when generator
-      frames outlive their generator. Patch by Mikhail Efimov.
-  - Library
-    - gh-132710: If possible, ensure that uuid.getnode()
-      returns the same result even across different processes.
-      Previously, the result was constant only within the same
-      process. Patch by Bénédikt Tran.
-    - gh-137273: Fix debug assertion failure in
-      locale.setlocale() on Windows.
-    - gh-137257: Bump the version of pip bundled in ensurepip to
-      version 25.2
-    - gh-81325: tarfile.TarFile now accepts a path-like when
-      working on a tar archive. (Contributed by Alexander Enrique
-      Urieles Nieto in gh-81325.)
-    - gh-130522: Fix unraisable TypeError raised during
-      interpreter shutdown in the threading module.
-    - gh-130577: tarfile now validates archives to ensure member
-      offsets are non-negative. (Contributed by Alexander Enrique
-      Urieles Nieto in gh-130577; CVE-2025-8194, bsc#1247249).
-    - gh-136549: Fix signature of threading.excepthook().
-    - gh-136523: Fix wave.Wave_write emitting an unraisable when
-      open raises.
-    - gh-52876: Add missing keepends (default True)
-      parameter to codecs.StreamReaderWriter.readline() and
-      codecs.StreamReaderWriter.readlines().
-    - gh-85702: If zoneinfo._common.load_tzdata is given a
-      package without a resource a zoneinfo.ZoneInfoNotFoundError
-      is raised rather than a PermissionError. Patch by Victor
-      Stinner.
-    - gh-134759: Fix UnboundLocalError in
-      email.message.Message.get_payload() when the payload to
-      decode is a bytes object. Patch by Kliment Lamonov.
-    - gh-136028: Fix parsing month names containing “İ” (U+0130,
-      LATIN CAPITAL LETTER I WITH DOT ABOVE) in time.strptime().
-      This affects locales az_AZ, ber_DZ, ber_MA and crh_UA.
-    - gh-135995: In the palmos encoding, make byte 0x9b decode to
-      › (U+203A - SINGLE RIGHT-POINTING ANGLE QUOTATION MARK).
-    - gh-53203: Fix time.strptime() for %c and %x formats on
-      locales byn_ER, wal_ET and lzh_TW, and for %X format on
-      locales ar_SA, bg_BG and lzh_TW.
-    - gh-91555: An earlier change, which was introduced in
-      3.13.4, has been reverted. It disabled logging for a logger
-      during handling of log messages for that logger. Since the
-      reversion, the behaviour should be as it was before 3.13.4.
-    - gh-135878: Fixes a crash of types.SimpleNamespace on free
-      threading builds, when several threads were calling its
-      __repr__() method at the same time.
-    - gh-135836: Fix IndexError in
-      asyncio.loop.create_connection() that could occur when
-      non-OSError exception is raised during connection and
-      socket’s close() raises OSError.
-    - gh-135836: Fix IndexError in
-      asyncio.loop.create_connection() that could occur when the
-      Happy Eyeballs algorithm resulted in an empty exceptions
-      list during connection attempts.
-    - gh-135855: Raise TypeError instead of SystemError when
-      _interpreters.set___main___attrs() is passed a non-dict
-      object. Patch by Brian Schubert.
-    - gh-135815: netrc: skip security checks if os.getuid() is
-      missing. Patch by Bénédikt Tran.
-    - gh-135640: Address bug where it was possible to call
-      xml.etree.ElementTree.ElementTree.write() on an ElementTree
-      object with an invalid root element. This behavior blanked
-      the file passed to write if it already existed.
-    - gh-135444: Fix asyncio.DatagramTransport.sendto() to
-      account for datagram header size when data cannot be sent.
-    - gh-135497: Fix os.getlogin() failing for longer usernames
-      on BSD-based platforms.
-    - gh-135487: Fix reprlib.Repr.repr_int() when given integers
-      with more than sys.get_int_max_str_digits() digits. Patch
-      by Bénédikt Tran.
-    - gh-135335: multiprocessing: Flush stdout and stderr after
-      preloading modules in the forkserver.
-    - gh-135244: uuid: when the MAC address cannot be
-      determined, the 48-bit node ID is now generated with a
-      cryptographically-secure pseudo-random number generator
-      (CSPRNG) as per RFC 9562, §6.10.3. This affects uuid1().
-    - gh-135069: Fix the “Invalid error handling” exception in
-      encodings.idna.IncrementalDecoder to correctly replace the
-      ‘errors’ parameter.
-    - gh-134698: Fix a crash when calling methods of
-      ssl.SSLContext or ssl.SSLSocket across multiple threads.
-    - gh-132124: On POSIX-compliant systems,
-      multiprocessing.util.get_temp_dir() now ignores TMPDIR
-      (and similar environment variables) if the path length of
-      AF_UNIX socket files exceeds the platform-specific maximum
-      length when using the forkserver start method. Patch by
-      Bénédikt Tran.
-    - gh-133439: Fix dot commands with trailing spaces are
-      mistaken for multi-line SQL statements in the sqlite3
-      command-line interface.
-    - gh-132969: Prevent the ProcessPoolExecutor executor thread,
-      which remains running when shutdown(wait=False), from
-      attempting to adjust the pool’s worker processes after
-      the object state has already been reset during shutdown.
-      A combination of conditions, including a worker process
-      having terminated abormally, resulted in an exception and
-      a potential hang when the still-running executor thread
-      attempted to replace dead workers within the pool.
-    - gh-130664: Support the '_' digit separator in formatting
-      of the integral part of Decimal’s. Patch by Sergey B
-      Kirpichev.
-    - gh-85702: If zoneinfo._common.load_tzdata is given a
-      package without a resource a ZoneInfoNotFoundError is
-      raised rather than a IsADirectoryError.
-    - gh-130664: Handle corner-case for Fraction’s formatting:
-      treat zero-padding (preceding the width field by a zero
-      ('0') character) as an equivalent to a fill character of
-      '0' with an alignment type of '=', just as in case of
-      float’s.
-  - Tools/Demos
-    - gh-135968: Stubs for strip are now provided as part of an
-      iOS install.
-  - Tests
-    - gh-135966: The iOS testbed now handles the app_packages
-      folder as a site directory.
-    - gh-135494: Fix regrtest to support excluding tests from
-      --pgo tests. Patch by Victor Stinner.
-    - gh-135489: Show verbose output for failing tests during PGO
-      profiling step with –enable-optimizations.
-  - Documentation
-    - gh-135171: Document that the iterator for the leftmost for
-      clause in the generator expression is created immediately.
-  - Build
-    - gh-135497: Fix the detection of MAXLOGNAME in the
-      configure.ac script.
-- Remove upstreamed patches:
-  - CVE-2025-8194-tarfile-no-neg-offsets.patch
-  - CVE-2025-6069-quad-complex-HTMLParser.patch
-
 -------------------------------------------------------------------
 Fri Aug  1 20:09:24 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
 

python313.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python313
 #
-# Copyright (c) 2025 SUSE LLC and contributors
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -167,7 +167,7 @@
 # _md5.cpython-38m-x86_64-linux-gnu.so
 %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
 Name:           %{python_pkg_name}%{psuffix}
-Version:        3.13.9
+Version:        3.13.5
 %define         tarversion %{version}
 %define         tarname    Python-%{tarversion}
 Release:        0
@@ -231,10 +231,12 @@ Patch42:        gh126985-mv-pyvenv.cfg2getpath.patch
 # PATCH-FIX-UPSTREAM bsc1243155-sphinx-non-determinism.patch bsc#1243155 mcepl@suse.com
 # Doc: Generate ids for audit_events using docname
 Patch43:        bsc1243155-sphinx-non-determinism.patch
-# PATCH-FIX-UPSTREAM gh138131-exclude-pycache-from-digest.patch bsc#1244680 daniel.garcia@suse.com
-Patch44:        gh138131-exclude-pycache-from-digest.patch
-# PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 daniel.garcia@suse.com
-Patch45:        gh139257-Support-docutils-0.22.patch
+# PATCH-FIX-UPSTREAM CVE-2025-6069-quad-complex-HTMLParser.patch bsc#1244705 mcepl@suse.com
+# avoid quadratic complexity when processing malformed inputs with HTMLParser
+Patch44:        CVE-2025-6069-quad-complex-HTMLParser.patch
+# PATCH-FIX-UPSTREAM CVE-2025-8194-tarfile-no-neg-offsets.patch bsc#1247249 mcepl@suse.com
+# tarfile now validates archives to ensure member offsets are non-negative
+Patch45:        CVE-2025-8194-tarfile-no-neg-offsets.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  fdupes
@@ -289,6 +291,8 @@ ExcludeArch:    aarch64
 %endif
 
 %if %{with general}
+# required for idle3 (.desktop and .appdata.xml files)
+BuildRequires:  appstream-glib
 BuildRequires:  gcc-c++
 BuildRequires:  gdbm-devel
 BuildRequires:  gettext
@@ -555,7 +559,7 @@ rm Lib/site-packages/README.txt
 tar xvf %{SOURCE21}
 
 # Don't fail on warnings when building documentation
-sed -i -e '/^SPHINXERRORHANDLING/s/--fail-on-warning//' Doc/Makefile
+# sed -i -e '/^SPHINXERRORHANDLING/s/-W//' Doc/Makefile
 
 %build
 export SUSE_VERSION="0%{?suse_version}"
@@ -780,6 +784,7 @@ install -m 644 -D -t %{buildroot}%{_datadir}/applications idle%{python_abi}.desk
 cp %{SOURCE20} idle%{python_abi}.appdata.xml
 sed -i -e 's:idle3.desktop:idle%{python_abi}.desktop:g' idle%{python_abi}.appdata.xml
 install -m 644 -D -t %{buildroot}%{_datadir}/metainfo idle%{python_abi}.appdata.xml
+appstream-util validate-relax --nonet %{buildroot}%{_datadir}/metainfo/idle%{python_abi}.appdata.xml
 
 %fdupes %{buildroot}/%{_libdir}/python%{python_abi}
 %endif