Matej Cepl
9921186373
- Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-113659: Skip .pth files with names starting with a dot
or hidden file attribute.
- Core and Builtins
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
codecs read out of bounds
- Library
- gh-115197: urllib.request no longer resolves the hostname
before checking it against the system’s proxy bypass list
on macOS and Windows.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-81194: Fix a crash in socket.if_indextoname() with
specific value (UINT_MAX). Fix an integer overflow in
socket.if_indextoname() on 64-bit non-Windows platforms.
- gh-109858: Protect zipfile from “quoted-overlap”
zipbomb. It now raises BadZipFile when try to read an entry
that overlaps with other entry or central directory.
- gh-107077: Seems that in some conditions, OpenSSL will
return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL
when a certification verification has failed, but
the error parameters will still contain ERR_LIB_SSL
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=149
16 lines
467 B
Diff
16 lines
467 B
Diff
---
|
|
Lib/site.py | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
--- a/Lib/site.py
|
|
+++ b/Lib/site.py
|
|
@@ -77,7 +77,7 @@ import io
|
|
import stat
|
|
|
|
# Prefixes for site-packages; add additional prefixes like /usr/local here
|
|
-PREFIXES = [sys.prefix, sys.exec_prefix]
|
|
+PREFIXES = [sys.prefix, sys.exec_prefix, '/usr/local']
|
|
# Enable per user site-packages directory
|
|
# set it to False to disable the feature or True to force the feature
|
|
ENABLE_USER_SITE = None
|