pool/python39
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 874156 from devel:languages:python:Factory

Browse Source 
- Update to 3.9.2:
  - bpo#42938 (bsc#1181126): Avoid static buffers when computing
    the repr of ctypes.c_double and ctypes.c_longdouble
    values. This issue was assigned CVE-2021-3177.
  - bpo#42967 (bso#1182379): Fix web cache poisoning
    vulnerability by defaulting the query args separator to &,
    and allowing the user to choose a custom separator. This
    issue was assigned CVE-2021-23336.
- Upstreamed patches were removed:
  - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
  - bsc1167501-invalid-alignment.patch
  - skip_random_failing_tests.patch
  - CVE-2019-5010-null-defer-x509-cert-DOS.patch

OBS-URL: https://build.opensuse.org/request/show/874156
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python39?expand=0&rev=13
This commit is contained in:
Richard Brown 2021-02-25 17:26:50 +00:00 committed by Git OBS Bridge
commit 8fdf4ffd00
12 changed files with 50 additions and 506 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2019-5010-null-defer-x509-cert-DOS.patch
View File

@ -1,59 +0,0 @@
From a37f52436f9aa4b9292878b72f3ff1480e2606c3 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Tue, 15 Jan 2019 23:47:42 +0100
Subject: [PATCH] bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue35746
---
Lib/test/talos-2019-0758.pem | 22 +++++++++++++++++++
Lib/test/test_ssl.py | 22 +++++++++++++++++++
.../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +++
Modules/_ssl.c | 4 ++++
4 files changed, 51 insertions(+)
create mode 100644 Lib/test/talos-2019-0758.pem
create mode 100644 Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -470,6 +470,27 @@ class BasicSocketTests(unittest.TestCase
}
)
+ def test_parse_cert_CVE_2019_5010(self):
+ p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP)
+ if support.verbose:
+ sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+ self.assertEqual(
+ p,
+ {
+ 'issuer': (
+ (('countryName', 'UK'),), (('commonName', 'cody-ca'),)),
+ 'notAfter': 'Jun 14 18:00:58 2028 GMT',
+ 'notBefore': 'Jun 18 18:00:58 2018 GMT',
+ 'serialNumber': '02',
+ 'subject': ((('countryName', 'UK'),),
+ (('commonName',
+ 'codenomicon-vm-2.test.lal.cisco.com'),)),
+ 'subjectAltName': (
+ ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),),
+ 'version': 3
+ }
+ )
+
def test_parse_cert_CVE_2013_4238(self):
p = ssl._ssl._test_decode_cert(NULLBYTECERT)
if support.verbose:
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
@@ -0,0 +1,3 @@
+[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
+not handle CRL distribution points with empty DP or URI correctly. A
+malicious or buggy certificate can result into segfault.

176
CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
View File

@ -1,176 +0,0 @@
From 34df10a9a16b38d54421eeeaf73ec89828563be7 Mon Sep 17 00:00:00 2001
From: Benjamin Peterson <benjamin@python.org>
Date: Mon, 18 Jan 2021 15:11:46 -0600
Subject: [PATCH] [3.6] closes bpo-42938: Replace snprintf with Python unicode
formatting in ctypes param reprs. (GH-24250)
(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
---
Lib/ctypes/test/test_parameters.py | 43 +++++++++++++++
.../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
Modules/_ctypes/callproc.c | 55 +++++++------------
3 files changed, 66 insertions(+), 34 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
--- a/Lib/ctypes/test/test_parameters.py
+++ b/Lib/ctypes/test/test_parameters.py
@@ -201,6 +201,49 @@ class SimpleTypesTestCase(unittest.TestC
with self.assertRaises(ZeroDivisionError):
WorseStruct().__setstate__({}, b'foo')
+ def test_parameter_repr(self):
+ from ctypes import (
+ c_bool,
+ c_char,
+ c_wchar,
+ c_byte,
+ c_ubyte,
+ c_short,
+ c_ushort,
+ c_int,
+ c_uint,
+ c_long,
+ c_ulong,
+ c_longlong,
+ c_ulonglong,
+ c_float,
+ c_double,
+ c_longdouble,
+ c_char_p,
+ c_wchar_p,
+ c_void_p,
+ )
+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam '[liq]' \(20000\)>$")
+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam '[LIQ]' \(20000\)>$")
+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd' (1e+300)>")
+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d' \(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P' \(0x0*12\)>$")
+
################################################################
if __name__ == '__main__':
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
@@ -0,0 +1,2 @@
+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
+:class:`ctypes.c_longdouble` values.
--- a/Modules/_ctypes/callproc.c
+++ b/Modules/_ctypes/callproc.c
@@ -489,58 +489,47 @@ is_literal_char(unsigned char c)
static PyObject *
PyCArg_repr(PyCArgObject *self)
{
- char buffer[256];
switch(self->tag) {
case 'b':
case 'B':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.b);
- break;
case 'h':
case 'H':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.h);
- break;
case 'i':
case 'I':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.i);
- break;
case 'l':
case 'L':
- sprintf(buffer, "<cparam '%c' (%ld)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
self->tag, self->value.l);
- break;
case 'q':
case 'Q':
- sprintf(buffer,
-#ifdef MS_WIN32
- "<cparam '%c' (%I64d)>",
-#else
- "<cparam '%c' (%lld)>",
-#endif
+ return PyUnicode_FromFormat("<cparam '%c' (%lld)>",
self->tag, self->value.q);
- break;
case 'd':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.d);
- break;
- case 'f':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.f);
- break;
-
+ case 'f': {
+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f : self->value.d);
+ if (f == NULL) {
+ return NULL;
+ }
+ PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>", self->tag, f);
+ Py_DECREF(f);
+ return result;
+ }
case 'c':
if (is_literal_char((unsigned char)self->value.c)) {
- sprintf(buffer, "<cparam '%c' ('%c')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
self->tag, self->value.c);
}
else {
- sprintf(buffer, "<cparam '%c' ('\\x%02x')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('\\x%02x')>",
self->tag, (unsigned char)self->value.c);
}
- break;
/* Hm, are these 'z' and 'Z' codes useful at all?
Shouldn't they be replaced by the functionality of c_string
@@ -549,22 +538,19 @@ PyCArg_repr(PyCArgObject *self)
case 'z':
case 'Z':
case 'P':
- sprintf(buffer, "<cparam '%c' (%p)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
self->tag, self->value.p);
- break;
default:
if (is_literal_char((unsigned char)self->tag)) {
- sprintf(buffer, "<cparam '%c' at %p>",
+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
(unsigned char)self->tag, (void *)self);
}
else {
- sprintf(buffer, "<cparam 0x%02x at %p>",
+ return PyUnicode_FromFormat("<cparam 0x%02x at %p>",
(unsigned char)self->tag, (void *)self);
}
- break;
}
- return PyUnicode_FromString(buffer);
}
static PyMemberDef PyCArgType_members[] = {

3
Python-3.9.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:991c3f8ac97992f3d308fefeb03a64db462574eadbff34ce8bc5bb583d9903ff
size 18897104

16
Python-3.9.1.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE4/8oOcBIslwITevpsmmV4xAlBWgFAl/OrqwACgkQsmmV4xAl
BWiIBA/+KZRy2DZuIxbe9JJyRBAPXnXvYfWr/jmzbvjWz4JCBU9ki8vTo9GOXr55
Sd5ThpUUptVwnTfq/kvKOzZPeHNGiH3h4qFfTS5ilFt5jlIx4QieOL2NrrbN6R3m
RnPyVse6Af9XVbftJRxp+M1BWwSxbebVe4/aWlobeAQYcyuxyVpfuV1diHQRNgum
0yGaYCFSATHaNz5RUDV87u3yqSZagI0vr9NV+CoLxBCz7cHXD+tKk0A3JAP5pQNO
MZkW16TdI5ZCaFDdDp1pgPDUMrhrUfoMqfqVQ7FEPztlnlhZXz6O926Qkj0XFxqZ
tGZnQw5vneUa1s46Mnqx0kROiBjAp2YFSTySFMAzjzt4ozSDwL8aPOLPo9IIzwpM
L0J2GIFRPiBPEJLaTgrPfI85FiJyXMAxNtJaYFiFixy0llbTcNEo5AA8pEKHxtIW
p/LKVOUz7ZLTzflKIEpiONUIum5su9a/K4sYJAYR+YSDQDtscM3J8HAn4TETU2Qz
LHAPfKHPBEtBMxGCHRqNzuy+r+VudlimJPG+8h3sCLXXYew83T9VDrop7BW62x86
X6W637fPMYqK0KCDwnoomwELNR+rsh9Et3dije79nsqVkViK206y9rqFdmYZMgVD
F2q8tpNe9Z18YZZbjiijIlaSZqexZBFOiWvMfYNyTRJcyeRHm5o=
=5dH0
-----END PGP SIGNATURE-----

3
Python-3.9.2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3c2034c54f811448f516668dce09d24008a0716c3a794dd8639b5388cbde247d
size 18889164

16
Python-3.9.2.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE4/8oOcBIslwITevpsmmV4xAlBWgFAmAvyCoACgkQsmmV4xAl
BWhP7g//XBDQxNrjEaLSBfGy8tGbNPqlrBAOWsuH02JzvRXnr2gBX2m8TfaUSAnq
8Kzafrpsfw0+7LFoPfrp+YwUO5k2WprovW9Iw+LoUM0d5DABL/gXKwVb0j9i8nRj
uaPLzX9SRnCQQPfYQW/5wRFIm+/aqz4fx93k3Gw0AfeYh9Ka1pUJOCxCvihS47+E
dUeoC6S8SUDrm5lPLj8t1uVVtp8W7GpGMwF5Zn31ThrlUA4V/dTMmqSUXCaAI9Ii
zXditd26EfySKSxps+VQgL7GB778XcIYxlnMYzoqd6SD/pCQgagpFP2nZ1zdZ0/g
qpwgeGE2SK++w8iiOs2Q59tisREU7PHNVtpdILhw9Me892mwxIjl8wDMTZHY8vvU
6OZRI9G8UktpkEcT9FeFgwna2T3T16rEVbrzpteeDLFgqUpt84yXD+pd5W/Oozaj
sfbd7lCFBcdzCQIKa+DGDuJKFPExu8oqGg7Zq25wxLvkNosmHXny9NylE1VIJ5ad
WHadwBeFSFCR7faplO8s+hO/BmT5PcEwIXrz/xVqwf28o/0im63llkE6WUCRW4MU
x/S5uWjB/HSDw2NHLRRc0bLabl30mMCf7J/EkVmm9dsIpmXhn6SLC9YCYjJtIjC7
ChSQs+U8MgEnwk/un/DELIRUtu+rQZ1GkQnJ4tooaYJlYr/m7Ww=
=s/wm
-----END PGP SIGNATURE-----

76
bsc1167501-invalid-alignment.patch
View File

@ -1,76 +0,0 @@
From e6f4de57ffd175870e513ffa387fa6e7eaaeaed2 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Tue, 24 Mar 2020 07:55:00 +0100
Subject: [PATCH] bpo-40052: Fix alignment issue in PyVectorcall_Function()
In file included from /usr/include/python3.8/Python.h:147:
In file included from /usr/include/python3.8/abstract.h:837:
/usr/include/python3.8/cpython/abstract.h:91:11: error: cast from 'char *' to 'vectorcallfunc *'
(aka 'struct _object *(**)(struct _object *, struct _object *const *, unsigned long, struct _object *)')
increases required alignment from 1 to 8 [-Werror,-Wcast-align]
ptr = (vectorcallfunc*)(((char *)callable) + offset);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
---
Include/cpython/abstract.h | 9 ++++++---
.../next/C API/2020-03-24-09-27-10.bpo-40052.27P2KG.rst | 1 +
Objects/call.c | 7 ++++++-
3 files changed, 13 insertions(+), 4 deletions(-)
create mode 100644 Misc/NEWS.d/next/C API/2020-03-24-09-27-10.bpo-40052.27P2KG.rst
--- a/Include/cpython/abstract.h
+++ b/Include/cpython/abstract.h
@@ -67,7 +67,10 @@ PyVectorcall_Function(PyObject *callable
{
PyTypeObject *tp;
Py_ssize_t offset;
- vectorcallfunc *ptr;
+ union {
+ char *data;
+ vectorcallfunc *ptr;
+ } vc;
assert(callable != NULL);
tp = Py_TYPE(callable);
@@ -77,8 +80,8 @@ PyVectorcall_Function(PyObject *callable
assert(PyCallable_Check(callable));
offset = tp->tp_vectorcall_offset;
assert(offset > 0);
- ptr = (vectorcallfunc *)(((char *)callable) + offset);
- return *ptr;
+ vc.data = (char *)callable + offset;
+ return *vc.ptr;
}
/* Call the callable object 'callable' with the "vectorcall" calling
--- a/Objects/call.c
+++ b/Objects/call.c
@@ -205,6 +205,10 @@ PyObject *
PyVectorcall_Call(PyObject *callable, PyObject *tuple, PyObject *kwargs)
{
PyThreadState *tstate = _PyThreadState_GET();
+ union {
+ char *data;
+ vectorcallfunc *ptr;
+ } vc;
/* get vectorcallfunc as in PyVectorcall_Function, but without
* the Py_TPFLAGS_HAVE_VECTORCALL check */
@@ -215,7 +219,8 @@ PyVectorcall_Call(PyObject *callable, Py
Py_TYPE(callable)->tp_name);
return NULL;
}
- vectorcallfunc func = *(vectorcallfunc *)(((char *)callable) + offset);
+ vc.data = (char *)callable + offset;
+ vectorcallfunc func = *vc.ptr;
if (func == NULL) {
_PyErr_Format(tstate, PyExc_TypeError,
"'%.200s' object does not support vectorcall",
--- /dev/null
+++ b/Misc/NEWS.d/next/C
@@ -0,0 +1 @@
+Fix an alignment build warning/error in function ``PyVectorcall_Function()`` publicly exposed by ``abstract.h``.
\ No newline at end of file

12
no-skipif-doctests.patch
View File

@ -179,7 +179,7 @@ unchanged:
>>> turtle.pos()
(440.00,-0.00)
@@ -665,7 +643,6 @@ Tell Turtle's state
orientation which depends on the mode - "standard"/"world" or "logo").
orientation which depends on the mode - "standard"/"world" or "logo".
.. doctest::
- :skipif: _tkinter is None
@ -267,7 +267,7 @@ unchanged:
>>> turtle.penup()
>>> turtle.isdown()
@@ -917,7 +884,6 @@ Color control
newly set pencolor.
newly set pencolor.
.. doctest::
- :skipif: _tkinter is None
@ -275,7 +275,7 @@ unchanged:
>>> colormode()
1.0
@@ -966,7 +932,6 @@ Color control
with the newly set fillcolor.
with the newly set fillcolor.
.. doctest::
- :skipif: _tkinter is None
@ -283,7 +283,7 @@ unchanged:
>>> turtle.fillcolor("violet")
>>> turtle.fillcolor()
@@ -1005,7 +970,6 @@ Color control
with the newly set colors.
with the newly set colors.
.. doctest::
- :skipif: _tkinter is None
@ -347,7 +347,7 @@ unchanged:
>>> turtle.shape()
'classic'
@@ -1195,7 +1152,6 @@ Appearance
resizemode("user") is called by :func:`shapesize` when used with arguments.
``resizemode("user")`` is called by :func:`shapesize` when used with arguments.
.. doctest::
- :skipif: _tkinter is None
@ -563,7 +563,7 @@ unchanged:
>>> def f():
... fd(50)
@@ -1824,7 +1754,6 @@ Using screen events
named turtle:
named ``turtle``:
.. doctest::
- :skipif: _tkinter is None

18
python39.changes
View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Fri Feb 19 16:58:38 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Update to 3.9.2:
- bpo#42938 (bsc#1181126): Avoid static buffers when computing
the repr of ctypes.c_double and ctypes.c_longdouble
values. This issue was assigned CVE-2021-3177.
- bpo#42967 (bso#1182379): Fix web cache poisoning
vulnerability by defaulting the query args separator to &,
and allowing the user to choose a custom separator. This
issue was assigned CVE-2021-23336.
- Upstreamed patches were removed:
- CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
- bsc1167501-invalid-alignment.patch
- skip_random_failing_tests.patch
- CVE-2019-5010-null-defer-x509-cert-DOS.patch
-------------------------------------------------------------------
Tue Feb 9 01:37:59 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>
- Add Obsoletes for python3-base when primary interpreter is set to

28
python39.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package python39
# spec file for package python39-core
#
# Copyright (c) 2021 SUSE LLC
#
@ -53,7 +53,7 @@
# Will do the /usr/bin/python3 and all the core links
%define primary_interpreter 0
# We don't process beta signs well
%define folderversion 3.9.1
%define folderversion 3.9.2
%define tarname Python-%{tarversion}
%define sitedir %{_libdir}/python%{python_version}
# three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149
@ -88,7 +88,7 @@
%bcond_without profileopt
%endif
Name: %{python_pkg_name}%{psuffix}
Version: 3.9.1
Version: 3.9.2
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
@ -127,27 +127,15 @@ Patch08: python-3.3.0b1-fix_date_time_compiler.patch
Patch09: python-3.3.0b1-test-posix_fadvise.patch
# Raise timeout value for test_subprocess
Patch15: subprocess-raise-timeout.patch
# skip some tests only for PowerPC
Patch23: skip_random_failing_tests.patch
Patch25: python3-imp-returntype.patch
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com
# https://github.com/python/cpython/pull/11569
# Fix segfault in ssl's cert parser
Patch27: CVE-2019-5010-null-defer-x509-cert-DOS.patch
# PATCH-FEATURE-UPSTREAM bpo-31046_ensurepip_honours_prefix.patch bpo#31046 mcepl@suse.com
# ensurepip should honour the value of $(prefix)
Patch29: bpo-31046_ensurepip_honours_prefix.patch
# PATCH-FIX-UPSTREAM bsc1167501-invalid-alignment.patch gh#python/cpython#19133 mcepl@suse.com
# Fix wrong misalignment of pointer to vectorcallfunc
Patch31: bsc1167501-invalid-alignment.patch
# PATCH-FIX-UPSTREAM stop calling removed Sphinx function gh#python/cpython#13236
Patch32: sphinx-update-removed-function.patch
# PATCH-FIX-SLE no-skipif-doctests.patch jsc#SLE-13738 mcepl@suse.com
# SLE-15 version of Sphinx doesn't know about skipif directive in doctests.
Patch33: no-skipif-doctests.patch
# PATCH-FIX-UPSTREAM CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch bsc#1181126 mcepl@suse.com
# buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution
Patch34: CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
BuildRequires: automake
BuildRequires: fdupes
BuildRequires: gmp-devel
@ -387,18 +375,12 @@ other applications.
%patch08 -p1
%patch09 -p1
%patch15 -p1
%ifarch ppc ppc64 ppc64le
%patch23 -p1
%endif
%patch25 -p1
%patch27 -p1
%patch29 -p1
%patch31 -p1
%patch32 -p1
%if 0%{?suse_version} <= 1500
# %%if 0%%{?suse_version} <= 1500
%patch33 -p1
%endif
%patch34 -p1
# %%endif
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac

145
skip_random_failing_tests.patch
View File

@ -1,145 +0,0 @@
From: Michel Normand <normand@linux.vnet.ibm.com>
Subject: skip random failing tests
Date: Thu, 18 Jan 2018 15:48:52 +0100
skip random failing tests:
in _test_multiprocessing.py:
test_async_timeout
test_waitfor_timeout
test_wait_integer
in test_events.py:
test_run_until_complete
test_signal_handling_args
test_call_later
Reported to fail on ppc64le host on multiple osc build trials:
(all failed for ppc64le, except one for ppc)
===
[michel@abanc:~/work/home:michel_mno:branches:devel:languages:python:Factory/python3]
$idx=1; while test 1; do echo "trial $idx:"; osc build \
--vm-type kvm -j 8 --threads 4 openSUSE_Factory_PowerPC ppc64le \
>/tmp/python3_trialx_${idx}.log 2>&1 || break; ((idx++)); done
===
FAIL: test_async_timeout (test.test_multiprocessing_fork.WithProcessesTestPool)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/_test_multiprocessing.py", line 2017, in test_async_timeout
self.assertRaises(multiprocessing.TimeoutError, get, timeout=TIMEOUT2)
AssertionError: TimeoutError not raised by <test._test_multiprocessing.TimingWrapper object at 0x7fff89b45f28>
===
FAIL: test_waitfor_timeout (test.test_multiprocessing_spawn.WithManagerTestCondition)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/_test_multiprocessing.py", line 1169, in test_waitfor_timeout
self.assertTrue(success.value)
AssertionError: False is not true
===
FAIL: test_run_until_complete (test.test_asyncio.test_events.SelectEventLoopTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/test_asyncio/test_events.py", line 285, in test_run_until_complete
self.assertTrue(0.08 <= t1-t0 <= 0.8, t1-t0)
AssertionError: False is not true : 3.966844968999993
===
FAIL: test_signal_handling_args (test.test_asyncio.test_events.SelectEventLoopTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/test_asyncio/test_events.py", line 566, in test_signal_handling_args
self.assertEqual(caught, 1)
AssertionError: 0 != 1
=== (ppc)
FAIL: test_wait_integer (test.test_multiprocessing_spawn.TestWait)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/_test_multiprocessing.py", line 3762, in test_wait_integer
self.assertLess(delta, expected + 2)
AssertionError: 5.576360702514648 not less than 5
===
===
======================================================================
FAIL: test_call_later (test.test_asyncio.test_events.PollEventLoopTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/test_asyncio/test_events.py", line 309, in test_call_later
self.assertTrue(0.08 <= t1-t0 <= 0.8, t1-t0)
AssertionError: False is not true : 2.7154626529999746
======================================================================
FAIL: test_call_later (test.test_asyncio.test_events.SelectEventLoopTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/abuild/rpmbuild/BUILD/Python-3.6.4/Lib/test/test_asyncio/test_events.py", line 309, in test_call_later
self.assertTrue(0.08 <= t1-t0 <= 0.8, t1-t0)
AssertionError: False is not true : 4.137590406000015
===
Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
---
Lib/test/_test_multiprocessing.py | 3 +++
Lib/test/test_asyncio/test_events.py | 4 +++-
2 files changed, 6 insertions(+), 1 deletion(-)
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
@@ -1546,6 +1546,7 @@ class _TestCondition(BaseTestCase):
success.value = True
@unittest.skipUnless(HAS_SHAREDCTYPES, 'needs sharedctypes')
+ @unittest.skip("transient failure on PowerPC")
def test_waitfor_timeout(self):
# based on test in test/lock_tests.py
cond = self.Condition()
@@ -2436,6 +2437,7 @@ class _TestPool(BaseTestCase):
self.assertEqual(get(), 49)
self.assertTimingAlmostEqual(get.elapsed, TIMEOUT1)
+ @unittest.skip("transient failure on PowerPC")
def test_async_timeout(self):
res = self.pool.apply_async(sqr, (6, TIMEOUT2 + 1.0))
get = TimingWrapper(res.get)
@@ -4682,6 +4684,7 @@ class TestWait(unittest.TestCase):
sem.release()
time.sleep(period)
+ @unittest.skip("transient failure on PowerPC")
def test_wait_integer(self):
from multiprocessing.connection import wait
--- a/Lib/test/test_asyncio/test_events.py
+++ b/Lib/test/test_asyncio/test_events.py
@@ -270,6 +270,7 @@ class EventLoopTestsMixin:
# Note: because of the default Windows timing granularity of
# 15.6 msec, we use fairly long sleep times here (~100 msec).
+ @unittest.skip("transient failure on PowerPC")
def test_run_until_complete(self):
t0 = self.loop.time()
self.loop.run_until_complete(asyncio.sleep(0.1))
@@ -294,7 +295,7 @@ class EventLoopTestsMixin:
self.loop.call_later(0.1, callback, 'hello world')
self.loop.run_forever()
- self.assertEqual(results, ['hello world'])
+ self.assertTrue(0.08 <= t1-t0 <= 5.0, t1-t0)
def test_call_soon(self):
results = []
@@ -481,6 +482,7 @@ class EventLoopTestsMixin:
self.assertEqual(caught, 1)
@unittest.skipUnless(hasattr(signal, 'SIGALRM'), 'No SIGALRM')
+ @unittest.skip("transient failure on PowerPC")
def test_signal_handling_args(self):
some_args = (42,)
caught = 0
--- a/Lib/test/test_buffer.py
+++ b/Lib/test/test_buffer.py
@@ -2509,6 +2509,7 @@ class TestBufferProtocol(unittest.TestCa
a = ndarray(items, shape=[2, 2, 2], format="b")
check(memoryview(a), vsize(base_struct + 3 * per_dim))
+ @unittest.skip("transient failure on PowerPC")
def test_memoryview_struct_module(self):
class INT(object):

4
subprocess-raise-timeout.patch
View File

@ -1,6 +1,6 @@
--- a/Lib/test/test_subprocess.py
+++ b/Lib/test/test_subprocess.py
@@ -230,7 +230,8 @@
@@ -252,7 +252,8 @@ class ProcessTestCase(BaseTestCase):
"time.sleep(3600)"],
# Some heavily loaded buildbots (sparc Debian 3.x) require
# this much time to start and print.
@ -9,4 +9,4 @@
+ timeout=10)
self.fail("Expected TimeoutExpired.")
self.assertEqual(c.exception.output, b'BDFL')