Update patches

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=57

CVE-2019-5010-null-defer-x509-cert-DOS.patch

@@ -1,59 +0,0 @@
-From a37f52436f9aa4b9292878b72f3ff1480e2606c3 Mon Sep 17 00:00:00 2001
-From: Christian Heimes <christian@python.org>
-Date: Tue, 15 Jan 2019 23:47:42 +0100
-Subject: [PATCH] bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
-
-Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
-distribution points with empty DP or URI correctly. A malicious or buggy
-certificate can result into segfault.
-
-Signed-off-by: Christian Heimes <christian@python.org>
-
-
-
-https://bugs.python.org/issue35746
----
- Lib/test/talos-2019-0758.pem                  | 22 +++++++++++++++++++
- Lib/test/test_ssl.py                          | 22 +++++++++++++++++++
- .../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst  |  3 +++
- Modules/_ssl.c                                |  4 ++++
- 4 files changed, 51 insertions(+)
- create mode 100644 Lib/test/talos-2019-0758.pem
- create mode 100644 Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
-
---- a/Lib/test/test_ssl.py
-+++ b/Lib/test/test_ssl.py
-@@ -470,6 +470,27 @@ class BasicSocketTests(unittest.TestCase
-             }
-         )
- 
-+    def test_parse_cert_CVE_2019_5010(self):
-+        p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP)
-+        if support.verbose:
-+            sys.stdout.write("\n" + pprint.pformat(p) + "\n")
-+        self.assertEqual(
-+            p,
-+            {
-+                'issuer': (
-+                    (('countryName', 'UK'),), (('commonName', 'cody-ca'),)),
-+                'notAfter': 'Jun 14 18:00:58 2028 GMT',
-+                'notBefore': 'Jun 18 18:00:58 2018 GMT',
-+                'serialNumber': '02',
-+                'subject': ((('countryName', 'UK'),),
-+                            (('commonName',
-+                              'codenomicon-vm-2.test.lal.cisco.com'),)),
-+                'subjectAltName': (
-+                    ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),),
-+                'version': 3
-+            }
-+        )
-+
-     def test_parse_cert_CVE_2013_4238(self):
-         p = ssl._ssl._test_decode_cert(NULLBYTECERT)
-         if support.verbose:
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
-@@ -0,0 +1,3 @@
-+[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
-+not handle CRL distribution points with empty DP or URI correctly. A
-+malicious or buggy certificate can result into segfault.

no-skipif-doctests.patch

@@ -179,7 +179,7 @@ unchanged:
        >>> turtle.pos()
        (440.00,-0.00)
 @@ -665,7 +643,6 @@ Tell Turtle's state
-    orientation which depends on the mode - "standard"/"world" or "logo").
+    orientation which depends on the mode - "standard"/"world" or "logo".
  
     .. doctest::
 -      :skipif: _tkinter is None
@@ -267,7 +267,7 @@ unchanged:
        >>> turtle.penup()
        >>> turtle.isdown()
 @@ -917,7 +884,6 @@ Color control
-     newly set pencolor.
+    newly set pencolor.
  
     .. doctest::
 -      :skipif: _tkinter is None
@@ -275,7 +275,7 @@ unchanged:
         >>> colormode()
         1.0
 @@ -966,7 +932,6 @@ Color control
-     with the newly set fillcolor.
+    with the newly set fillcolor.
  
     .. doctest::
 -      :skipif: _tkinter is None
@@ -283,7 +283,7 @@ unchanged:
         >>> turtle.fillcolor("violet")
         >>> turtle.fillcolor()
 @@ -1005,7 +970,6 @@ Color control
-     with the newly set colors.
+    with the newly set colors.
  
     .. doctest::
 -      :skipif: _tkinter is None
@@ -347,7 +347,7 @@ unchanged:
        >>> turtle.shape()
        'classic'
 @@ -1195,7 +1152,6 @@ Appearance
-    resizemode("user") is called by :func:`shapesize` when used with arguments.
+    ``resizemode("user")`` is called by :func:`shapesize` when used with arguments.
  
     .. doctest::
 -      :skipif: _tkinter is None
@@ -563,7 +563,7 @@ unchanged:
        >>> def f():
        ...     fd(50)
 @@ -1824,7 +1754,6 @@ Using screen events
-    named turtle:
+    named ``turtle``:
  
     .. doctest::
 -      :skipif: _tkinter is None

python39.changes

@@ -13,6 +13,7 @@ Fri Feb 19 16:58:38 UTC 2021 - Matej Cepl <mcepl@suse.com>
   - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
   - bsc1167501-invalid-alignment.patch
   - skip_random_failing_tests.patch
+  - CVE-2019-5010-null-defer-x509-cert-DOS.patch
 
 -------------------------------------------------------------------
 Tue Feb  9 01:37:59 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>

python39.spec

@@ -127,13 +127,7 @@ Patch08:        python-3.3.0b1-fix_date_time_compiler.patch
 Patch09:        python-3.3.0b1-test-posix_fadvise.patch
 # Raise timeout value for test_subprocess
 Patch15:        subprocess-raise-timeout.patch
-# skip some tests only for PowerPC
-Patch23:        skip_random_failing_tests.patch
 Patch25:        python3-imp-returntype.patch
-# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com
-# https://github.com/python/cpython/pull/11569
-# Fix segfault in ssl's cert parser
-Patch27:        CVE-2019-5010-null-defer-x509-cert-DOS.patch
 # PATCH-FEATURE-UPSTREAM bpo-31046_ensurepip_honours_prefix.patch bpo#31046 mcepl@suse.com
 # ensurepip should honour the value of $(prefix)
 Patch29:        bpo-31046_ensurepip_honours_prefix.patch
@@ -381,16 +375,12 @@ other applications.
 %patch08 -p1
 %patch09 -p1
 %patch15 -p1
-# %%ifarch ppc ppc64 ppc64le
-# %%patch23 -p1
-# %%endif
 %patch25 -p1
-%patch27 -p1
 %patch29 -p1
 %patch32 -p1
-%if 0%{?suse_version} <= 1500
+# %%if 0%%{?suse_version} <= 1500
 %patch33 -p1
-%endif
+# %%endif
 
 # drop Autoconf version requirement
 sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac