python-interpreters/python310
SHA256
6
0
Fork 0
forked from pool/python310
Code Pull Requests Activity

- Update to 3.10.18:

Browse Source 
- Security
    - gh-135034: Fixes multiple issues that allowed tarfile
      extraction filters (filter="data" and filter="tar") to be
      bypassed using crafted symlinks and hard links.
      Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
      (bsc#1244059), CVE-2025-4330 (bsc#1244060), and
      CVE-2025-4517 (bsc#1244032).
    - gh-133767: Fix use-after-free in the “unicode-escape”
      decoder with a non-“strict” error handler (CVE-2025-4516,
      bsc#1243273).
    - gh-128840: Short-circuit the processing of long IPv6
      addresses early in ipaddress to prevent excessive memory
      consumption and a minor denial-of-service.
  - Library
    - gh-128840: Fix parsing long IPv6 addresses with embedded
      IPv4 address.
    - gh-134062: ipaddress: fix collisions in __hash__() for
      IPv4Network and IPv6Network objects.
    - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
      according to RFC 3596, §2.5. Patch by Bénédikt Tran.
    - bpo-43633: Improve the textual representation of
      IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
      in ipaddress. Patch by Oleksandr Pavliuk.
- Remove upstreamed patches:
  - gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch
  - CVE-2025-4516-DecodeError-handler.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=182
This commit is contained in:
Matej Cepl
2025-06-09 17:02:25 +00:00
committed by Git OBS Bridge
parent cb1f019a88
commit 79c292c8a4
10 changed files with 46 additions and 532 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python310.spec
View File

@@ -108,7 +108,7 @@ Obsoletes: python39%{?1:-%{1}}
# _md5.cpython-38m-x86_64-linux-gnu.so
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
Name: %{python_pkg_name}%{psuffix}
Version: 3.10.17
Version: 3.10.18
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
@@ -202,12 +202,6 @@ Patch27: gh120226-fix-sendfile-test-kernel-610.patch
# PATCH-FIX-UPSTREAM sphinx-802.patch mcepl@suse.com
# status_iterator method moved between the Sphinx versions
Patch28: sphinx-802.patch
# PATCH-FIX-UPSTREAM gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch bsc#1241067 mcepl@suse.com
# don't stop ThreadedEchoServer on OSError, makes test_ssl fail with OpenSSL 3.5
Patch29: gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch
# PATCH-FIX-UPSTREAM CVE-2025-4516-DecodeError-handler.patch bsc#1243273 mcepl@suse.com
# this patch makes things totally awesome
Patch30: CVE-2025-4516-DecodeError-handler.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes