Set link to python310.32578 via maintenance_release request

2024-02-22 19:03:47 +00:00
parent 633ff95a90
commit fcbca39d56
5 changed files with 1209 additions and 1344 deletions
--- a/python310.changes
+++ b/python310.changes
@@ -1,15 +1,23 @@
+-------------------------------------------------------------------
+Mon Dec 18 16:20:58 UTC 2023 - Matej Cepl <mcepl@cepl.eu>
+
+- Refresh CVE-2023-27043-email-parsing-errors.patch to
+  gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
+- Thus we can remove Revert-gh105127-left-tests.patch, which is
+  now useless.
+
 -------------------------------------------------------------------
 Mon Sep  4 13:18:29 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>

 - Add fix-sphinx-72.patch to make it work with latest sphinx version
  gh#python/cpython#97950
- Update to 3.10.13:
+- Update to 3.10.13 (bsc#1214692):
  - gh-108310: Fixed an issue where instances of ssl.SSLSocket were
    vulnerable to a bypass of the TLS handshake and included
    protections (like certificate verification) and treating sent
    unencrypted data as if it were post-handshake TLS encrypted data.
    Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by
-    Gregory P. Smith. (bsc#1214692)
+    Gregory P. Smith.
  - gh-107845: tarfile.data_filter() now takes the location of
    symlinks into account when determining their target, so it will no
    longer reject some valid tarballs with