diff --git a/python311.changes b/python311.changes index 252896b..25fb86c 100644 --- a/python311.changes +++ b/python311.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Sun Mar 24 07:51:45 UTC 2024 - Matej Cepl + +- Add reference to CVE-2024-0450 (bsc#1221854) to changelog. + +------------------------------------------------------------------- +Fri Mar 22 21:22:27 UTC 2024 - Matej Cepl + +- Because of bsc#1189495 we have to revert use of %autopatch. + ------------------------------------------------------------------- Tue Mar 12 08:44:47 UTC 2024 - Matej Cepl @@ -197,7 +207,7 @@ Thu Feb 8 07:27:40 UTC 2024 - Daniel Garcia tkinter._test(). - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now raises BadZipFile when try to read an entry that overlaps with - other entry or central directory. + other entry or central directory (bsc#1221854, CVE-2024-0450). - gh-38807: Fix race condition in trace. Instead of checking if a directory exists and creating it, directly call os.makedirs() with the kwarg exist_ok=True. diff --git a/python311.spec b/python311.spec index f2e69d3..ac653f7 100644 --- a/python311.spec +++ b/python311.spec @@ -415,13 +415,27 @@ This package contains libpython3.2 shared library for embedding in other applications. %prep -%autosetup -p1 -N -n %{tarname} -%autopatch -p1 -M 08 +%setup -q -n %{tarname} +%patch -p1 -P 02 +%patch -p1 -P 03 +%patch -p1 -P 04 +%patch -p1 -P 05 +%patch -p1 -P 06 +%patch -p1 -P 07 +%patch -p1 -P 08 %if 0%{?suse_version} <= 1500 %patch -P 09 -p1 %endif -%autopatch -p1 -m 10 + +%patch -p1 -P 10 +%patch -p1 -P 11 +%patch -p1 -P 12 +%patch -p1 -P 13 +%patch -p1 -P 14 +%patch -p1 -P 15 +%patch -p1 -P 16 +%patch -p1 -P 17 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac