python-interpreters/python312
SHA256
6
0
Fork 0
forked from pool/python312
Code Pull Requests Activity

- Update to 3.12.11:

Browse Source 
- Security
    - gh-135034: Fixes multiple issues that allowed tarfile
      extraction filters (filter="data" and filter="tar") to be
      bypassed using crafted symlinks and hard links.
      Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
      (bsc#1244059), CVE-2025-4330 (bsc#1244060), and
      CVE-2025-4517 (bsc#1244032).
    - gh-133767: Fix use-after-free in the “unicode-escape”
      decoder with a non-“strict” error handler (CVE-2025-4516,
      bsc#1243273).
    - gh-128840: Short-circuit the processing of long IPv6
      addresses early in ipaddress to prevent excessive memory
      consumption and a minor denial-of-service.
  - Library
    - gh-128840: Fix parsing long IPv6 addresses with embedded
      IPv4 address.
    - gh-134062: ipaddress: fix collisions in __hash__() for
      IPv4Network and IPv6Network objects.
    - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
      according to RFC 3596, §2.5. Patch by Bénédikt Tran.
    - bpo-43633: Improve the textual representation of
      IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
      in ipaddress. Patch by Oleksandr Pavliuk.
- Remove upstreamed patches:
  - CVE-2025-4516-DecodeError-handler.patch
- restrict PEP668 to ALP/Tumbleweed
  * Support Expat >= 2.4.5
- allow build with Sphinx >= 3.x
  * remove importlib_resources and importlib-metadata

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=147
This commit is contained in:
Matej Cepl
2025-06-09 21:22:35 +00:00
committed by Git OBS Bridge
parent 5387496967
commit 9c7fb3fd1c
10 changed files with 102 additions and 600 deletions
Download Patch File Download Diff File Expand all files Collapse all files

521
CVE-2025-4516-DecodeError-handler.patch
View File

@@ -1,521 +0,0 @@
From a75953b347716fff694aa59a7c7c2489fa50d1f5 Mon Sep 17 00:00:00 2001
From: Serhiy Storchaka <storchaka@gmail.com>
Date: Tue, 20 May 2025 15:46:57 +0300
Subject: [PATCH] [3.12] gh-133767: Fix use-after-free in the unicode-escape
decoder with an error handler (GH-129648) (GH-133944)
If the error handler is used, a new bytes object is created to set as
the object attribute of UnicodeDecodeError, and that bytes object then
replaces the original data. A pointer to the decoded data will became invalid
after destroying that temporary bytes object. So we need other way to return
the first invalid escape from _PyUnicode_DecodeUnicodeEscapeInternal().
_PyBytes_DecodeEscape() does not have such issue, because it does not
use the error handlers registry, but it should be changed for compatibility
with _PyUnicode_DecodeUnicodeEscapeInternal().
(cherry picked from commit 9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e)
(cherry picked from commit 6279eb8c076d89d3739a6edb393e43c7929b429d)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
---
Include/cpython/bytesobject.h | 4 ++
Include/cpython/unicodeobject.h | 13 ++++
Lib/test/test_codeccallbacks.py | 39 +++++++++++-
Lib/test/test_codecs.py | 52 +++++++++++++---
...-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst | 2 +
Objects/bytesobject.c | 54 ++++++++++------
Objects/unicodeobject.c | 61 +++++++++++++------
Parser/string_parser.c | 26 +++++---
8 files changed, 194 insertions(+), 57 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst
diff --git a/Include/cpython/bytesobject.h b/Include/cpython/bytesobject.h
index e982031c107de2..eef607a5760eda 100644
--- a/Include/cpython/bytesobject.h
+++ b/Include/cpython/bytesobject.h
@@ -25,6 +25,10 @@ PyAPI_FUNC(PyObject*) _PyBytes_FromHex(
int use_bytearray);
/* Helper for PyBytes_DecodeEscape that detects invalid escape chars. */
+PyAPI_FUNC(PyObject*) _PyBytes_DecodeEscape2(const char *, Py_ssize_t,
+ const char *,
+ int *, const char **);
+// Export for binary compatibility.
PyAPI_FUNC(PyObject *) _PyBytes_DecodeEscape(const char *, Py_ssize_t,
const char *, const char **);
diff --git a/Include/cpython/unicodeobject.h b/Include/cpython/unicodeobject.h
index f177cd9e2af9de..cf38928686019b 100644
--- a/Include/cpython/unicodeobject.h
+++ b/Include/cpython/unicodeobject.h
@@ -684,6 +684,19 @@ PyAPI_FUNC(PyObject*) _PyUnicode_DecodeUnicodeEscapeStateful(
);
/* Helper for PyUnicode_DecodeUnicodeEscape that detects invalid escape
chars. */
+PyAPI_FUNC(PyObject*) _PyUnicode_DecodeUnicodeEscapeInternal2(
+ const char *string, /* Unicode-Escape encoded string */
+ Py_ssize_t length, /* size of string */
+ const char *errors, /* error handling */
+ Py_ssize_t *consumed, /* bytes consumed */
+ int *first_invalid_escape_char, /* on return, if not -1, contain the first
+ invalid escaped char (<= 0xff) or invalid
+ octal escape (> 0xff) in string. */
+ const char **first_invalid_escape_ptr); /* on return, if not NULL, may
+ point to the first invalid escaped
+ char in string.
+ May be NULL if errors is not NULL. */
+// Export for binary compatibility.
PyAPI_FUNC(PyObject*) _PyUnicode_DecodeUnicodeEscapeInternal(
const char *string, /* Unicode-Escape encoded string */
Py_ssize_t length, /* size of string */
diff --git a/Lib/test/test_codeccallbacks.py b/Lib/test/test_codeccallbacks.py
index 4991330489d139..d85f609d806932 100644
--- a/Lib/test/test_codeccallbacks.py
+++ b/Lib/test/test_codeccallbacks.py
@@ -1,6 +1,7 @@
import codecs
import html.entities
import itertools
+import re
import sys
import unicodedata
import unittest
@@ -1124,7 +1125,7 @@ def test_bug828737(self):
text = 'abc<def>ghi'*n
text.translate(charmap)
- def test_mutatingdecodehandler(self):
+ def test_mutating_decode_handler(self):
baddata = [
("ascii", b"\xff"),
("utf-7", b"++"),
@@ -1159,6 +1160,42 @@ def mutating(exc):
for (encoding, data) in baddata:
self.assertEqual(data.decode(encoding, "test.mutating"), "\u4242")
+ def test_mutating_decode_handler_unicode_escape(self):
+ decode = codecs.unicode_escape_decode
+ def mutating(exc):
+ if isinstance(exc, UnicodeDecodeError):
+ r = data.get(exc.object[:exc.end])
+ if r is not None:
+ exc.object = r[0] + exc.object[exc.end:]
+ return ('\u0404', r[1])
+ raise AssertionError("don't know how to handle %r" % exc)
+
+ codecs.register_error('test.mutating2', mutating)
+ data = {
+ br'\x0': (b'\\', 0),
+ br'\x3': (b'xxx\\', 3),
+ br'\x5': (b'x\\', 1),
+ }
+ def check(input, expected, msg):
+ with self.assertWarns(DeprecationWarning) as cm:
+ self.assertEqual(decode(input, 'test.mutating2'), (expected, len(input)))
+ self.assertIn(msg, str(cm.warning))
+
+ check(br'\x0n\z', '\u0404\n\\z', r"invalid escape sequence '\z'")
+ check(br'\x0n\501', '\u0404\n\u0141', r"invalid octal escape sequence '\501'")
+ check(br'\x0z', '\u0404\\z', r"invalid escape sequence '\z'")
+
+ check(br'\x3n\zr', '\u0404\n\\zr', r"invalid escape sequence '\z'")
+ check(br'\x3zr', '\u0404\\zr', r"invalid escape sequence '\z'")
+ check(br'\x3z5', '\u0404\\z5', r"invalid escape sequence '\z'")
+ check(memoryview(br'\x3z5x')[:-1], '\u0404\\z5', r"invalid escape sequence '\z'")
+ check(memoryview(br'\x3z5xy')[:-2], '\u0404\\z5', r"invalid escape sequence '\z'")
+
+ check(br'\x5n\z', '\u0404\n\\z', r"invalid escape sequence '\z'")
+ check(br'\x5n\501', '\u0404\n\u0141', r"invalid octal escape sequence '\501'")
+ check(br'\x5z', '\u0404\\z', r"invalid escape sequence '\z'")
+ check(memoryview(br'\x5zy')[:-1], '\u0404\\z', r"invalid escape sequence '\z'")
+
# issue32583
def test_crashing_decode_handler(self):
# better generating one more character to fill the extra space slot
diff --git a/Lib/test/test_codecs.py b/Lib/test/test_codecs.py
index f683f069ae1397..2e64a52acbae3a 100644
--- a/Lib/test/test_codecs.py
+++ b/Lib/test/test_codecs.py
@@ -1196,23 +1196,39 @@ def test_escape(self):
check(br"[\1010]", b"[A0]")
check(br"[\x41]", b"[A]")
check(br"[\x410]", b"[A0]")
+
+ def test_warnings(self):
+ decode = codecs.escape_decode
+ check = coding_checker(self, decode)
for i in range(97, 123):
b = bytes([i])
if b not in b'abfnrtvx':
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\%c'" % i):
check(b"\\" + b, b"\\" + b)
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\%c'" % (i-32)):
check(b"\\" + b.upper(), b"\\" + b.upper())
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\8'"):
check(br"\8", b"\\8")
with self.assertWarns(DeprecationWarning):
check(br"\9", b"\\9")
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\\xfa'") as cm:
check(b"\\\xfa", b"\\\xfa")
for i in range(0o400, 0o1000):
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid octal escape sequence '\\%o'" % i):
check(rb'\%o' % i, bytes([i & 0o377]))
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\z'"):
+ self.assertEqual(decode(br'\x\z', 'ignore'), (b'\\z', 4))
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid octal escape sequence '\\501'"):
+ self.assertEqual(decode(br'\x\501', 'ignore'), (b'A', 6))
+
def test_errors(self):
decode = codecs.escape_decode
self.assertRaises(ValueError, decode, br"\x")
@@ -2479,24 +2495,40 @@ def test_escape_decode(self):
check(br"[\x410]", "[A0]")
check(br"\u20ac", "\u20ac")
check(br"\U0001d120", "\U0001d120")
+
+ def test_decode_warnings(self):
+ decode = codecs.unicode_escape_decode
+ check = coding_checker(self, decode)
for i in range(97, 123):
b = bytes([i])
if b not in b'abfnrtuvx':
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\%c'" % i):
check(b"\\" + b, "\\" + chr(i))
if b.upper() not in b'UN':
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\%c'" % (i-32)):
check(b"\\" + b.upper(), "\\" + chr(i-32))
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\8'"):
check(br"\8", "\\8")
with self.assertWarns(DeprecationWarning):
check(br"\9", "\\9")
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\\xfa'") as cm:
check(b"\\\xfa", "\\\xfa")
for i in range(0o400, 0o1000):
- with self.assertWarns(DeprecationWarning):
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid octal escape sequence '\\%o'" % i):
check(rb'\%o' % i, chr(i))
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid escape sequence '\\z'"):
+ self.assertEqual(decode(br'\x\z', 'ignore'), ('\\z', 4))
+ with self.assertWarnsRegex(DeprecationWarning,
+ r"invalid octal escape sequence '\\501'"):
+ self.assertEqual(decode(br'\x\501', 'ignore'), ('\u0141', 6))
+
def test_decode_errors(self):
decode = codecs.unicode_escape_decode
for c, d in (b'x', 2), (b'u', 4), (b'U', 4):
diff --git a/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst b/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst
new file mode 100644
index 00000000000000..39d2f1e1a892cf
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst
@@ -0,0 +1,2 @@
+Fix use-after-free in the "unicode-escape" decoder with a non-"strict" error
+handler.
diff --git a/Objects/bytesobject.c b/Objects/bytesobject.c
index f3a978c86c3606..dae84127a7df4b 100644
--- a/Objects/bytesobject.c
+++ b/Objects/bytesobject.c
@@ -1048,10 +1048,11 @@ _PyBytes_FormatEx(const char *format, Py_ssize_t format_len,
}
/* Unescape a backslash-escaped string. */
-PyObject *_PyBytes_DecodeEscape(const char *s,
+PyObject *_PyBytes_DecodeEscape2(const char *s,
Py_ssize_t len,
const char *errors,
- const char **first_invalid_escape)
+ int *first_invalid_escape_char,
+ const char **first_invalid_escape_ptr)
{
int c;
char *p;
@@ -1065,7 +1066,8 @@ PyObject *_PyBytes_DecodeEscape(const char *s,
return NULL;
writer.overallocate = 1;
- *first_invalid_escape = NULL;
+ *first_invalid_escape_char = -1;
+ *first_invalid_escape_ptr = NULL;
end = s + len;
while (s < end) {
@@ -1103,9 +1105,10 @@ PyObject *_PyBytes_DecodeEscape(const char *s,
c = (c<<3) + *s++ - '0';
}
if (c > 0377) {
- if (*first_invalid_escape == NULL) {
- *first_invalid_escape = s-3; /* Back up 3 chars, since we've
- already incremented s. */
+ if (*first_invalid_escape_char == -1) {
+ *first_invalid_escape_char = c;
+ /* Back up 3 chars, since we've already incremented s. */
+ *first_invalid_escape_ptr = s - 3;
}
}
*p++ = c;
@@ -1146,9 +1149,10 @@ PyObject *_PyBytes_DecodeEscape(const char *s,
break;
default:
- if (*first_invalid_escape == NULL) {
- *first_invalid_escape = s-1; /* Back up one char, since we've
- already incremented s. */
+ if (*first_invalid_escape_char == -1) {
+ *first_invalid_escape_char = (unsigned char)s[-1];
+ /* Back up one char, since we've already incremented s. */
+ *first_invalid_escape_ptr = s - 1;
}
*p++ = '\\';
s--;
@@ -1162,23 +1166,37 @@ PyObject *_PyBytes_DecodeEscape(const char *s,
return NULL;
}
+// Export for binary compatibility.
+PyObject *_PyBytes_DecodeEscape(const char *s,
+ Py_ssize_t len,
+ const char *errors,
+ const char **first_invalid_escape)
+{
+ int first_invalid_escape_char;
+ return _PyBytes_DecodeEscape2(
+ s, len, errors,
+ &first_invalid_escape_char,
+ first_invalid_escape);
+}
+
PyObject *PyBytes_DecodeEscape(const char *s,
Py_ssize_t len,
const char *errors,
Py_ssize_t Py_UNUSED(unicode),
const char *Py_UNUSED(recode_encoding))
{
- const char* first_invalid_escape;
- PyObject *result = _PyBytes_DecodeEscape(s, len, errors,
- &first_invalid_escape);
+ int first_invalid_escape_char;
+ const char *first_invalid_escape_ptr;
+ PyObject *result = _PyBytes_DecodeEscape2(s, len, errors,
+ &first_invalid_escape_char,
+ &first_invalid_escape_ptr);
if (result == NULL)
return NULL;
- if (first_invalid_escape != NULL) {
- unsigned char c = *first_invalid_escape;
- if ('4' <= c && c <= '7') {
+ if (first_invalid_escape_char != -1) {
+ if (first_invalid_escape_char > 0xff) {
if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1,
- "invalid octal escape sequence '\\%.3s'",
- first_invalid_escape) < 0)
+ "invalid octal escape sequence '\\%o'",
+ first_invalid_escape_char) < 0)
{
Py_DECREF(result);
return NULL;
@@ -1187,7 +1205,7 @@ PyObject *PyBytes_DecodeEscape(const char *s,
else {
if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1,
"invalid escape sequence '\\%c'",
- c) < 0)
+ first_invalid_escape_char) < 0)
{
Py_DECREF(result);
return NULL;
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
index 05562ad9927989..5accbd6d1ddcbb 100644
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -6046,13 +6046,15 @@ PyUnicode_AsUTF16String(PyObject *unicode)
/* --- Unicode Escape Codec ----------------------------------------------- */
PyObject *
-_PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
+_PyUnicode_DecodeUnicodeEscapeInternal2(const char *s,
Py_ssize_t size,
const char *errors,
Py_ssize_t *consumed,
- const char **first_invalid_escape)
+ int *first_invalid_escape_char,
+ const char **first_invalid_escape_ptr)
{
const char *starts = s;
+ const char *initial_starts = starts;
_PyUnicodeWriter writer;
const char *end;
PyObject *errorHandler = NULL;
@@ -6061,7 +6063,8 @@ _PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
PyInterpreterState *interp = _PyInterpreterState_Get();
// so we can remember if we've seen an invalid escape char or not
- *first_invalid_escape = NULL;
+ *first_invalid_escape_char = -1;
+ *first_invalid_escape_ptr = NULL;
if (size == 0) {
if (consumed) {
@@ -6149,9 +6152,12 @@ _PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
}
}
if (ch > 0377) {
- if (*first_invalid_escape == NULL) {
- *first_invalid_escape = s-3; /* Back up 3 chars, since we've
- already incremented s. */
+ if (*first_invalid_escape_char == -1) {
+ *first_invalid_escape_char = ch;
+ if (starts == initial_starts) {
+ /* Back up 3 chars, since we've already incremented s. */
+ *first_invalid_escape_ptr = s - 3;
+ }
}
}
WRITE_CHAR(ch);
@@ -6252,9 +6258,12 @@ _PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
goto error;
default:
- if (*first_invalid_escape == NULL) {
- *first_invalid_escape = s-1; /* Back up one char, since we've
- already incremented s. */
+ if (*first_invalid_escape_char == -1) {
+ *first_invalid_escape_char = c;
+ if (starts == initial_starts) {
+ /* Back up one char, since we've already incremented s. */
+ *first_invalid_escape_ptr = s - 1;
+ }
}
WRITE_ASCII_CHAR('\\');
WRITE_CHAR(c);
@@ -6293,24 +6302,40 @@ _PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
return NULL;
}
+// Export for binary compatibility.
+PyObject *
+_PyUnicode_DecodeUnicodeEscapeInternal(const char *s,
+ Py_ssize_t size,
+ const char *errors,
+ Py_ssize_t *consumed,
+ const char **first_invalid_escape)
+{
+ int first_invalid_escape_char;
+ return _PyUnicode_DecodeUnicodeEscapeInternal2(
+ s, size, errors, consumed,
+ &first_invalid_escape_char,
+ first_invalid_escape);
+}
+
PyObject *
_PyUnicode_DecodeUnicodeEscapeStateful(const char *s,
Py_ssize_t size,
const char *errors,
Py_ssize_t *consumed)
{
- const char *first_invalid_escape;
- PyObject *result = _PyUnicode_DecodeUnicodeEscapeInternal(s, size, errors,
+ int first_invalid_escape_char;
+ const char *first_invalid_escape_ptr;
+ PyObject *result = _PyUnicode_DecodeUnicodeEscapeInternal2(s, size, errors,
consumed,
- &first_invalid_escape);
+ &first_invalid_escape_char,
+ &first_invalid_escape_ptr);
if (result == NULL)
return NULL;
- if (first_invalid_escape != NULL) {
- unsigned char c = *first_invalid_escape;
- if ('4' <= c && c <= '7') {
+ if (first_invalid_escape_char != -1) {
+ if (first_invalid_escape_char > 0xff) {
if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1,
- "invalid octal escape sequence '\\%.3s'",
- first_invalid_escape) < 0)
+ "invalid octal escape sequence '\\%o'",
+ first_invalid_escape_char) < 0)
{
Py_DECREF(result);
return NULL;
@@ -6319,7 +6344,7 @@ _PyUnicode_DecodeUnicodeEscapeStateful(const char *s,
else {
if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1,
"invalid escape sequence '\\%c'",
- c) < 0)
+ first_invalid_escape_char) < 0)
{
Py_DECREF(result);
return NULL;
diff --git a/Parser/string_parser.c b/Parser/string_parser.c
index 8607885f2e46bd..c4c41b07f6b63d 100644
--- a/Parser/string_parser.c
+++ b/Parser/string_parser.c
@@ -181,15 +181,18 @@ decode_unicode_with_escapes(Parser *parser, const char *s, size_t len, Token *t)
len = p - buf;
s = buf;
- const char *first_invalid_escape;
- v = _PyUnicode_DecodeUnicodeEscapeInternal(s, len, NULL, NULL, &first_invalid_escape);
+ int first_invalid_escape_char;
+ const char *first_invalid_escape_ptr;
+ v = _PyUnicode_DecodeUnicodeEscapeInternal2(s, (Py_ssize_t)len, NULL, NULL,
+ &first_invalid_escape_char,
+ &first_invalid_escape_ptr);
// HACK: later we can simply pass the line no, since we don't preserve the tokens
// when we are decoding the string but we preserve the line numbers.
- if (v != NULL && first_invalid_escape != NULL && t != NULL) {
- if (warn_invalid_escape_sequence(parser, s, first_invalid_escape, t) < 0) {
- /* We have not decref u before because first_invalid_escape points
- inside u. */
+ if (v != NULL && first_invalid_escape_ptr != NULL && t != NULL) {
+ if (warn_invalid_escape_sequence(parser, s, first_invalid_escape_ptr, t) < 0) {
+ /* We have not decref u before because first_invalid_escape_ptr
+ points inside u. */
Py_XDECREF(u);
Py_DECREF(v);
return NULL;
@@ -202,14 +205,17 @@ decode_unicode_with_escapes(Parser *parser, const char *s, size_t len, Token *t)
static PyObject *
decode_bytes_with_escapes(Parser *p, const char *s, Py_ssize_t len, Token *t)
{
- const char *first_invalid_escape;
- PyObject *result = _PyBytes_DecodeEscape(s, len, NULL, &first_invalid_escape);
+ int first_invalid_escape_char;
+ const char *first_invalid_escape_ptr;
+ PyObject *result = _PyBytes_DecodeEscape2(s, len, NULL,
+ &first_invalid_escape_char,
+ &first_invalid_escape_ptr);
if (result == NULL) {
return NULL;
}
- if (first_invalid_escape != NULL) {
- if (warn_invalid_escape_sequence(p, s, first_invalid_escape, t) < 0) {
+ if (first_invalid_escape_ptr != NULL) {
+ if (warn_invalid_escape_sequence(p, s, first_invalid_escape_ptr, t) < 0) {
Py_DECREF(result);
return NULL;
}

3
Python-3.12.10.tar.xz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
size 20520960

18
Python-3.12.10.tar.xz.asc
View File

@@ -1,18 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmf1EjJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwXAwBAAncWm4sMrSvGW4bgyp7bHE0CeaA9ErIq55CmHfigrlxPKQUYVlzj38N7H
MVlpmqZSQ8wqDFy3gN0QeCXBGapxgO2dEcrgy5HxvtktXge25j1f7LvVraSFB9/F
DrOCZr54gVrE/r0242f1JmJQ1BDeMDSUbEYE6fd0xqWYCZ2xpzvYmQG/+6jD5FFC
UE6PYxJlq+rfSawj974//BDhrY4hZ3g0xxyiyhfXBBYMhZO3OzCckrAD5zZOQfNE
y/JK94nVWXLU/Lx3R+L7TvJgJ3ej4ggq5LRwrn09GU5jExwyITh4yUO7i56vbmvx
EtOobQC0RVz/xrsciJ4Gn3zByaO0XPjrGaCOU53nCsNlfJcBQhj2UQpum8CL9S9C
BJPCV4jL+Mo8EL91cJTyX4LqFoAXayMwPS0HKVOvYn33+pmVNe+duY/UjUpG50kw
jdsHbKAthh8QbSIO0VPk4eH3pVEQ3O9aG+3r/puGjPRWG8CMyLbQUVmlj4Sh3/Kh
vh7ydOjzJeuIUhAmFOLLqYG4mah71q1yBXx9jhyxzQSwvyoQaQwgpA+Yn+yB1bXy
ttxp2r4fS0ZvGYB44C1WrAxeKRI+J1z19i1IYMc2bV6SfSBoU9AaJqh2o4dMHHUS
F3Ko4UTyjU4bTfI18dCs2OgUEED6BAe5cs3ZyqDm3zL4fGIgNXs=
=k0VQ
-----END PGP SIGNATURE-----

1
Python-3.12.10.tar.xz.sigstore
View File

File diff suppressed because one or more lines are too long

3
Python-3.12.11.tar.xz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c30bb24b7f1e9a19b11b55a546434f74e739bb4c271a3e3a80ff4380d49f7adb
size 20525812

18
Python-3.12.11.tar.xz.asc Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmg/MbpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwXySQ/7Ba9qlnTLmxqTCO8C7Gf545WNMBL2Ep6JZPgjOcgNk9e1QdAnNV5OOtGm
gW5nNPSTNNcIcPn058GuI24D4RpTQCJfMbMLsfYgvio0E7ij1gC19PsJHb6ejtCS
H2kK237Y1kuqRUdbTZssFDoAR4R9+UCaDuo4XdW+UKQk2GgdNQDMWLKmWF/Xk6Ob
/LihMXj27mDU9nXVdWR55sJzTFzfGB015vmORvcpuctkf1lZ4AfVFMgGw1CgjRjF
kjrOkrDErjDUQ8BIhMh90deiTpigfg7cg1HBDI6GRzklFg6cMfIdfvmfM0MfamX3
Tow08TGBzmYXWgrqjYXW6JknKhBGOrjXMB7/yNDk9bJVLcOJaLbOmbcG0WRQF/Py
DMOCvr09l0yt5KFYpdKrDvyCuKYfpX33B4C60kU9JzmfXGyQ6LDTPXapZooJ+8Fg
GRTUsc0YWXoaDVCcxMIdiG+jEMQkjWVwW7E/nC/d7WT5L9KPoYFA1sZ834kKq3jr
NmZynbBnKH7m7L+u6HP6B+pa84FKEME69osAXZk0HJOIHB+SOX3E6BXRo6IV8Q/K
J6f5Ja26gJ7KXcUxTgkTkYh7tz0bhb+WeL3j6N/BC0eK7ZVsKRZ/3WnntGsG5B2m
FjVOYKolfkF4tf63SjdFuudgaKGCaDK1PvfwIr7k0oozxrB2ZEA=
=SYH/
-----END PGP SIGNATURE-----

1
Python-3.12.11.tar.xz.sigstore Normal file
View File

File diff suppressed because one or more lines are too long

16
fix_configure_rst.patch
View File

@@ -3,11 +3,9 @@
Misc/NEWS | 2 +- Misc/NEWS | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-) 2 files changed, 1 insertion(+), 3 deletions(-)
Index: Python-3.12.10/Doc/using/configure.rst --- a/Doc/using/configure.rst
=================================================================== +++ b/Doc/using/configure.rst
--- Python-3.12.10.orig/Doc/using/configure.rst 2025-04-08 13:35:47.000000000 +0200 @@ -640,13 +640,11 @@ macOS Options
+++ Python-3.12.10/Doc/using/configure.rst 2025-04-11 21:16:27.319169087 +0200
@@ -640,13 +640,11 @@
See ``Mac/README.rst``. See ``Mac/README.rst``.
@@ -21,11 +19,9 @@ Index: Python-3.12.10/Doc/using/configure.rst
.. option:: --enable-framework=INSTALLDIR .. option:: --enable-framework=INSTALLDIR
Create a Python.framework rather than a traditional Unix install. Optional Create a Python.framework rather than a traditional Unix install. Optional
Index: Python-3.12.10/Misc/NEWS --- a/Misc/NEWS
=================================================================== +++ b/Misc/NEWS
--- Python-3.12.10.orig/Misc/NEWS 2025-04-08 13:35:47.000000000 +0200 @@ -15146,7 +15146,7 @@ C API
+++ Python-3.12.10/Misc/NEWS 2025-04-11 21:16:27.326169052 +0200
@@ -15106,7 +15106,7 @@
- bpo-40939: Removed documentation for the removed ``PyParser_*`` C API. - bpo-40939: Removed documentation for the removed ``PyParser_*`` C API.
- bpo-43795: The list in :ref:`limited-api-list` now shows the public name - bpo-43795: The list in :ref:`limited-api-list` now shows the public name

116
python312.changes
View File

@@ -1,3 +1,33 @@
-------------------------------------------------------------------
Mon Jun 9 19:41:07 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
- Update to 3.12.11:
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, §2.5. Patch by Bénédikt Tran.
- bpo-43633: Improve the textual representation of
IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
in ipaddress. Patch by Oleksandr Pavliuk.
- Remove upstreamed patches:
- CVE-2025-4516-DecodeError-handler.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri May 16 13:44:12 UTC 2025 - Matej Cepl <mcepl@cepl.eu> Fri May 16 13:44:12 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
@@ -1218,7 +1248,7 @@ Wed Aug 7 18:05:57 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 7 13:40:44 UTC 2024 - Matej Cepl <mcepl@cepl.eu> Wed Aug 7 13:40:44 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- %{profileopt} variable is set according to the variable - %{profileopt} variable is set according to the variable
%{do_profiling} (bsc#1227999) %{do_profiling} (bsc#1227999)
- Update bluez-devel-vendor.tar.xz - Update bluez-devel-vendor.tar.xz
@@ -1859,7 +1889,7 @@ Mon Feb 12 13:32:43 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
indicate the parsing error (old API). Add an optional 'strict' indicate the parsing error (old API). Add an optional 'strict'
parameter to getaddresses() and parseaddr() functions. Patch by parameter to getaddresses() and parseaddr() functions. Patch by
Thomas Dwyer. Thomas Dwyer.
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Feb 8 07:08:51 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com> Thu Feb 8 07:08:51 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
@@ -2937,7 +2967,7 @@ Wed Sep 20 07:14:17 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Aug 10 09:33:26 UTC 2023 - Dirk Müller <dmueller@suse.com> Thu Aug 10 09:33:26 UTC 2023 - Dirk Müller <dmueller@suse.com>
- restrict PEP668 to ALP/Tumbleweed - restrict PEP668 to ALP/Tumbleweed
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 7 07:31:27 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com> Mon Aug 7 07:31:27 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
@@ -4470,7 +4500,7 @@ Sat Mar 26 22:52:45 UTC 2022 - Matej Cepl <mcepl@suse.com>
Tue Feb 22 05:53:06 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com> Tue Feb 22 05:53:06 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com>
- Add patch support-expat-245.patch: - Add patch support-expat-245.patch:
* Support Expat >= 2.4.5 * Support Expat >= 2.4.5
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Feb 15 23:05:55 UTC 2022 - Matej Cepl <mcepl@suse.com> Tue Feb 15 23:05:55 UTC 2022 - Matej Cepl <mcepl@suse.com>
@@ -4660,7 +4690,7 @@ Sat Jun 5 21:21:38 UTC 2021 - Matej Cepl <mcepl@suse.com>
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jun 4 21:36:30 UTC 2021 - Dirk Müller <dmueller@suse.com> Fri Jun 4 21:36:30 UTC 2021 - Dirk Müller <dmueller@suse.com>
- allow build with Sphinx >= 3.x - allow build with Sphinx >= 3.x
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jun 2 13:12:04 UTC 2021 - Dan Čermák <dcermak@suse.com> Wed Jun 2 13:12:04 UTC 2021 - Dan Čermák <dcermak@suse.com>
@@ -5212,7 +5242,7 @@ Sat Dec 12 14:29:33 UTC 2020 - Matej Cepl <mcepl@suse.com>
Thu Dec 10 00:26:51 UTC 2020 - Benjamin Greiner <code@bnavigator.de> Thu Dec 10 00:26:51 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
- Last try before this results in an editwar: - Last try before this results in an editwar:
* remove importlib_resources and importlib-metadata * remove importlib_resources and importlib-metadata
provides/obsoletes provides/obsoletes
* import importlib_resources is not the same as * import importlib_resources is not the same as
import importlib.resources, same for metadata import importlib.resources, same for metadata
@@ -5329,54 +5359,54 @@ Tue Jul 21 09:53:06 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
- Removed CVE-2019-20907_tarfile-inf-loop.patch: fixed in upstream - Removed CVE-2019-20907_tarfile-inf-loop.patch: fixed in upstream
- Removed recursion.tar: contained in upstream - Removed recursion.tar: contained in upstream
- Update to 3.9.0b5: - Update to 3.9.0b5:
- bpo-41304: Fixes python3x._pth being ignored on Windows, caused - bpo-41304: Fixes python3x._pth being ignored on Windows, caused
by the fix for bpo-29778 (CVE-2020-15801). by the fix for bpo-29778 (CVE-2020-15801).
- bpo-41162: Audit hooks are now cleared later during - bpo-41162: Audit hooks are now cleared later during
finalization to avoid missing events. finalization to avoid missing events.
- bpo-29778: Ensure python3.dll is loaded from correct locations - bpo-29778: Ensure python3.dll is loaded from correct locations
when Python is embedded (CVE-2020-15523). when Python is embedded (CVE-2020-15523).
- bpo-39603: Prevent http header injection by rejecting control - bpo-39603: Prevent http header injection by rejecting control
characters in http.client.putrequest(…). characters in http.client.putrequest(…).
- bpo-41295: Resolve a regression in CPython 3.8.4 where defining - bpo-41295: Resolve a regression in CPython 3.8.4 where defining
“__setattr__” in a multi-inheritance setup and “__setattr__” in a multi-inheritance setup and
calling up the hierarchy chain could fail if builtins/extension calling up the hierarchy chain could fail if builtins/extension
types were involved in the base types. types were involved in the base types.
- bpo-41247: Always cache the running loop holder when running - bpo-41247: Always cache the running loop holder when running
asyncio.set_running_loop. asyncio.set_running_loop.
- bpo-41252: Fix incorrect refcounting in - bpo-41252: Fix incorrect refcounting in
_ssl.cs _servername_callback(). _ssl.cs _servername_callback().
- bpo-41215: Use non-NULL default values in the PEG parser - bpo-41215: Use non-NULL default values in the PEG parser
keyword list to overcome a bug that was ' keyword list to overcome a bug that was '
preventing Python from being properly compiled when using the preventing Python from being properly compiled when using the
XLC compiler. Patch by Pablo Galindo. XLC compiler. Patch by Pablo Galindo.
- bpo-41218: Python 3.8.3 had a regression where compiling with - bpo-41218: Python 3.8.3 had a regression where compiling with
ast.PyCF_ALLOW_TOP_LEVEL_AWAIT would ast.PyCF_ALLOW_TOP_LEVEL_AWAIT would
aggressively mark list comprehension with CO_COROUTINE. Now only aggressively mark list comprehension with CO_COROUTINE. Now only
list comprehension making use of async/await will tagged as so. list comprehension making use of async/await will tagged as so.
- bpo-41175: Guard against a NULL pointer dereference within - bpo-41175: Guard against a NULL pointer dereference within
bytearrayobject triggered by the bytearray() + bytearray() operation. bytearrayobject triggered by the bytearray() + bytearray() operation.
- bpo-39960: The “hackcheck” that prevents sneaking around a types - bpo-39960: The “hackcheck” that prevents sneaking around a types
__setattr__() by calling the superclass method was __setattr__() by calling the superclass method was
rewritten to allow C implemented heap types. rewritten to allow C implemented heap types.
- bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the - bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the
C implementation raises now UnpicklingError instead of crashing. C implementation raises now UnpicklingError instead of crashing.
- bpo-39017: Avoid infinite loop when reading specially crafted - bpo-39017: Avoid infinite loop when reading specially crafted
TAR files using the tarfile module (CVE-2019-20907, bsc#1174091). TAR files using the tarfile module (CVE-2019-20907, bsc#1174091).
- bpo-41235: Fix the error handling in ssl.SSLContext.load_dh_params(). - bpo-41235: Fix the error handling in ssl.SSLContext.load_dh_params().
- bpo-41207: In distutils.spawn, restore expectation that - bpo-41207: In distutils.spawn, restore expectation that
DistutilsExecError is raised when the command is not found. DistutilsExecError is raised when the command is not found.
- bpo-39168: Remove the __new__ method of typing.Generic. - bpo-39168: Remove the __new__ method of typing.Generic.
- bpo-41194: Fix a crash in the _ast module: it can no longer be - bpo-41194: Fix a crash in the _ast module: it can no longer be
loaded more than once. It now uses a global state rather than a module state. loaded more than once. It now uses a global state rather than a module state.
- bpo-39384: Fixed email.contentmanager to allow set_content() to set a - bpo-39384: Fixed email.contentmanager to allow set_content() to set a
null string. null string.
- bpo-41300: Save files with non-ascii chars. - bpo-41300: Save files with non-ascii chars.
Fix regression released in 3.9.0b4 and 3.8.4. Fix regression released in 3.9.0b4 and 3.8.4.
- bpo-37765: Add keywords to module name completion list. - bpo-37765: Add keywords to module name completion list.
Rewrite Completions section of IDLE doc. Rewrite Completions section of IDLE doc.
- bpo-40170: Revert PyType_HasFeature() change: it reads - bpo-40170: Revert PyType_HasFeature() change: it reads
again directly the PyTypeObject.tp_flags again directly the PyTypeObject.tp_flags
member when the limited C API is not used, rather than always calling member when the limited C API is not used, rather than always calling
PyType_GetFlags() which hides implementation details. PyType_GetFlags() which hides implementation details.
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -5897,7 +5927,7 @@ Wed Jun 5 12:19:09 CEST 2019 - Matej Cepl <mcepl@suse.com>
pickling costs between processes pickling costs between processes
- typed_ast is merged back to CPython - typed_ast is merged back to CPython
- LOAD_GLOBAL is now 40% faster - LOAD_GLOBAL is now 40% faster
- pickle now uses Protocol 4 by default, improving performance - pickle now uses Protocol 4 by default, improving performance
- Remove patches which were included in the upstream: - Remove patches which were included in the upstream:
- 00251-change-user-install-location.patch - 00251-change-user-install-location.patch
- 00316-mark-bdist_wininst-unsupported.patch - 00316-mark-bdist_wininst-unsupported.patch
@@ -6042,7 +6072,7 @@ Mon Dec 17 17:24:49 CET 2018 - mcepl@suse.com
- Upgrade to 3.7.2rc1: - Upgrade to 3.7.2rc1:
* bugfix release, for the full list of all changes see * bugfix release, for the full list of all changes see
https://docs.python.org/3.7/whatsnew/changelog.html#changelog https://docs.python.org/3.7/whatsnew/changelog.html#changelog
- Make run of the test suite more verbose - Make run of the test suite more verbose
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -6469,7 +6499,7 @@ Mon Mar 13 14:04:22 UTC 2017 - jmatejek@suse.com
Sat Feb 25 20:55:57 UTC 2017 - bwiedemann@suse.com Sat Feb 25 20:55:57 UTC 2017 - bwiedemann@suse.com
- Add 0001-allow-for-reproducible-builds-of-python-packages.patch - Add 0001-allow-for-reproducible-builds-of-python-packages.patch
upstream https://github.com/python/cpython/pull/296 upstream https://github.com/python/cpython/pull/296
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Feb 8 12:30:20 UTC 2017 - jmatejek@suse.com Wed Feb 8 12:30:20 UTC 2017 - jmatejek@suse.com
@@ -6535,7 +6565,7 @@ Mon Mar 7 20:38:11 UTC 2016 - toddrme2178@gmail.com
- Add Python-3.5.1-fix_lru_cache_copying.patch - Add Python-3.5.1-fix_lru_cache_copying.patch
Fix copying the lru_cache() wrapper object. Fix copying the lru_cache() wrapper object.
Fixes deep-copying lru_cache regression, which worked on Fixes deep-copying lru_cache regression, which worked on
previous versions of python but fails on python 3.5. previous versions of python but fails on python 3.5.
This fixes a bunch of packages in devel:languages:python3. This fixes a bunch of packages in devel:languages:python3.
See: https://bugs.python.org/issue25447 See: https://bugs.python.org/issue25447
@@ -6673,7 +6703,7 @@ Sun Jan 11 13:01:30 UTC 2015 - p.drouand@gmail.com
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Oct 18 20:14:54 UTC 2014 - crrodriguez@opensuse.org Sat Oct 18 20:14:54 UTC 2014 - crrodriguez@opensuse.org
- Only pkgconfig(x11) is required for build, not the whole - Only pkgconfig(x11) is required for build, not the whole
set of packages provided by xorg-x11-devel metapackage. set of packages provided by xorg-x11-devel metapackage.
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -6733,7 +6763,7 @@ Wed Mar 26 15:24:46 UTC 2014 - jmatejek@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 24 17:29:31 UTC 2014 - dmueller@suse.com Mon Mar 24 17:29:31 UTC 2014 - dmueller@suse.com
- remove blacklisting of test_posix on aarch64: qemu bug is fixed - remove blacklisting of test_posix on aarch64: qemu bug is fixed
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 17 18:26:58 UTC 2014 - jmatejek@suse.com Mon Mar 17 18:26:58 UTC 2014 - jmatejek@suse.com
@@ -6836,7 +6866,7 @@ Tue Nov 19 14:28:41 UTC 2013 - jmatejek@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Oct 15 17:44:08 UTC 2013 - crrodriguez@opensuse.org Tue Oct 15 17:44:08 UTC 2013 - crrodriguez@opensuse.org
- build with -DOPENSSL_LOAD_CONF for the same reasons - build with -DOPENSSL_LOAD_CONF for the same reasons
described in the python2 package. described in the python2 package.
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -6848,7 +6878,7 @@ Fri Aug 16 11:35:15 UTC 2013 - jmatejek@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Aug 8 14:54:49 UTC 2013 - dvaleev@suse.com Thu Aug 8 14:54:49 UTC 2013 - dvaleev@suse.com
- Exclue test_faulthandler from tests on powerpc due to bnc#831629 - Exclue test_faulthandler from tests on powerpc due to bnc#831629
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 13 15:05:34 UTC 2013 - jmatejek@suse.com Thu Jun 13 15:05:34 UTC 2013 - jmatejek@suse.com
@@ -6907,7 +6937,7 @@ Fri Mar 1 07:42:21 UTC 2013 - dmueller@suse.com
- add ctypes-libffi-aarch64.patch: - add ctypes-libffi-aarch64.patch:
* import aarch64 support for libffi in _ctypes module * import aarch64 support for libffi in _ctypes module
- add aarch64 to the list of lib64 based archs - add aarch64 to the list of lib64 based archs
- add movetogetdents64.diff: - add movetogetdents64.diff:
* port to getdents64, as SYS_getdents is not implemented everywhere * port to getdents64, as SYS_getdents is not implemented everywhere
@@ -6961,9 +6991,9 @@ Mon Oct 29 18:21:45 UTC 2012 - dmueller@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Oct 25 08:14:36 UTC 2012 - Rene.vanPaassen@gmail.com Thu Oct 25 08:14:36 UTC 2012 - Rene.vanPaassen@gmail.com
- exclude test_math for SLE 11; math library fails on negative - exclude test_math for SLE 11; math library fails on negative
gamma function values close to integers and 0, probably gamma function values close to integers and 0, probably
due to imprecision in -lm on SLE_11_SP2. due to imprecision in -lm on SLE_11_SP2.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Oct 16 12:15:34 UTC 2012 - coolo@suse.com Tue Oct 16 12:15:34 UTC 2012 - coolo@suse.com
@@ -6987,7 +7017,7 @@ Mon Oct 1 08:53:03 UTC 2012 - idonmez@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 27 12:35:01 UTC 2012 - idonmez@suse.com Thu Sep 27 12:35:01 UTC 2012 - idonmez@suse.com
- Correct dependency for python3-testsuite, - Correct dependency for python3-testsuite,
python3-tkinter -> python3-tk python3-tkinter -> python3-tk
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -7020,7 +7050,7 @@ Fri Aug 3 12:09:34 UTC 2012 - jmatejek@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jul 27 09:02:41 UTC 2012 - dvaleev@suse.com Fri Jul 27 09:02:41 UTC 2012 - dvaleev@suse.com
- skip test_io on ppc - skip test_io on ppc
- drop test_io ppc patch - drop test_io ppc patch
------------------------------------------------------------------- -------------------------------------------------------------------
@@ -7069,8 +7099,8 @@ Wed Jan 18 15:49:47 UTC 2012 - jmatejek@suse.com
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Dec 25 13:25:01 UTC 2011 - idonmez@suse.com Sun Dec 25 13:25:01 UTC 2011 - idonmez@suse.com
- Use system ffi, included one is broken see - Use system ffi, included one is broken see
http://bugs.python.org/issue11729 and http://bugs.python.org/issue11729 and
http://bugs.python.org/issue12081 http://bugs.python.org/issue12081
------------------------------------------------------------------- -------------------------------------------------------------------

5
python312.spec
View File

@@ -118,7 +118,7 @@
# _md5.cpython-38m-x86_64-linux-gnu.so # _md5.cpython-38m-x86_64-linux-gnu.so
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
Name: %{python_pkg_name}%{psuffix} Name: %{python_pkg_name}%{psuffix}
Version: 3.12.10 Version: 3.12.11
Release: 0 Release: 0
Summary: Python 3 Interpreter Summary: Python 3 Interpreter
License: Python-2.0 License: Python-2.0
@@ -184,9 +184,6 @@ Patch41: docs-docutils_014-Sphinx_420.patch
# PATCH-FIX-SLE doc-py38-to-py36.patch mcepl@suse.com # PATCH-FIX-SLE doc-py38-to-py36.patch mcepl@suse.com
# Make documentation extensions working with Python 3.6 # Make documentation extensions working with Python 3.6
Patch44: doc-py38-to-py36.patch Patch44: doc-py38-to-py36.patch
# PATCH-FIX-UPSTREAM CVE-2025-4516-DecodeError-handler.patch bsc#1243273 mcepl@suse.com
# patch from gh#python/cpython!134337
Patch45: CVE-2025-4516-DecodeError-handler.patch
BuildRequires: autoconf-archive BuildRequires: autoconf-archive
BuildRequires: automake BuildRequires: automake
BuildRequires: fdupes BuildRequires: fdupes