python-interpreters/python312
SHA256
7
0
Fork 0
forked from pool/python312
Code Pull Requests Activity

- Update to 3.12.11:

Browse Source 
- Security
    - gh-135034: Fixes multiple issues that allowed tarfile
      extraction filters (filter="data" and filter="tar") to be
      bypassed using crafted symlinks and hard links.
      Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
      (bsc#1244059), CVE-2025-4330 (bsc#1244060), and
      CVE-2025-4517 (bsc#1244032).
    - gh-133767: Fix use-after-free in the “unicode-escape”
      decoder with a non-“strict” error handler (CVE-2025-4516,
      bsc#1243273).
    - gh-128840: Short-circuit the processing of long IPv6
      addresses early in ipaddress to prevent excessive memory
      consumption and a minor denial-of-service.
  - Library
    - gh-128840: Fix parsing long IPv6 addresses with embedded
      IPv4 address.
    - gh-134062: ipaddress: fix collisions in __hash__() for
      IPv4Network and IPv6Network objects.
    - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
      according to RFC 3596, §2.5. Patch by Bénédikt Tran.
    - bpo-43633: Improve the textual representation of
      IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
      in ipaddress. Patch by Oleksandr Pavliuk.
- Remove upstreamed patches:
  - CVE-2025-4516-DecodeError-handler.patch
- restrict PEP668 to ALP/Tumbleweed
  * Support Expat >= 2.4.5
- allow build with Sphinx >= 3.x
  * remove importlib_resources and importlib-metadata

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=147
This commit is contained in:
Matej Cepl
2025-06-09 21:22:35 +00:00
committed by Git OBS Bridge
parent 8dd75ac7e9
commit a91a0aca60
10 changed files with 102 additions and 600 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
fix_configure_rst.patch
View File

@@ -3,11 +3,9 @@
Misc/NEWS | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
Index: Python-3.12.10/Doc/using/configure.rst
===================================================================
--- Python-3.12.10.orig/Doc/using/configure.rst 2025-04-08 13:35:47.000000000 +0200
+++ Python-3.12.10/Doc/using/configure.rst 2025-04-11 21:16:27.319169087 +0200
@@ -640,13 +640,11 @@
--- a/Doc/using/configure.rst
+++ b/Doc/using/configure.rst
@@ -640,13 +640,11 @@ macOS Options
See ``Mac/README.rst``.
@@ -21,11 +19,9 @@ Index: Python-3.12.10/Doc/using/configure.rst
.. option:: --enable-framework=INSTALLDIR
Create a Python.framework rather than a traditional Unix install. Optional
Index: Python-3.12.10/Misc/NEWS
===================================================================
--- Python-3.12.10.orig/Misc/NEWS 2025-04-08 13:35:47.000000000 +0200
+++ Python-3.12.10/Misc/NEWS 2025-04-11 21:16:27.326169052 +0200
@@ -15106,7 +15106,7 @@
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -15146,7 +15146,7 @@ C API
- bpo-40939: Removed documentation for the removed ``PyParser_*`` C API.
- bpo-43795: The list in :ref:`limited-api-list` now shows the public name