From eceb111a525ca44bb334699d3631787768e2efe77e4bf31a92bb7c066d5b994e Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Fri, 7 Jun 2024 10:51:44 +0000 Subject: [PATCH] - Update to 3.12.4: - Security - gh-118486: os.mkdir() on Windows now accepts mode of 0o700 to restrict the new directory to the current user. This fixes CVE-2024-4030 affecting tempfile.mkdtemp() in scenarios where the base temporary directory is more permissive than the default. - gh-116741: Update bundled libexpat to 2.6.2 - gh-117233: Detect BLAKE2, SHA3, Shake, & truncated SHA512 support in the OpenSSL-ish libcrypto library at build time. This allows hashlib to be used with libraries that do not to support every algorithm that upstream OpenSSL does. - Core and Builtins - gh-119821: Fix execution of annotation scopes within classes when globals is set to a non-dict. Patch by Jelle Zijlstra. - gh-118263: Speed up os.path.normpath() with a direct C call. - gh-119311: Fix bug where names are unexpectedly mangled in the bases of generic classes. - gh-119395: Fix bug where names appearing after a generic class are mangled as if they are in the generic class. - gh-118507: Fix os.path.isfile() on Windows for pipes. - gh-119213: Non-builtin modules built with argument clinic were crashing if used in a subinterpreter before the main interpreter. The objects that were causing the problem by leaking between interpreters carelessly have been fixed. - gh-119011: Fixes type.__type_params__ to return an empty tuple instead of a descriptor. - gh-118997: Fix _Py_ClearImmortal() assertion: use OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=47 --- CVE-2023-6597-TempDir-cleaning-symlink.patch | 20 +- Python-3.12.3.tar.xz | 3 - Python-3.12.3.tar.xz.asc | 18 -- Python-3.12.4.tar.xz | 3 + Python-3.12.4.tar.xz.asc | 18 ++ bpo-31046_ensurepip_honours_prefix.patch | 32 +-- fix_configure_rst.patch | 16 +- python-3.3.0b1-fix_date_time_compiler.patch | 8 +- python312.changes | 223 +++++++++++++++++++ python312.spec | 2 +- subprocess-raise-timeout.patch | 8 +- 11 files changed, 292 insertions(+), 59 deletions(-) delete mode 100644 Python-3.12.3.tar.xz delete mode 100644 Python-3.12.3.tar.xz.asc create mode 100644 Python-3.12.4.tar.xz create mode 100644 Python-3.12.4.tar.xz.asc diff --git a/CVE-2023-6597-TempDir-cleaning-symlink.patch b/CVE-2023-6597-TempDir-cleaning-symlink.patch index c62fbbe..c5e3528 100644 --- a/CVE-2023-6597-TempDir-cleaning-symlink.patch +++ b/CVE-2023-6597-TempDir-cleaning-symlink.patch @@ -4,8 +4,10 @@ Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst | 2 3 files changed, 131 insertions(+) ---- a/Lib/tempfile.py -+++ b/Lib/tempfile.py +Index: Python-3.12.4/Lib/tempfile.py +=================================================================== +--- Python-3.12.4.orig/Lib/tempfile.py ++++ Python-3.12.4/Lib/tempfile.py @@ -285,6 +285,22 @@ def _resetperms(path): _dont_follow_symlinks(chflags, path, 0) _dont_follow_symlinks(_os.chmod, path, 0o700) @@ -29,9 +31,11 @@ # User visible interfaces. ---- a/Lib/test/test_tempfile.py -+++ b/Lib/test/test_tempfile.py -@@ -1781,6 +1781,103 @@ class TestTemporaryDirectory(BaseTestCas +Index: Python-3.12.4/Lib/test/test_tempfile.py +=================================================================== +--- Python-3.12.4.orig/Lib/test/test_tempfile.py ++++ Python-3.12.4/Lib/test/test_tempfile.py +@@ -1803,6 +1803,103 @@ class TestTemporaryDirectory(BaseTestCas new_flags = os.stat(dir1).st_flags self.assertEqual(new_flags, old_flags) @@ -135,7 +139,7 @@ @support.cpython_only def test_del_on_collection(self): # A TemporaryDirectory is deleted when garbage collected -@@ -1955,6 +2052,22 @@ class TestTemporaryDirectory(BaseTestCas +@@ -1977,6 +2074,22 @@ class TestTemporaryDirectory(BaseTestCas def check_flags(self, flags): # skip the test if these flags are not supported (ex: FreeBSD 13) @@ -158,8 +162,10 @@ filename = os_helper.TESTFN try: open(filename, "w").close() +Index: Python-3.12.4/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst +=================================================================== --- /dev/null -+++ b/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst ++++ Python-3.12.4/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst @@ -0,0 +1,2 @@ +Fix a bug in :class:`tempfile.TemporaryDirectory` cleanup, which now no longer +dereferences symlinks when working around file system permission errors. diff --git a/Python-3.12.3.tar.xz b/Python-3.12.3.tar.xz deleted file mode 100644 index db2a767..0000000 --- a/Python-3.12.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:56bfef1fdfc1221ce6720e43a661e3eb41785dd914ce99698d8c7896af4bdaa1 -size 20625068 diff --git a/Python-3.12.3.tar.xz.asc b/Python-3.12.3.tar.xz.asc deleted file mode 100644 index f0579f8..0000000 --- a/Python-3.12.3.tar.xz.asc +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmYVDdNfFIAAAAAALgAo -aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx -Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6 -YwU8Vg//aP8bxzPTDIM9Af1LLJj5LNLIuZOl5QysWQVbakoCpS8Z8ZiK3LyzGi7H -pQ5uJEnRjhULnOi+va2TPBDqiYvY1CkVizYzmUe1dMtzHdJUBE1TzybfON02JzPD -62oDHxUC1hvITyLE8tjnsgBuP9bbYYHnS+qqmDgBWS1M60i4bqcBiSdlWZp7ZTI4 -KIxIy9eyNujHnNQrQQ1oqIoj7ty1Hrtkfqia/3cVq7rkQT8HecBIW0K82WuIXizm -/Ua/TQslTJsypslFYpoJBoIkWG2nk7RhJvfU5iLxQHen6cr7JOUo/u3jv0DIJyJs -LdBWG6noTIiqKJb65UswLUxexM5f3Y7gLEZ4FCqlbAOAPG16xwwC8Xd7LIF33cHK -133BvYCkwdl0MCpmsQuxi8i6Kql0MaEqJ9MEj6UN66ZJVpRx8hOm2FtZGhn5ZNxx -r5C2zXGw/IjXeS01wgD8cSRVA0XJdN4bu88vmvhqMuezg3CDF5bX85isoFUaLUjS -c5Lv1HNrqPiaWHOctnvzasy0djpwze+WCzsXFMI6VfejPpYwNlhmnxS7i3R9A4RK -gBwViMd5q5rwx365tCfRfGcBW6OOvrHZalhSGYmUw13sBarFliW9CvN4ghN9kWbN -YQwSggf5KD6v5mAAyReMrOJTyBG6B5hMlxKai5CzbRLlG25T2wI= -=ZQxz ------END PGP SIGNATURE----- diff --git a/Python-3.12.4.tar.xz b/Python-3.12.4.tar.xz new file mode 100644 index 0000000..f50cb46 --- /dev/null +++ b/Python-3.12.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f6d419a6d8743ab26700801b4908d26d97e8b986e14f95de31b32de2b0e79554 +size 20659356 diff --git a/Python-3.12.4.tar.xz.asc b/Python-3.12.4.tar.xz.asc new file mode 100644 index 0000000..bcb0184 --- /dev/null +++ b/Python-3.12.4.tar.xz.asc @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmZiK0BfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx +Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6 +YwXdxg/6A5E54ST8gUxcgC6dsX2mOou/AgtzEiql1azbtK0U6p6v/uZ3JACq4iF2 +5SeXCYIq2Aum+f3FcmZ1gPAhCdSaHUl9i5oJvidW2AOz7E3Q81Kutdu+pKfv8Cwr +srhKBij5EQQH8rSLKK5fWDcoYgS26UQnBISrVb8ye5KC+mU1x0ek49jeRjS3ixim ++/jyRK/MStIjQAqeFMzQgathynYM5DtDEu71QATIWQZ/h78mpBCdrQutXMs10zf8 +fuXI6RP/vkh7q5IUg2KFZaUavPPPMUKJZnYAaTn3JbNXkASuliEyBDzXPhl+/t17 +RxzmlM+foXqxLXmupouRilZE73X7tKI4y1MbFUklFIsZlt+7uyXxAbwIZd3zJQrM +GITttH4tx4q1htZ/G1l6cS99AYUmoZp7rJwgKkiH40W9C+6ye2O2zAk6cEi1796t +RXEUpGupws3/XMofKJ23mE1FGwhcTWvoFgrth5ZM5Ig3A2rb5KIJIbMdEmOOiHV7 +CZ62N29fszwdxtErLpEStv5pZdV8zenucC6FtonyLX47v1VOd+3fyw65SvVXlblp +jeXCDWfhZZpnXw5d++y4kTxiQk8VUgTezB8uQ9Z/gNtdvYxWy8SXXcJoFofOCgo2 +/nLLzlJyRAoAFAXIgyZqdkG+8ZPWTH/Tfxg9UYKKXMcSYqak2EU= +=x5Pr +-----END PGP SIGNATURE----- diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch index ad4910d..4faebdb 100644 --- a/bpo-31046_ensurepip_honours_prefix.patch +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -13,10 +13,10 @@ Co-Authored-By: Xavier de Gaye 5 files changed, 34 insertions(+), 9 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst -Index: Python-3.12.2/Doc/library/ensurepip.rst +Index: Python-3.12.4/Doc/library/ensurepip.rst =================================================================== ---- Python-3.12.2.orig/Doc/library/ensurepip.rst -+++ Python-3.12.2/Doc/library/ensurepip.rst +--- Python-3.12.4.orig/Doc/library/ensurepip.rst ++++ Python-3.12.4/Doc/library/ensurepip.rst @@ -59,8 +59,9 @@ is at least as recent as the one availab By default, ``pip`` is installed into the current virtual environment (if one is active) or into the system site packages (if there is no @@ -55,10 +55,10 @@ Index: Python-3.12.2/Doc/library/ensurepip.rst .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap .. note:: -Index: Python-3.12.2/Lib/ensurepip/__init__.py +Index: Python-3.12.4/Lib/ensurepip/__init__.py =================================================================== ---- Python-3.12.2.orig/Lib/ensurepip/__init__.py -+++ Python-3.12.2/Lib/ensurepip/__init__.py +--- Python-3.12.4.orig/Lib/ensurepip/__init__.py ++++ Python-3.12.4/Lib/ensurepip/__init__.py @@ -120,27 +120,27 @@ def _disable_pip_configuration_settings( os.environ['PIP_CONFIG_FILE'] = os.devnull @@ -121,10 +121,10 @@ Index: Python-3.12.2/Lib/ensurepip/__init__.py upgrade=args.upgrade, user=args.user, verbosity=args.verbosity, -Index: Python-3.12.2/Lib/test/test_ensurepip.py +Index: Python-3.12.4/Lib/test/test_ensurepip.py =================================================================== ---- Python-3.12.2.orig/Lib/test/test_ensurepip.py -+++ Python-3.12.2/Lib/test/test_ensurepip.py +--- Python-3.12.4.orig/Lib/test/test_ensurepip.py ++++ Python-3.12.4/Lib/test/test_ensurepip.py @@ -105,6 +105,17 @@ class TestBootstrap(EnsurepipMixin, unit unittest.mock.ANY, ) @@ -143,11 +143,11 @@ Index: Python-3.12.2/Lib/test/test_ensurepip.py def test_bootstrapping_with_user(self): ensurepip.bootstrap(user=True) -Index: Python-3.12.2/Makefile.pre.in +Index: Python-3.12.4/Makefile.pre.in =================================================================== ---- Python-3.12.2.orig/Makefile.pre.in -+++ Python-3.12.2/Makefile.pre.in -@@ -1912,7 +1912,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni +--- Python-3.12.4.orig/Makefile.pre.in ++++ Python-3.12.4/Makefile.pre.in +@@ -1914,7 +1914,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -156,7 +156,7 @@ Index: Python-3.12.2/Makefile.pre.in fi .PHONY: altinstall -@@ -1923,7 +1923,7 @@ altinstall: commoninstall +@@ -1925,7 +1925,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -165,9 +165,9 @@ Index: Python-3.12.2/Makefile.pre.in fi .PHONY: commoninstall -Index: Python-3.12.2/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst +Index: Python-3.12.4/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst =================================================================== --- /dev/null -+++ Python-3.12.2/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst ++++ Python-3.12.4/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst @@ -0,0 +1 @@ +A directory prefix can now be specified when using :mod:`ensurepip`. diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch index ab85538..88fbe40 100644 --- a/fix_configure_rst.patch +++ b/fix_configure_rst.patch @@ -3,9 +3,11 @@ Misc/NEWS | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) ---- a/Doc/using/configure.rst -+++ b/Doc/using/configure.rst -@@ -631,13 +631,11 @@ macOS Options +Index: Python-3.12.4/Doc/using/configure.rst +=================================================================== +--- Python-3.12.4.orig/Doc/using/configure.rst ++++ Python-3.12.4/Doc/using/configure.rst +@@ -640,13 +640,11 @@ macOS Options See ``Mac/README.rst``. @@ -19,9 +21,11 @@ .. option:: --enable-framework=INSTALLDIR Create a Python.framework rather than a traditional Unix install. Optional ---- a/Misc/NEWS -+++ b/Misc/NEWS -@@ -13428,7 +13428,7 @@ C API +Index: Python-3.12.4/Misc/NEWS +=================================================================== +--- Python-3.12.4.orig/Misc/NEWS ++++ Python-3.12.4/Misc/NEWS +@@ -13734,7 +13734,7 @@ C API - bpo-40939: Removed documentation for the removed ``PyParser_*`` C API. - bpo-43795: The list in :ref:`limited-api-list` now shows the public name diff --git a/python-3.3.0b1-fix_date_time_compiler.patch b/python-3.3.0b1-fix_date_time_compiler.patch index 038dd66..43bb625 100644 --- a/python-3.3.0b1-fix_date_time_compiler.patch +++ b/python-3.3.0b1-fix_date_time_compiler.patch @@ -2,11 +2,11 @@ Makefile.pre.in | 7 +++++++ 1 file changed, 7 insertions(+) -Index: Python-3.12.2/Makefile.pre.in +Index: Python-3.12.4/Makefile.pre.in =================================================================== ---- Python-3.12.2.orig/Makefile.pre.in -+++ Python-3.12.2/Makefile.pre.in -@@ -1335,11 +1335,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ +--- Python-3.12.4.orig/Makefile.pre.in ++++ Python-3.12.4/Makefile.pre.in +@@ -1337,11 +1337,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ $(DTRACE_OBJS) \ $(srcdir)/Modules/getbuildinfo.c $(CC) -c $(PY_CORE_CFLAGS) \ diff --git a/python312.changes b/python312.changes index 722b280..91345ed 100644 --- a/python312.changes +++ b/python312.changes @@ -1,3 +1,226 @@ +------------------------------------------------------------------- +Fri Jun 7 10:44:55 UTC 2024 - Matej Cepl + +- Update to 3.12.4: + - Security + - gh-118486: os.mkdir() on Windows now accepts mode of 0o700 + to restrict the new directory to the current user. This + fixes CVE-2024-4030 affecting tempfile.mkdtemp() in + scenarios where the base temporary directory is more + permissive than the default. + - gh-116741: Update bundled libexpat to 2.6.2 + - gh-117233: Detect BLAKE2, SHA3, Shake, & truncated SHA512 + support in the OpenSSL-ish libcrypto library at build + time. This allows hashlib to be used with libraries that do + not to support every algorithm that upstream OpenSSL does. + - Core and Builtins + - gh-119821: Fix execution of annotation scopes within + classes when globals is set to a non-dict. Patch by Jelle + Zijlstra. + - gh-118263: Speed up os.path.normpath() with a direct C + call. + - gh-119311: Fix bug where names are unexpectedly mangled in + the bases of generic classes. + - gh-119395: Fix bug where names appearing after a generic + class are mangled as if they are in the generic class. + - gh-118507: Fix os.path.isfile() on Windows for pipes. + - gh-119213: Non-builtin modules built with argument clinic + were crashing if used in a subinterpreter before the main + interpreter. The objects that were causing the problem by + leaking between interpreters carelessly have been fixed. + - gh-119011: Fixes type.__type_params__ to return an empty + tuple instead of a descriptor. + - gh-118997: Fix _Py_ClearImmortal() assertion: use + _Py_IsImmortal() to tolerate reference count lower than + _Py_IMMORTAL_REFCNT. Fix the assertion for the stable + ABI, when a C extension is built with Python 3.11 or + lower. Patch by Victor Stinner. + - gh-118513: Fix incorrect UnboundLocalError when two + comprehensions in the same function both reference the same + name, and in one comprehension the name is bound while in + the other it’s an implicit global. + - gh-118164: Break a loop between the Python implementation + of the decimal module and the Python code for integer + to string conversion. Also optimize integer to string + conversion for values in the range from 9_000 to 135_000 + decimal digits. + - gh-118272: Fix bug where generator.close does not free the + generator frame’s locals. + - gh-116767: Fix crash in compiler on ‘async with’ that has + many context managers. + - gh-117894: Prevent agen.aclose() objects being re-used + after .throw(). + - gh-117881: prevent concurrent access to an async generator + via athrow().throw() or asend().throw() + - gh-115874: Fixed a possible segfault during garbage + collection of _asyncio.FutureIter objects + - Library + - gh-119819: Fix regression to allow logging configuration + with multiprocessing queue types. + - gh-89727: Fix issue with shutil.rmtree() where a + RecursionError is raised on deep directory trees. + - gh-89727: Partially fix issue with shutil.rmtree() + where a RecursionError is raised on deep directory + trees. A recursion error is no longer raised when + rmtree.avoids_symlink_attacks is false. + - gh-119118: Fix performance regression in the tokenize + module by caching the line token attribute and calculating + the column offset more efficiently. + - gh-89727: Fix issue with os.fwalk() where a RecursionError + was raised on deep directory trees by adjusting the + implementation to be iterative instead of recursive. + - gh-113892: Now, the method sock_connect of + asyncio.ProactorEventLoop raises a ValueError if given + socket is not in non-blocking mode, as well as in other + loop implementations. + - gh-119174: Fix high DPI causes turtledemo(turtle-graphics + examples) windows blurry Patch by Wulian233 and Terry Jan + Reedy + - gh-118643: Fix an AttributeError in the email module + when re-fold a long address list. Also fix more cases of + incorrect encoding of the address separator in the address + list. + - gh-58933: Make pdb return to caller frame correctly when + f_trace of the caller frame is not set + - gh-118868: Fixed issue where kwargs were no longer passed + to the logging handler QueueHandler + - gh-118164: The Python implementation of the decimal + module could appear to hang in relatively small power + cases (like 2**117) if context precision was set to a + very high value. A different method to check for exactly + representable results is used now that doesn’t rely on + computing 10**precision (which could be effectively too + large to compute). + - gh-118404: Fix inspect.signature() for non-comparable + callables. + - gh-118314: Fix an edge case in binascii.a2b_base64() strict + mode, where excessive padding is not detected when no + padding is necessary. + - gh-118042: Fix an unraisable exception in + telnetlib.Telnet.__del__() when the __init__() method was + not called. + - gh-118221: Fix a bug where sqlite3.iterdump() could fail if + a custom row factory was used. Patch by Erlend Aasland. + - gh-118013: Fix regression introduced in gh-103193 that + meant that calling inspect.getattr_static() on an instance + would cause a strong reference to that instance’s class to + persist in an internal cache in the inspect module. This + caused unexpected memory consumption if the class was + dynamically created, the class held strong references to + other objects which took up a significant amount of memory, + and the cache contained the sole strong reference to the + class. The fix for the regression leads to a slowdown + in getattr_static(), but the function should still be + significantly faster than it was in Python 3.11. Patch by + Alex Waygood. + - gh-90848: Fixed unittest.mock.create_autospec() to + configure parent mock with keyword arguments. + - gh-118168: Fix incorrect argument substitution when + typing.Unpack is used with the builtin tuple. typing.Unpack + now raises TypeError when used with certain invalid + types. Patch by Jelle Zijlstra. + - gh-118033: Fix dataclasses.dataclass() not creating a + __weakref__ slot when subclassing typing.Generic. + - gh-117535: Do not try to get the source line for made up + file name “sys” in warnings. + - gh-114053: Fix erroneous NameError when calling + typing.get_type_hints() on a class that made use of PEP 695 + type parameters in a module that had from __future__ import + annotations at the top of the file. Patch by Alex Waygood. + - gh-117995: Don’t raise DeprecationWarning when a + sequence of parameters is used to bind indexed, nameless + placeholders. See also gh-100668. + - gh-80361: Fix TypeError in + email.message.Message.get_payload() when the charset is RFC + 2231 encoded. + - gh-86650: Fix IndexError when parse some emails with + invalid Message-ID (including one-off addresses generated + by Microsoft Outlook). + - gh-117691: Improve the error messages emitted by tarfile + deprecation warnings relating to PEP 706. If a filter + argument is not provided to extract() or extractall, the + deprecation warning now points to the line in the user’s + code where the relevant function was called. Patch by Alex + Waygood. + - gh-77102: site module now parses .pth file with UTF-8 + first, and locale encoding if UnicodeDecodeError + happened. It supported only locale encoding before. + - gh-117692: Fixes a bug when doctest.DocTestFinder was + failing on wrapped builtin_function_or_method. + - gh-117566: ipaddress.IPv6Address.is_loopback() will now + return True for IPv4-mapped loopback addresses, i.e. + addresses in the ::ffff:127.0.0.0/104 address space. + - gh-117503: Fix support of non-ASCII user names in bytes + paths in os.path.expanduser() on Posix. + - gh-117313: Only treat '\n', '\r' and '\r\n' as line + separators in re-folding the email messages. Preserve + control characters '\v', '\f', '\x1c', '\x1d' and '\x1e' + and Unicode line separators '\x85', '\u2028' and '\u2029' + as is. + - gh-113171: Fixed various false positives and false + negatives in + ipaddress.IPv4Address.is_private (see these docs for details) + ipaddress.IPv4Address.is_global + ipaddress.IPv6Address.is_private + ipaddress.IPv6Address.is_global + Also in the corresponding ipaddress.IPv4Network and + ipaddress.IPv6Network attributes. + - gh-103956: Fix lack of newline characters in trace module + output when line tracing is enabled but source code line + for current frame is not available. + - gh-92081: Fix missing spaces in email headers when the + spaces are mixed with encoded 8-bit characters. + - gh-103194: Prepare Tkinter for C API changes in Tcl 8.7/9.0 + to avoid _tkinter.Tcl_Obj being unexpectedly returned + instead of bool, str, bytearray, or int. + - gh-87106: Fixed handling in inspect.Signature.bind() of + keyword arguments having the same name as positional-only + arguments when a variadic keyword argument (e.g. **kwargs) + is present. + - bpo-45767: Fix integer conversion in os.major(), + os.minor(), and os.makedev(). Support device numbers larger + than 2**63-1. Support non-existent device number (NODEV). + - bpo-40943: Fix several IndexError when parse emails with + truncated Message-ID, address, routes, etc, e.g. example@. + - bpo-30988: Fix parsing of emails with invalid address + headers having a leading or trailing dot. Patch by tsufeki. + - gh-67693: Fix urllib.parse.urlunparse() and + urllib.parse.urlunsplit() for URIs with path starting with + multiple slashes and no authority. Based on patch by Ashwin + Ramaswami. + - bpo-15010: unittest.TestLoader.discover() now saves the + original value of unittest.TestLoader._top_level_dir and + restores it at the end of the call. + - Documentation + - gh-117928: The minimum Sphinx version required for the + documentation is now 6.2.1. + - gh-91565: Changes to documentation files and config + outputs to reflect the new location for reporting bugs - + i.e. GitHub rather than bugs.python.org. + - Tests + - gh-119050: regrtest test runner: Add XML support to the + refleak checker (-R option). Patch by Victor Stinner. + - IDLE + - bpo-34774: Use user-selected color theme for Help => IDLE + Doc. + - C API + - gh-119585: Fix crash when a thread state that was + created by PyGILState_Ensure() calls a destructor that + during PyThreadState_Clear() that calls back into + PyGILState_Ensure() and PyGILState_Release(). This + might occur when in the free-threaded build or when + using thread-local variables whose destructors call + PyGILState_Ensure(). + - gh-117534: Improve validation logic in the C implementation + of datetime.fromisoformat() to better handle invalid + years. Patch by Vlad Efanov. +- Updated patches: + - CVE-2023-6597-TempDir-cleaning-symlink.patch + - bpo-31046_ensurepip_honours_prefix.patch + - fix_configure_rst.patch + - python-3.3.0b1-fix_date_time_compiler.patch + - subprocess-raise-timeout.patch + ------------------------------------------------------------------- Mon Apr 15 10:31:32 UTC 2024 - Daniel Garcia diff --git a/python312.spec b/python312.spec index ede5bda..c35bf59 100644 --- a/python312.spec +++ b/python312.spec @@ -105,7 +105,7 @@ %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %bcond_without profileopt Name: %{python_pkg_name}%{psuffix} -Version: 3.12.3 +Version: 3.12.4 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 diff --git a/subprocess-raise-timeout.patch b/subprocess-raise-timeout.patch index 9db6433..a15acaa 100644 --- a/subprocess-raise-timeout.patch +++ b/subprocess-raise-timeout.patch @@ -2,11 +2,11 @@ Lib/test/test_subprocess.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -Index: Python-3.12.2/Lib/test/test_subprocess.py +Index: Python-3.12.4/Lib/test/test_subprocess.py =================================================================== ---- Python-3.12.2.orig/Lib/test/test_subprocess.py -+++ Python-3.12.2/Lib/test/test_subprocess.py -@@ -281,7 +281,8 @@ class ProcessTestCase(BaseTestCase): +--- Python-3.12.4.orig/Lib/test/test_subprocess.py ++++ Python-3.12.4/Lib/test/test_subprocess.py +@@ -280,7 +280,8 @@ class ProcessTestCase(BaseTestCase): "time.sleep(3600)"], # Some heavily loaded buildbots (sparc Debian 3.x) require # this much time to start and print.