diff --git a/314a4-no-SO_REUSEPORT.patch b/314a4-no-SO_REUSEPORT.patch deleted file mode 100644 index f3df8ca..0000000 --- a/314a4-no-SO_REUSEPORT.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 1afcfaa5ce01cd949e570bc9035b3a7b6ccdd2be Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= -Date: Fri, 17 Jan 2025 11:46:19 +0100 -Subject: [PATCH 1/2] gh-128916: Do not set `SO_REUSEPORT` on non-`AF_INET*` - sockets - -Do not attempt to set ``SO_REUSEPORT`` on sockets of address familifies other -than ``AF_INET`` and ``AF_INET6``, as it is meaningless with these address -families, and the call with fail with Linux kernel 6.12.9 and newer. ---- - Lib/asyncio/base_events.py | 4 +++- - Lib/socket.py | 4 +++- - Lib/socketserver.py | 7 ++++++- - .../Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst | 3 +++ - 4 files changed, 15 insertions(+), 3 deletions(-) - create mode 100644 Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst - -diff --git a/Lib/asyncio/base_events.py b/Lib/asyncio/base_events.py -index 6e6e5aaac15caf..85018797db33bb 100644 ---- a/Lib/asyncio/base_events.py -+++ b/Lib/asyncio/base_events.py -@@ -1593,7 +1593,9 @@ async def create_server( - if reuse_address: - sock.setsockopt( - socket.SOL_SOCKET, socket.SO_REUSEADDR, True) -- if reuse_port: -+ # Since Linux 6.12.9, SO_REUSEPORT is not allowed -+ # on other address families than AF_INET/AF_INET6. -+ if reuse_port and af in (socket.AF_INET, socket.AF_INET6): - _set_reuseport(sock) - if keep_alive: - sock.setsockopt( -diff --git a/Lib/socket.py b/Lib/socket.py -index be37c24d6174a2..727b0e75f03595 100644 ---- a/Lib/socket.py -+++ b/Lib/socket.py -@@ -937,7 +937,9 @@ def create_server(address, *, family=AF_INET, backlog=None, reuse_port=False, - # Fail later on bind(), for platforms which may not - # support this option. - pass -- if reuse_port: -+ # Since Linux 6.12.9, SO_REUSEPORT is not allowed -+ # on other address families than AF_INET/AF_INET6. -+ if reuse_port and family in (AF_INET, AF_INET6): - sock.setsockopt(SOL_SOCKET, SO_REUSEPORT, 1) - if has_ipv6 and family == AF_INET6: - if dualstack_ipv6: -diff --git a/Lib/socketserver.py b/Lib/socketserver.py -index cd028ef1c63b85..35b2723de3babe 100644 ---- a/Lib/socketserver.py -+++ b/Lib/socketserver.py -@@ -468,7 +468,12 @@ def server_bind(self): - """ - if self.allow_reuse_address and hasattr(socket, "SO_REUSEADDR"): - self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) -- if self.allow_reuse_port and hasattr(socket, "SO_REUSEPORT"): -+ # Since Linux 6.12.9, SO_REUSEPORT is not allowed -+ # on other address families than AF_INET/AF_INET6. -+ if ( -+ self.allow_reuse_port and hasattr(socket, "SO_REUSEPORT") -+ and self.address_family in (socket.AF_INET, socket.AF_INET6) -+ ): - self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1) - self.socket.bind(self.server_address) - self.server_address = self.socket.getsockname() -diff --git a/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst b/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst -new file mode 100644 -index 00000000000000..5d13825fb2b6ab ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst -@@ -0,0 +1,3 @@ -+Do not attempt to set ``SO_REUSEPORT`` on sockets of address familifies -+other than ``AF_INET`` and ``AF_INET6``, as it is meaningless with these -+address families, and the call with fail with Linux kernel 6.12.9 and newer. - -From 8f8f0d67742ce151ea9b104ad0396660e2660b09 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= -Date: Fri, 17 Jan 2025 11:57:41 +0000 -Subject: [PATCH 2/2] Apply suggestions from code review - -Co-authored-by: Vinay Sajip ---- - .../next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst b/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst -index 5d13825fb2b6ab..f2db341ef81621 100644 ---- a/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst -+++ b/Misc/NEWS.d/next/Library/2025-01-17-11-46-16.gh-issue-128916.GEePbO.rst -@@ -1,3 +1,3 @@ --Do not attempt to set ``SO_REUSEPORT`` on sockets of address familifies -+Do not attempt to set ``SO_REUSEPORT`` on sockets of address families - other than ``AF_INET`` and ``AF_INET6``, as it is meaningless with these - address families, and the call with fail with Linux kernel 6.12.9 and newer. diff --git a/CVE-2025-0938-sq-brackets-domain-names.patch b/CVE-2025-0938-sq-brackets-domain-names.patch deleted file mode 100644 index f3408be..0000000 --- a/CVE-2025-0938-sq-brackets-domain-names.patch +++ /dev/null @@ -1,111 +0,0 @@ -From 6204ab9f989be3841c8c47e1e2cfe6a658fe16d5 Mon Sep 17 00:00:00 2001 -From: Seth Michael Larson -Date: Tue, 28 Jan 2025 14:09:00 -0600 -Subject: [PATCH 1/4] gh-105704: Disallow square brackets ( and ) in domain - names for parsed URLs - ---- - Lib/test/test_urlparse.py | 37 +++++++++- - Lib/urllib/parse.py | 20 ++++- - Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst | 4 + - 3 files changed, 58 insertions(+), 3 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst - ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -1412,16 +1412,51 @@ class UrlParseTestCase(unittest.TestCase - self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af::2309::fae7:1234]/Path?Query') - self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af:2309::fae7:1234:2342:438e:192.0.2.146]/Path?Query') - self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@]v6a.ip[/Path') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]/') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix/') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]?') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix?') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]/') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix/') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]?') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix?') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a1') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a1') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:1a') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:1a') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:/') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:?') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@prefix.[v6a.ip]') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@[v6a.ip].suffix') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip]') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip[') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip].suffix') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip[suffix') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip') -+ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[suffix') - - def test_splitting_bracketed_hosts(self): -- p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]/path?query') -+ p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]:1234/path?query') - self.assertEqual(p1.hostname, 'v6a.ip') - self.assertEqual(p1.username, 'user') - self.assertEqual(p1.path, '/path') -+ self.assertEqual(p1.port, 1234) - p2 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7%test]/path?query') - self.assertEqual(p2.hostname, '0439:23af:2309::fae7%test') - self.assertEqual(p2.username, 'user') - self.assertEqual(p2.path, '/path') -+ self.assertIs(p2.port, None) - p3 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7:1234:192.0.2.146%test]/path?query') - self.assertEqual(p3.hostname, '0439:23af:2309::fae7:1234:192.0.2.146%test') - self.assertEqual(p3.username, 'user') ---- a/Lib/urllib/parse.py -+++ b/Lib/urllib/parse.py -@@ -439,6 +439,23 @@ def _checknetloc(netloc): - raise ValueError("netloc '" + netloc + "' contains invalid " + - "characters under NFKC normalization") - -+def _check_bracketed_netloc(netloc): -+ # Note that this function must mirror the splitting -+ # done in NetlocResultMixins._hostinfo(). -+ hostname_and_port = netloc.rpartition('@')[2] -+ before_bracket, have_open_br, bracketed = hostname_and_port.partition('[') -+ if have_open_br: -+ # No data is allowed before a bracket. -+ if before_bracket: -+ raise ValueError("Invalid IPv6 URL") -+ hostname, _, port = bracketed.partition(']') -+ # No data is allowed after the bracket but before the port delimiter. -+ if port and not port.startswith(":"): -+ raise ValueError("Invalid IPv6 URL") -+ else: -+ hostname, _, port = hostname_and_port.partition(':') -+ _check_bracketed_host(hostname) -+ - # Valid bracketed hosts are defined in - # https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/ - def _check_bracketed_host(hostname): -@@ -505,8 +522,7 @@ def _urlsplit(url, scheme=None, allow_fr - (']' in netloc and '[' not in netloc)): - raise ValueError("Invalid IPv6 URL") - if '[' in netloc and ']' in netloc: -- bracketed_host = netloc.partition('[')[2].partition(']')[0] -- _check_bracketed_host(bracketed_host) -+ _check_bracketed_netloc(netloc) - if allow_fragments and '#' in url: - url, fragment = url.split('#', 1) - if '?' in url: ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst -@@ -0,0 +1,4 @@ -+When using :func:`urllib.parse.urlsplit` and :func:`urllib.parse.urlparse` host -+parsing would not reject domain names containing square brackets (``[`` and -+``]``). Square brackets are only valid for IPv6 and IPvFuture hosts according to -+`RFC 3986 Section 3.2.2 `__. diff --git a/Python-3.14.0a4.tar.xz b/Python-3.14.0a4.tar.xz deleted file mode 100644 index 366505a..0000000 --- a/Python-3.14.0a4.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c24f07881873c1d460228795ca6ca8c99130e30c773c91463d30d7ea8ff0e70b -size 22798932 diff --git a/Python-3.14.0a4.tar.xz.sigstore b/Python-3.14.0a4.tar.xz.sigstore deleted file mode 100644 index 7746a47..0000000 --- a/Python-3.14.0a4.tar.xz.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICzzCCAlWgAwIBAgIUTNqrmr/M2mihtEwN8O2FyM2q1q4wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwMTE0MTYwMTUwWhcNMjUwMTE0MTYxMTUwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXFyDvDOdj/YAUw6VwCbccPuaGXVlONd/+yU2w6pjOucN7XNrKQzRc2p0B87e6fBJNtrvoQskKm5g5RZRNIaTraOCAXQwggFwMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU+FemmqqSGkLeHpehmVT+O/2VD1MwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHQYDVR0RAQH/BBMwEYEPaHVnb0BweXRob24ub3JnMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBiwYKKwYBBAHWeQIEAgR9BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABlGWMvxkAAAQDAEgwRgIhAMdC5GErGZYgWadLhCcmCxR3wAZ8jSVhTikA8HyIMUjKAiEAjZQMpnwoXgxNEXGAs8J/Myxxp5Lky719397l9nhdPk8wCgYIKoZIzj0EAwMDaAAwZQIxAMcST1Hx0VxHs8dH4fVNnJHRqHV70g4gWXOUahXOh86pLbvOOsGqM3w8o3kUhjO7oAIwRCZiVhDjDq59iDX6/IO7mG/gwNXBVqKSPdcYRS6l/SxM3JRORz8QCQK3HtM5TPvm"}, "tlogEntries": [{"logIndex": "162324179", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1736870510", "inclusionPromise": {"signedEntryTimestamp": "MEQCIAXgFU1gThdT0mhc6q0AXzD3bBXTiacgiLtvj81gdZF4AiBN9qUrwxowhsD9xRkTFuRk/l7pkEkkF84mJouMltHlqw=="}, "inclusionProof": {"logIndex": "40419917", "rootHash": "sQcmJqkpVAfxguDGAn46H0Jx7wI/seLoX5hw8YAhpzE=", "treeSize": "40419918", "hashes": ["qjl0o9LTqPs1qAydDqJeuEjAe7m0r28edbu6YhwigVs=", "ld8TM/ZFyvOEsuFo6tzdkPMu1WXFFF7FkLeePNxTZgQ=", "msMDMUPWOxenW8+fKcA9KtYwJh+qOm8eJ6hD6qMLxgo=", "HB3n8ruKgQ4/hsnPPqqgZqgqrIY+bil6MZEN48iQf5o=", "s4485wmLHDIJ3Uz0cZtlQJMaGl/NcoVYyRSxf8iaGF0=", "ipeSaii1joKqXMjR8vQt0JqN3F2T64mYFe55cZTSE7k=", "Zh8tfYPsaKKLrwZBF7ddhto+2SATy+XV9dtLPctNAlU=", "GVSyTNVOEKppJTUqz+nM5IM0FJ34fKBEIv5VAyJ7Dv4=", "tlaG/ckV5gypfBxP4OGlhhoLQ/VcEe+s4IdoNM+5CJk=", "LxTVSFPuriQ2RUI8Dbu2hz4wzAG1G271/Jivqrd1etw=", "vemyaMj0Na1LMjbB/9Dmkq8T+jAb3o+yCESgAayUABU="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n40419918\nsQcmJqkpVAfxguDGAn46H0Jx7wI/seLoX5hw8YAhpzE=\n\n\u2014 rekor.sigstore.dev wNI9ajBGAiEAv+PVAciPszI4zlpSunN4bfTvMqVTy5p62XGhyX7jQwACIQCNHJdBqkgiBk7OICiGqlcnklnK9wf4okEYP4iC2UpSUQ==\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJjMjRmMDc4ODE4NzNjMWQ0NjAyMjg3OTVjYTZjYThjOTkxMzBlMzBjNzczYzkxNDYzZDMwZDdlYThmZjBlNzBiIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUROejA2OHVmUE1tRUNZL3JldUdNSGRBbUhoazc1MHNaNHdTKytsY1g1Z0xRSWdLdzN1S1oydm9Jd2FMSWk1dFl3d2JBOUZUaFVHK05NUDViYmwyS0xSYXZjPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZla05EUVd4WFowRjNTVUpCWjBsVlZFNXhjbTF5TDAweWJXbG9kRVYzVGpoUE1rWjVUVEp4TVhFMGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDFVUlRCTlZGbDNUVlJWZDFkb1kwNU5hbFYzVFZSRk1FMVVXWGhOVkZWM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZZUm5sRWRrUlBaR292V1VGVmR6WldkME5pWTJOUWRXRkhXRlpzVDA1a0x5dDVWVElLZHpad2FrOTFZMDQzV0U1eVMxRjZVbU15Y0RCQ09EZGxObVpDU2s1MGNuWnZVWE5yUzIwMVp6VlNXbEpPU1dGVWNtRlBRMEZZVVhkblowWjNUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlVyUm1WdENtMXhjVk5IYTB4bFNIQmxhRzFXVkN0UEx6SldSREZOZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoUldVUldVakJTUVZGSUwwSkNUWGRGV1VWUVlVaFdibUl3UW5kbFdGSnZZakkwZFdJelNtNU5RM2RIUTJselIwRlJVVUpuTnpoM1FWRkZSUXBJYldnd1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemx6WWpKa2NHSnBPWFpaV0ZZd1lVUkJkVUpuYjNKQ1owVkZRVmxQTDAxQlJVbENRMEZOQ2todGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndZbWs1ZGxsWVZqQmhSRU5DYVhkWlMwdDNXVUpDUVVoWFpWRkpSVUZuVWprS1FraHpRV1ZSUWpOQlRqQTVUVWR5UjNoNFJYbFplR3RsU0Vwc2JrNTNTMmxUYkRZME0ycDVkQzgwWlV0amIwRjJTMlUyVDBGQlFVSnNSMWROZG5oclFRcEJRVkZFUVVWbmQxSm5TV2hCVFdSRE5VZEZja2RhV1dkWFlXUk1hRU5qYlVONFVqTjNRVm80YWxOV2FGUnBhMEU0U0hsSlRWVnFTMEZwUlVGcVdsRk5DbkJ1ZDI5WVozaE9SVmhIUVhNNFNpOU5lWGg0Y0RWTWEzazNNVGt6T1Rkc09XNW9aRkJyT0hkRFoxbEpTMjlhU1hwcU1FVkJkMDFFWVVGQmQxcFJTWGdLUVUxalUxUXhTSGd3Vm5oSWN6aGtTRFJtVms1dVNraFNjVWhXTnpCbk5HZFhXRTlWWVdoWVQyZzRObkJNWW5aUFQzTkhjVTB6ZHpodk0ydFZhR3BQTndwdlFVbDNVa05hYVZab1JHcEVjVFU1YVVSWU5pOUpUemR0Unk5bmQwNVlRbFp4UzFOUVpHTlpVbE0yYkM5VGVFMHpTbEpQVW5vNFVVTlJTek5JZEUwMUNsUlFkbTBLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}]}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "wk8HiBhzwdRgIoeVymyoyZEw4wx3PJFGPTDX6o/w5ws="}, "signature": "MEUCIQDNz068ufPMmECY/reuGMHdAmHhk750sZ4wS++lcX5gLQIgKw3uKZ2voIwaLIi5tYwwbA9FThUG+NMP5bbl2KLRavc="}} diff --git a/Python-3.14.0a5.tar.xz b/Python-3.14.0a5.tar.xz new file mode 100644 index 0000000..acbcac8 --- /dev/null +++ b/Python-3.14.0a5.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:74e83f26de1e4fb9eef1b56492cff92508834bb71ac13f5c580438ce9f093682 +size 22859900 diff --git a/Python-3.14.0a5.tar.xz.sigstore b/Python-3.14.0a5.tar.xz.sigstore new file mode 100644 index 0000000..4fd7573 --- /dev/null +++ b/Python-3.14.0a5.tar.xz.sigstore @@ -0,0 +1 @@ +{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICzTCCAlOgAwIBAgIUCBWax1Yv006eiUrTmVXnVEYP0acwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwMjEyMDc1NDE1WhcNMjUwMjEyMDgwNDE1WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVLFuPzDtOjejFwRdg4rACkVZkfQ10PXnoC8+U28wbs73RqyH7az/ArOWDhwvCruZCTOtm2QTWYCK30NDi/6q+KOCAXIwggFuMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUc0Iet3OpFv7Oq6lKxwe/rg2yFgowHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHQYDVR0RAQH/BBMwEYEPaHVnb0BweXRob24ub3JnMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBiQYKKwYBBAHWeQIEAgR7BHkAdwB1AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABlPkmxwAAAAQDAEYwRAIgFK4/2Od+BPgQZOqIOjCl7m37O9dFR6o8vvSxw3wLaKECICszaphh3ouecV37MD5cNSrC9OMoOvVUD1tL51NIygISMAoGCCqGSM49BAMDA2gAMGUCMQCNuzhin8H0+q2qxODgGrsKMpaSmK20VJxjmW+sEaEZzKROThaHevYwgFKOVFD1uj8CMBgy22e4sm2yW2tScetkOuYwgU3sSUycXRP9pKr9Gllfg9lOFlXC6/vnmvBuPRRjsA=="}, "tlogEntries": [{"logIndex": "170570053", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1739346856", "inclusionPromise": {"signedEntryTimestamp": "MEYCIQCGqYfCnbihbWn8mvWbiVe5x9xA/0Mvy2VRBnFm5E8ZZgIhAO6zmjkYA67Ttb7JKF5nn68KMvWi5MTzR+8o9xVq136S"}, "inclusionProof": {"logIndex": "48665791", "rootHash": "HzxfBCv2yi4J8G+S7TgoiMNBBo/wSkRjGDJfNOVUcTs=", "treeSize": "48665792", "hashes": ["b0yDjzNitZJIGTblWLhs4yUCBz6CKSng8isTxSgbsVE=", "dkJ2Yt1bEtBmpXpRN3vSmk+6+1j8GsOFEUA9iyueWhk=", "i1ABh9Dx8meNOBCr/HhTSupqNYK0LI+NnFjXmDfEgnY=", "MegLwopuwueYsc+JjT6t3LKiOJmtE0MguZsVB71COH0=", "FT+AWm/ITpPN+fIVrNXLPTjNvmfTVoGQfCV+uE6gZ8w=", "kRkMXhEDVcanV+ajODgw+9wD30fMQgV1vmvCfUV8ba0=", "6Z0kSTNv87FgCP6fBI6QTIRs0ABTmLD9tgAbSWRDRr0=", "p39Aj7k63Y8N82q5GXzhIzuZSex0HZN+9xq7U1Sxdp4=", "jhYil8zet/V88Ox8NV66V1iBkETlEJ2qH+SXo+kfMb0=", "Z/HAKVPPWMW9bRNxiWSaI+beB8FjcG/QYDqBuAZMTsY=", "cgbhJqDRiWT+2XKIQ9ch9WJ+6uwysr3Vn01jUW3nyv0=", "0NILEMXlPNU3cLx3pWSpe/u8BfMuXFyP+6HIsWDtkAU=", "3G1CfELRgkrpGc7BJBsecW/HvOojsTHpl40WsoH/3A0=", "Zse3BPkR/cJv62LvVuiDH+EpgIE5v3V3qXdG8HQFf1A=", "jU9+tgjTIKUYGeU7T7RjqyL+F+gFV9tCdwX2GZ1UtQs=", "vemyaMj0Na1LMjbB/9Dmkq8T+jAb3o+yCESgAayUABU="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n48665792\nHzxfBCv2yi4J8G+S7TgoiMNBBo/wSkRjGDJfNOVUcTs=\n\n\u2014 rekor.sigstore.dev wNI9ajBFAiEA3ZglJ4aYKUNaTJ96mujk5pcgWAj6iiwpmuUtpKIepGQCIGsrkTWsS2nFwjAv95ctdnJZK7cSvUMf+milS4alGlu9\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI3NGU4M2YyNmRlMWU0ZmI5ZWVmMWI1NjQ5MmNmZjkyNTA4ODM0YmI3MWFjMTNmNWM1ODA0MzhjZTlmMDkzNjgyIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJQVlIaGJLVVNTZldtMmNqV2hWYmhtUXdEUTdtR0lpcGdCVEpKaXFrdEtmdEFpRUE2VUszY3huRE5iZ0g1QnYzalBLanZzL2c5YjRrT1NNVTEvTUs2cmN1RklBPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZWRU5EUVd4UFowRjNTVUpCWjBsVlEwSlhZWGd4V1hZd01EWmxhVlZ5VkcxV1dHNVdSVmxRTUdGamQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDFxUlhsTlJHTXhUa1JGTVZkb1kwNU5hbFYzVFdwRmVVMUVaM2RPUkVVeFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZXVEVaMVVIcEVkRTlxWldwR2QxSmtaelJ5UVVOclZscHJabEV4TUZCWWJtOURPQ3NLVlRJNGQySnpOek5TY1hsSU4yRjZMMEZ5VDFkRWFIZDJRM0oxV2tOVVQzUnRNbEZVVjFsRFN6TXdUa1JwTHpaeEswdFBRMEZZU1hkblowWjFUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZqTUVsbENuUXpUM0JHZGpkUGNUWnNTM2gzWlM5eVp6SjVSbWR2ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoUldVUldVakJTUVZGSUwwSkNUWGRGV1VWUVlVaFdibUl3UW5kbFdGSnZZakkwZFdJelNtNU5RM2RIUTJselIwRlJVVUpuTnpoM1FWRkZSUXBJYldnd1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemx6WWpKa2NHSnBPWFpaV0ZZd1lVUkJkVUpuYjNKQ1owVkZRVmxQTDAxQlJVbENRMEZOQ2todGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndZbWs1ZGxsWVZqQmhSRU5DYVZGWlMwdDNXVUpDUVVoWFpWRkpSVUZuVWpjS1FraHJRV1IzUWpGQlRqQTVUVWR5UjNoNFJYbFplR3RsU0Vwc2JrNTNTMmxUYkRZME0ycDVkQzgwWlV0amIwRjJTMlUyVDBGQlFVSnNVR3R0ZUhkQlFRcEJRVkZFUVVWWmQxSkJTV2RHU3pRdk1rOWtLMEpRWjFGYVQzRkpUMnBEYkRkdE16ZFBPV1JHVWpadk9IWjJVM2gzTTNkTVlVdEZRMGxEYzNwaGNHaG9Dak52ZFdWalZqTTNUVVExWTA1VGNrTTVUMDF2VDNaV1ZVUXhkRXcxTVU1SmVXZEpVMDFCYjBkRFEzRkhVMDAwT1VKQlRVUkJNbWRCVFVkVlEwMVJRMDRLZFhwb2FXNDRTREFyY1RKeGVFOUVaMGR5YzB0TmNHRlRiVXN5TUZaS2VHcHRWeXR6UldGRlducExVazlVYUdGSVpYWlpkMmRHUzA5V1JrUXhkV280UXdwTlFtZDVNakpsTkhOdE1ubFhNblJUWTJWMGEwOTFXWGRuVlROelUxVjVZMWhTVURsd1MzSTVSMnhzWm1jNWJFOUdiRmhETmk5MmJtMTJRblZRVWxKcUNuTkJQVDBLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}]}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "dOg/Jt4eT7nu8bVkks/5JQiDS7cawT9cWAQ4zp8JNoI="}, "signature": "MEUCIAYHhbKUSSfWm2cjWhVbhmQwDQ7mGIipgBTJJiqktKftAiEA6UK3cxnDNbgH5Bv3jPKjvs/g9b4kOSMU1/MK6rcuFIA="}} diff --git a/python314.changes b/python314.changes index 622b0f0..51be4ae 100644 --- a/python314.changes +++ b/python314.changes @@ -1,3 +1,421 @@ +------------------------------------------------------------------- +Wed Feb 12 21:20:43 UTC 2025 - Matej Cepl + +- Update to the fifth development version of 3.14.0: + - Tools/Demos + - gh-129248: The iOS test runner now strips the log prefix + from each line output by the test suite. + - gh-104400: Fix several bugs in extraction by switching to + an AST parser in pygettext. + - Tests + - gh-129386: Add test.support.reset_code, which can be used + to reset various bytecode-level optimizations and local + instrumentation for a function. + - gh-128474: Disable test_embed test cases that segfault on + BOLT instrument binaries. The tests are only disabled when + BOLT is enabled. + - gh-128003: Add an option --parallel-threads=N to the + regression test runner that runs individual tests in + multiple threads in parallel in order to find concurrency + bugs. Note that most of the test suite is not yet reviewed + for thread-safety or annotated with @thread_unsafe when + necessary. + - Security + - gh-105704: When using urllib.parse.urlsplit() and + urllib.parse.urlparse() host parsing would not reject + domain names containing square brackets ([ and ]). Square + brackets are only valid for IPv6 and IPvFuture hosts + according to RFC 3986 Section 3.2.2. (bsc#1236705, + CVE-2025-0938, gh#python/cpython#105704). + - gh-126108: Fix a possible NULL pointer dereference in + PySys_AddWarnOptionUnicode(). + - gh-80222: Fix bug in the folding of quoted strings + when flattening an email message using a modern email + policy. Previously when a quoted string was folded so + that it spanned more than one line, the surrounding + quotes and internal escapes would be omitted. This could + theoretically be used to spoof header lines using a + carefully constructed quoted string if the resulting + rendered email was transmitted or re-parsed. + - gh-119511: Fix a potential denial of service in the imaplib + module. When connecting to a malicious server, it could + cause an arbitrary amount of memory to be allocated. On + many systems this is harmless as unused virtual memory is + only a mapping, but if this hit a virtual address size + limit it could lead to a MemoryError or other process + crash. On unusual systems or builds where all allocated + memory is touched and backed by actual ram or storage + it could’ve consumed resources doing so until similarly + crashing. + - Library + - gh-129939: Comparison pages with highlighted changes + generated by the difflib.HtmlDiff class now support dark + mode. + - gh-129928: Raise sqlite3.ProgrammingError if a user-defined + SQL function with invalid number of parameters is + created. Patch by Erlend Aasland. + - gh-129583: Update bundled pip to 25.0.1 + - gh-129766: Fix crash in warnings, when calling + _release_lock() with no existing lock. + - gh-129005: _pyio.FileIO.readall() now allocates, resizes, + and fills a data buffer using the same algorithm + _io.FileIO.readall() uses. + - gh-129646: Update the locale alias mapping in the locale + module to match the latest X Org locale alias mapping and + support new locales in Glibc 2.41. + - gh-128317: Put CLI calendar highlighting in private class, + removing highlight_day from public calendar.TextCalendar + API. Patch by Hugo van Kemenade. + - gh-129603: Fix bugs where sqlite3.Row objects could + segfault if their inherited description was set to + None. Patch by Erlend Aasland. + - gh-129559: Add bytearray.resize() method so bytearray can + be efficiently resized in place. + - gh-129502: Unlikely errors in preparing arguments for + ctypes callback are now handled in the same way as errors + raised in the callback of in converting the result of + the callback – using sys.unraisablehook() instead of + sys.excepthook() and not setting sys.last_exc and other + variables. + - gh-129403: Corrected ValueError message for asyncio.Barrier + and threading.Barrier. + - gh-129409: Fix an integer overflow in the csv module when + writing a data field larger than 2GB. + - gh-126400: Add a socket timeout keyword argument to + logging.handlers.SysLogHandler. + - gh-118761: Always lazy import warnings in threading. Patch + by Taneli Hukkinen. + - gh-118761: Improve import time of subprocess by lazy + importing locale and signal. Patch by Taneli Hukkinen. + - gh-129346: In sqlite3, handle out-of-memory when creating + user-defined SQL functions. + - gh-129005: Optimize _pyio.FileIO.readinto by avoiding + unnecessary objects and copies using os.readinto(). + - gh-129195: Support reporting call graph information from + asyncio.staggered.staggered_race(). + - gh-129205: Add os.readinto() to read into a buffer object + from a file descriptor. + - gh-128772: Fix pydoc for methods with the __module__ + attribute equal to None. + - gh-129061: Fix FORCE_COLOR and NO_COLOR when empty + strings. Patch by Hugo van Kemenade. + - gh-92897: Scheduled the deprecation of the check_home + argument of sysconfig.is_python_build() to Python 3.15. + - gh-129064: Deprecate sysconfig.expand_makefile_vars(), + in favor of using sysconfig.get_paths() with the vars + argument. + - gh-128550: Removed an incorrect optimization relating + to eager tasks in asyncio.TaskGroup that resulted in + cancellations being missed. + - gh-128991: Release the enter frame reference within bdb + callback + - gh-118761: Reduce import time of pstats and zipfile by up + to 20%, by removing unnecessary imports to typing. Patch by + Bénédikt Tran. + - gh-128978: Fix a NameError in + sysconfig.expand_makefile_vars(). Patch by Bénédikt Tran. + - gh-128961: Fix a crash when setting state on an exhausted + array.array iterator. + - gh-128894: Fix + traceback.TracebackException._format_syntax_error not to + fail on exceptions with custom metadata. + - gh-128916: Do not attempt to set SO_REUSEPORT on sockets of + address families other than AF_INET and AF_INET6, as it is + meaningless with these address families, and the call with + fail with Linux kernel 6.12.9 and newer. + - gh-118761: Improve import time of tomllib by removing + typing, string, and tomllib._types imports. Patch by Taneli + Hukkinen. + - gh-128679: tracemalloc: Fix race conditions when + tracemalloc.stop() is called by a thread, while other + threads are tracing memory allocations. Patch by Victor + Stinner. + - gh-128891: Add specialized opcodes to opcode.opname. + - gh-118761: Reduce import time of gettext by up to ten + times, by importing re on demand. In particular, re is + no longer implicitly exposed as gettext.re. Patch by Eli + Schwartz. + - gh-118761: Reduce the import time of optparse when no help + text is printed. Patch by Eli Schwartz. + - gh-128657: Fix possible extra reference when using objects + returned by hashlib.sha256() under free threading. + - gh-118761: Reduce the import time of csv by up to five + times, by importing re on demand. In particular, re is no + more implicitly exposed as csv.re. Patch by Bénédikt Tran. + - gh-128308: Support the name keyword argument + for eager tasks in asyncio.loop.create_task(), + asyncio.create_task() and asyncio.TaskGroup.create_task(), + by passing on all kwargs to the task factory set by + asyncio.loop.set_task_factory(). + - gh-118761: Improve the performance of base64.b16decode() + by up to ten times by more efficiently checking the + byte-string for hexadecimal digits. Reduce the import + time of base64 by up to six times, by no longer importing + re. Patch by Bénédikt Tran, Chris Markiewicz, and Adam + Turner. + - gh-128156: When using macOS system libffi, support for + complex types in ctypes is now checked at runtime (macOS + 10.15 or newer). The types must also be available at build + time. + - gh-128636: Fix PyREPL failure when os.environ is + overwritten with an invalid value. + - gh-128498: Default to stdout isatty for color detection + instead of stderr. Patch by Hugo van Kemenade. + - gh-128384: Add locking to warnings to avoid some + data races when free-threading is used. Change + _warnings_runtime_state.mutex to be a recursive mutex + and expose it to warnings, via the _acquire_lock() and + _release_lock() functions. The lock is held when filters + and _filters_version are updated. + - gh-128509: Add sys._is_immortal() for identifying immortal + objects at runtime. + - gh-128479: Fix asyncio.staggered.staggered_race() leaking + tasks and issuing an unhandled exception. + - gh-128427: uuid.NIL and uuid.MAX are now available to + represent the Nil and Max UUID formats as defined by RFC + 9562. + - gh-91279: zipfile.ZipFile.writestr() now respect + SOURCE_DATE_EPOCH that distributions can set centrally + and have build tools consume this in order to produce + reproducible output. + - gh-112064: Fix incorrect handling of negative read sizes in + HTTPResponse.read. Patch by Yury Manushkin. + - gh-58956: Fixed a frame reference leak in bdb. + - gh-128131: Completely support random access of uncompressed + unencrypted read-only zip files obtained by ZipFile.open. + - gh-127975: Avoid reusing quote types in ast.unparse() if + not needed. + - gh-115514: Fix exceptions and incomplete writes after + asyncio._SelectorTransport is closed before writes are + completed. + - gh-121604: Add missing Deprecation warnings for + importlib.machinery.DEBUG_BYTECODE_SUFFIXES, + importlib.machinery.OPTIMIZED_BYTECODE_SUFFIXES, + importlib.machinery.WindowsRegistryFinder, + importlib.abc.ResourceLoader, + importlib.abc.SourceLoader.path_mtime(). + - gh-127873: When -E is set, only ignore PYTHON_COLORS + and not FORCE_COLOR/NO_COLOR/TERM when colourising + output. Patch by Hugo van Kemenade. + - gh-125413: Add pathlib.Path.info attribute, which stores + an object implementing the pathlib.types.PathInfo protocol + (also new). The object supports querying the file type and + internally caching stat() results. Path objects generated + by iterdir() are initialized with file type information + gleaned from scanning the parent directory. + - gh-127712: Fix handling of the secure argument of + logging.handlers.SMTPHandler. + - gh-127096: Do not recreate unnamed section on every read in + configparser.ConfigParser. Patch by Andrey Efremov. + - gh-124369: Deprecate pdb.Pdb.curframe_locals + - gh-126332: Fix _pyrepl crash when entering a double CTRL-Z + on an overflowing line. + - gh-125553: Fix round-trip invariance for backslash + continuations in tokenize.untokenize(). + - gh-91048: Add asyncio.capture_call_graph() and + asyncio.print_call_graph() functions. + - gh-124703: Quitting pdb in inline mode will emit a + confirmation prompt and exit gracefully now, instead of + printing an exception traceback. + - gh-123987: Fixed issue in NamespaceReader where a non-path + item in a namespace path, such as a sentinel added by an + editable installer, would break resource loading. + - gh-119349: Add the ctypes.util.dllist() function to list + the loaded shared libraries for the current process. + - gh-55454: Add IMAP4 IDLE support to the imaplib + module. Patch by Forest. + - gh-119257: Show tab completions menu below the current + line, which results in less janky behaviour, and fixes a + cursor movement bug. Patch by Daniel Hollas + - gh-101410: Support custom messages for domain errors in the + math module (math.sqrt(), math.log() and math.atanh() were + modified as examples). Patch by Charlie Zhao and Sergey B + Kirpichev. + - gh-81340: Use os.copy_file_range() in shutil.copy(), + shutil.copy2(), and shutil.copyfile() functions by + default. An underlying Linux system call gives filesystems + an opportunity to implement the use of copy-on-write (in + case of btrfs and XFS) or server-side copy (in the case of + NFS.) Patch by Illia Volochii. + - bpo-27307: Add attribute and item access support to + string.Formatter in auto-numbering mode, which allows + format strings like ‘{.name}’ and ‘{[1]}’. + - IDLE + - gh-129873: Simplify displaying the IDLE doc by only copying + the text section of idle.html to idlelib/help.html. Patch + by Stan Ulbrych. + - Documentation + - gh-125722: Require Sphinx 8.1.3 or later to build the + Python documentation. Patch by Adam Turner. + - gh-67206: Document that string.printable is not + printable in the POSIX sense. In particular, + string.printable.isprintable() returns False. Patch by + Bénédikt Tran. + - Core and Builtins + - gh-100239: Replace the opcode BINARY_SUBSCR and its family + by BINARY_OP with oparg NB_SUBSCR. + - gh-129732: Fixed a race in _Py_qsbr_reserve in the free + threading build. + - gh-129763: Remove the internal LLTRACE macro (use Py_DEBUG + instead). + - gh-129715: Improve JIT performance for generators. + - gh-129643: Fix thread safety of PyList_Insert() in + free-threading builds. + - gh-129668: Fix race condition when raising MemoryError in + the free threaded build. + - gh-129643: Fix thread safety of PyList_SetItem() in + free-threading builds. Patch by Kumar Aditya. + - gh-128563: Fix an issue where the “lltrace” debug feature + could have been incorrectly enabled for some frames. + - gh-129393: On FreeBSD, sys.platform doesn’t contain the + major version anymore. It is always 'freebsd', instead of + 'freebsd13' or 'freebsd14'. + - gh-129345: Fix null pointer dereference in syslog.openlog() + when an audit hook raises an exception. + - gh-129231: Improve memory layout of JIT traces. Patch by + Diego Russo + - gh-129149: Add fast path for medium-size integers in + PyLong_FromUnsignedLong(), PyLong_FromUnsignedLongLong() + and PyLong_FromSize_t(). + - gh-129201: The free-threaded version of the cyclic garbage + collector has been optimized to conditionally use CPU + prefetch instructions during the collection. This can + reduce collection times by making it more likely that + data is in the CPU cache when it is needed. The prefetch + instructions are enabled if the number of long-lived + objects (objects surviving a full collection) exceeds a + threshold. + - gh-129093: Fix f-strings such as f'{expr=}' sometimes not + displaying the full expression when the expression contains + !=. + - gh-124363: Treat debug expressions in f-string as raw + strings. Patch by Pablo Galindo + - gh-128714: Fix the potential races in get/set dunder + methods __annotations__, __annotate__ and __type_params__ + for function object, and add related tests. + - gh-128799: Add frame of except* to traceback when it wraps + a naked exception. + - gh-128842: Collect JIT memory stats using pystats. Patch by + Diego Russo. + - gh-100239: Specialize BINARY_OP for bitwise logical + operations on compact ints. + - gh-128910: Undocumented and unused private C-API functions + _PyTrash_begin and _PyTrash_end are removed. + - gh-128807: Add a marking phase to the free-threaded + GC. This is similar to what was done in gh-126491. Since + the free-threaded GC does not have generations and is + not incremental, the marking phase looks for all objects + reachable from known roots. The roots are objects known to + not be garbage, like the module dictionary for sys. For + most programs, this marking phase should make the GC a bit + faster since typically less work is done per object. + - gh-100239: Add opcode BINARY_OP_EXTEND which executes a + pair of functions (guard and specialization functions) + accessed from the inline cache. + - gh-128563: A new type of interpreter has been added + to CPython. This interpreter uses tail calls for its + instruction handlers. Preliminary benchmark results suggest + 7-11% geometric mean faster on pyperformance (depending + on platform), and up to 30% faster on Python-intensive + workloads. This interpreter currently only works on newer + compilers, such as clang-19. Other compilers will continue + using the old interpreter. Patch by Ken Jin, with ideas on + how to implement this in CPython by Mark Shannon, Garret + Gu, Haoran Xu, and Josh Haberman. + - gh-126703: Improve performance of iterating over lists and + tuples by using a freelist for the iterator objects. + - gh-127953: The time to handle a LINE event in + sys.monitoring (and sys.settrace) is now independent of the + number of lines in the code object. + - gh-128330: Restore terminal control characters on REPL + exit. + - gh-128016: Improved the SyntaxWarning message for invalid + escape sequences to clarify that such sequences will raise + a SyntaxError in future Python releases. The new message + also suggests a potential fix, i.e., Did you mean "\\e"?. + - gh-126004: Fix handling of UnicodeError.start and + UnicodeError.end values in the codecs.replace_errors() + error handler. Patch by Bénédikt Tran. + - gh-126004: Fix handling of UnicodeError.start + and UnicodeError.end values in the + codecs.backslashreplace_errors() error handler. Patch by + Bénédikt Tran. + - gh-126004: Fix handling of UnicodeError.start + and UnicodeError.end values in the + codecs.xmlcharrefreplace_errors() error handler. Patch by + Bénédikt Tran. + - gh-127119: Slightly optimize the int deallocator. + - gh-127349: Fixed the error when resizing terminal in Python + REPL. Patch by Semyon Moroz. + - gh-125723: Fix crash with gi_frame.f_locals when generator + frames outlive their generator. Patch by Mikhail Efimov. + - gh-126349: Add turtle.fill(), turtle.poly() and + turtle.no_animation() context managers. Patch by Marie + Roald and Yngve Mardal Moe. + - gh-115911: If the current working directory cannot be + determined due to permissions, then import will no longer + raise PermissionError. Patch by Alex Willmer. + - gh-112713: Added support for the Partitioned cookie flag in + http.cookies. + - C API + - gh-129533: Update PyGC_Enable(), PyGC_Disable(), + PyGC_IsEnabled() to use atomic operation for thread-safety + at free-threading build. Patch by Donghee Na. + - gh-89188: Implement PyUnicode_KIND() and PyUnicode_DATA() + as function, in addition to the macros with the same + names. The macros rely on C bit fields which have + compiler-specific layout. Patch by Victor Stinner. + - gh-91417: Remove PySequence_Fast() from the limited + C API, since this function has to be used with + PySequence_Fast_GET_ITEM which never worked in the limited + C API. Patch by Victor Stinner. + - gh-128509: Add PyUnstable_IsImmortal() for determining + whether an object is immortal. + - gh-129033: Remove _PyInterpreterState_GetConfigCopy() and + _PyInterpreterState_SetConfig() private functions. Use + instead PyConfig_Get() and PyConfig_Set(), public C API + added by PEP 741 “Python Configuration C API”. Patch by + Victor Stinner. + - gh-129033: Remove the private _Py_InitializeMain() + function. It was a provisional API added to Python 3.8 by + PEP 587. Patch by Victor Stinner. + - gh-128844: Add PyUnstable_TryIncRef() and + PyUnstable_EnableTryIncRef() unstable APIs. These + are helpers for dealing with unowned references in a + thread-safe way, particularly in the free threading build. + - gh-128911: Add PyImport_ImportModuleAttr() and + PyImport_ImportModuleAttrString() helper functions to + import a module and get an attribute of the module. Patch + by Victor Stinner. + - gh-128863: The following private functions are deprecated + and planned for removal in Python 3.18: + _PyBytes_Join(): use PyBytes_Join(). + _PyDict_GetItemStringWithError(): use PyDict_GetItemStringRef(). + _PyDict_Pop(): use PyDict_Pop(). + _PyLong_Sign(): use PyLong_GetSign(). + _PyLong_FromDigits() and _PyLong_New(): use PyLongWriter_Create(). + _PyThreadState_UncheckedGet(): use PyThreadState_GetUnchecked(). + _PyUnicode_AsString(): use PyUnicode_AsUTF8(). + _Py_HashPointer(): use Py_HashPointer(). + _Py_fopen_obj(): use Py_fopen(). + The pythoncapi-compat project can be used to get these new + public functions on Python 3.13 and older. Patch by Victor Stinner. + - gh-126599: Remove some internal test APIs for the + experimental JIT compiler. + - gh-127925: Convert the decimal module to use PEP 757 C API + (export-import integers), offering some speed-up if the + integer part of the Decimal instance is small. Patch by + Sergey B Kirpichev. + - Build + - gh-129660: Drop test_embed from PGO training, whose + contribution in recent versions is considered to be + ignorable. + - gh-128902: Fix compile errors with Clang 9 and older due to + lack of __attribute__((fallthrough)) support. +- Remove upstreamed patches: + - CVE-2025-0938-sq-brackets-domain-names.patch + - 314a4-no-SO_REUSEPORT.patch + ------------------------------------------------------------------- Tue Feb 4 14:43:13 UTC 2025 - Matej Cepl diff --git a/python314.spec b/python314.spec index c2d9409..61daa16 100644 --- a/python314.spec +++ b/python314.spec @@ -157,8 +157,8 @@ # _md5.cpython-38m-x86_64-linux-gnu.so %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so Name: %{python_pkg_name}%{psuffix} -Version: 3.14.0~a4 -%define tarversion 3.14.0a4 +Version: 3.14.0~a5 +%define tarversion 3.14.0a5 %define tarname Python-%{tarversion} Release: 0 Summary: Python 3 Interpreter @@ -216,12 +216,6 @@ Patch39: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch # PATCH-FIX-OPENSUSE fix-test-recursion-limit-15.6.patch gh#python/cpython#115083 # Skip some failing tests in test_compile for i586 arch in 15.6. Patch40: fix-test-recursion-limit-15.6.patch -# PATCH-FIX-UPSTREAM CVE-2025-0938-sq-brackets-domain-names.patch bsc#1236705 mcepl@suse.com -# functions `urllib.parse.urlsplit` and `urlparse` accept domain names including square brackets -Patch41: CVE-2025-0938-sq-brackets-domain-names.patch -# PATCH-FIX-UPSTREAM 314a4-no-SO_REUSEPORT.patch gh#python/cpython#128916 mcepl@suse.com -# changes in kernel break Python tests -Patch42: 314a4-no-SO_REUSEPORT.patch #### Python 3.14 DEVELOPMENT PATCHES BuildRequires: autoconf-archive BuildRequires: automake