forked from pool/python39
Matej Cepl
64818e1d6b
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
- Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so
that it spanned more than one line, the surrounding
quotes and internal escapes would be omitted. This could
theoretically be used to spoof header lines using a
carefully constructed quoted string if the resulting
rendered email was transmitted or re-parsed.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, §2.5. Patch by Bénédikt Tran.
- bpo-43633: Improve the textual representation of
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=233
58 lines
2.3 KiB
Diff
58 lines
2.3 KiB
Diff
From 910f38d9768d39d4d31426743ae4081ed1ab66b6 Mon Sep 17 00:00:00 2001
|
|
From: Michal Cyprian <m.cyprian@gmail.com>
|
|
Date: Mon, 26 Jun 2017 16:32:56 +0200
|
|
Subject: [PATCH] 00251: Change user install location
|
|
|
|
Set values of prefix and exec_prefix in distutils install command
|
|
to /usr/local if executable is /usr/bin/python* and RPM build
|
|
is not detected to make pip and distutils install into separate location.
|
|
|
|
Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe
|
|
---
|
|
Lib/distutils/command/install.py | 15 +++++++++++++--
|
|
Lib/site.py | 9 ++++++++-
|
|
2 files changed, 21 insertions(+), 3 deletions(-)
|
|
|
|
--- a/Lib/distutils/command/install.py
|
|
+++ b/Lib/distutils/command/install.py
|
|
@@ -419,8 +419,19 @@ class install(Command):
|
|
raise DistutilsOptionError(
|
|
"must not supply exec-prefix without prefix")
|
|
|
|
- self.prefix = os.path.normpath(sys.prefix)
|
|
- self.exec_prefix = os.path.normpath(sys.exec_prefix)
|
|
+ # self.prefix is set to sys.prefix + /local/
|
|
+ # if neither RPM build nor virtual environment is
|
|
+ # detected to make pip and distutils install packages
|
|
+ # into the separate location.
|
|
+ if (not (hasattr(sys, 'real_prefix') or
|
|
+ sys.prefix != sys.base_prefix) and
|
|
+ 'RPM_BUILD_ROOT' not in os.environ):
|
|
+ addition = "/local"
|
|
+ else:
|
|
+ addition = ""
|
|
+
|
|
+ self.prefix = os.path.normpath(sys.prefix) + addition
|
|
+ self.exec_prefix = os.path.normpath(sys.exec_prefix) + addition
|
|
|
|
else:
|
|
if self.exec_prefix is None:
|
|
--- a/Lib/site.py
|
|
+++ b/Lib/site.py
|
|
@@ -362,7 +362,14 @@ def getsitepackages(prefixes=None):
|
|
return sitepackages
|
|
|
|
def addsitepackages(known_paths, prefixes=None):
|
|
- """Add site-packages to sys.path"""
|
|
+ """Add site-packages to sys.path
|
|
+
|
|
+ '/usr/local' is included in PREFIXES if RPM build is not detected
|
|
+ to make packages installed into this location visible.
|
|
+
|
|
+ """
|
|
+ if ENABLE_USER_SITE and 'RPM_BUILD_ROOT' not in os.environ:
|
|
+ PREFIXES.insert(0, "/usr/local")
|
|
for sitedir in getsitepackages(prefixes):
|
|
if os.path.isdir(sitedir):
|
|
addsitedir(sitedir, known_paths)
|