Accepting request 1240582 from devel:languages:python

- Update to 1.0.6 * drop testing and support for Python3.8, add Python 3.13, change document to reflect this. * implement safe_getattr and safe_format functions; fix bugs in UNSAFE_ATTRS and UNSAFE_ATTRS_DTYPES usage (bsc#1236405, CVE-2025-24359) * make all procedure attributes private to curb access to AST nodes, which can be exploited * improvements to error messages, including use ast functions to construct better error messages * remove import of numpy.linalg, as documented * update doc description for security advisory OBS-URL: https://build.opensuse.org/request/show/1240582 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asteval?expand=0&rev=21
2025-01-27 19:57:33 +00:00
parent c14e972703 2a11a765e3
commit c6fa0184b5
4 changed files with 21 additions and 5 deletions
--- a/asteval-1.0.5.tar.gz
+++ b/asteval-1.0.5.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bac3c8dd6d2b789e959cfec9bb296fb8338eec066feae618c462132701fbc665
-size 50826
--- a/asteval-1.0.6.tar.gz
+++ b/asteval-1.0.6.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1aa8e7304b2e171a90d64dd269b648cacac4e46fe5de54ac0db24776c0c4a19f
+size 52079
--- a/python-asteval.changes
+++ b/python-asteval.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Mon Jan 27 12:42:41 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 1.0.6
+  * drop testing and support for Python3.8, add Python 3.13,
+    change document to reflect this.
+  * implement safe_getattr and safe_format functions; fix bugs
+    in UNSAFE_ATTRS and UNSAFE_ATTRS_DTYPES usage (bsc#1236405,
+    CVE-2025-24359)
+  * make all procedure attributes private to curb access to AST
+    nodes, which can be exploited
+  * improvements to error messages, including use ast functions
+    to construct better error messages
+  * remove import of numpy.linalg, as documented
+  * update doc description for security advisory
+
 -------------------------------------------------------------------
 Thu Oct 10 15:41:37 UTC 2024 - Dirk Müller <dmueller@suse.com>

--- a/python-asteval.spec
+++ b/python-asteval.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-asteval
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@

 %{?sle15_python_module_pythons}
 Name:           python-asteval
-Version:        1.0.5
+Version:        1.0.6
 Release:        0
 Summary:        Safe, minimalistic evaluator of python expression using ast module
 License:        MIT