From e8a35797e65a8509ac6e3ec9541361fe2cc39b685bdd0baca855218d46509688 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Thu, 27 Apr 2023 21:53:08 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=203.10.11:=20=20=20-=20Core=20a?= =?UTF-8?q?nd=20Builtins=20=20=20=20=20-=20gh-102416:=20Do=20not=20memoize?= =?UTF-8?q?=20incorrectly=20automatically=20=20=20=20=20=20=20generated=20?= =?UTF-8?q?loop=20rules=20in=20the=20parser.=20Patch=20by=20Pablo=20Galind?= =?UTF-8?q?o.=20=20=20=20=20-=20gh-102356:=20Fix=20a=20bug=20that=20caused?= =?UTF-8?q?=20a=20crash=20when=20deallocating=20=20=20=20=20=20=20deeply?= =?UTF-8?q?=20nested=20filter=20objects.=20Patch=20by=20Marta=20G=C3=B3mez?= =?UTF-8?q?=20Mac=C3=ADas.=20=20=20=20=20-=20gh-102397:=20Fix=20segfault?= =?UTF-8?q?=20from=20race=20condition=20in=20signal=20=20=20=20=20=20=20ha?= =?UTF-8?q?ndling=20during=20garbage=20collection.=20Patch=20by=20Kumar=20?= =?UTF-8?q?Aditya.=20=20=20=20=20-=20gh-102126:=20Fix=20deadlock=20at=20sh?= =?UTF-8?q?utdown=20when=20clearing=20thread=20=20=20=20=20=20=20states=20?= =?UTF-8?q?if=20any=20finalizer=20tries=20to=20acquire=20the=20runtime=20h?= =?UTF-8?q?ead=20=20=20=20=20=20=20lock.=20Patch=20by=20Kumar=20Aditya.=20?= =?UTF-8?q?=20=20=20=20-=20gh-102027:=20Fix=20SSE2=20and=20SSE3=20detectio?= =?UTF-8?q?n=20in=20=5Fblake2=20internal=20=20=20=20=20=20=20module.=20Pat?= =?UTF-8?q?ch=20by=20Max=20Bachmann.=20=20=20=20=20-=20gh-101967:=20Fix=20?= =?UTF-8?q?possible=20segfault=20in=20=20=20=20=20=20=20positional=5Fonly?= =?UTF-8?q?=5Fpassed=5Fas=5Fkeyword=20function,=20when=20new=20list=20=20?= =?UTF-8?q?=20=20=20=20=20created.=20=20=20=20=20-=20gh-101765:=20Fix=20Sy?= =?UTF-8?q?stemError=20/=20segmentation=20fault=20in=20iter=20=20=20=20=20?= =?UTF-8?q?=20=20=5F=5Freduce=5F=5F=20when=20internal=20access=20of=20buil?= =?UTF-8?q?tins.=5F=5Fdict=5F=5F=20keys=20=20=20=20=20=20=20mutates=20the?= =?UTF-8?q?=20iter=20object.=20=20=20-=20Library=20=20=20=20=20-=20gh-1029?= =?UTF-8?q?47:=20Improve=20traceback=20when=20dataclasses.fields()=20is=20?= =?UTF-8?q?=20=20=20=20=20=20called=20on=20a=20non-dataclass.=20Patch=20by?= =?UTF-8?q?=20Alex=20Waygood=20=20=20=20=20-=20gh-101979:=20Fix=20a=20bug?= =?UTF-8?q?=20where=20parentheses=20in=20the=20metavar=20=20=20=20=20=20?= =?UTF-8?q?=20argument=20to=20argparse.ArgumentParser.add=5Fargument()=20w?= =?UTF-8?q?ere=20=20=20=20=20=20=20dropped.=20Patch=20by=20Yeojin=20Kim.?= =?UTF-8?q?=20=20=20=20=20-=20gh-102179:=20Fix=20os.dup2()=20error=20messa?= =?UTF-8?q?ge=20for=20negative=20fds.=20=20=20=20=20-=20gh-101961:=20For?= =?UTF-8?q?=20the=20binary=20mode,=20fileinput.hookcompressed()=20=20=20?= =?UTF-8?q?=20=20=20=20doesn=E2=80=99t=20set=20the=20encoding=20value=20ev?= =?UTF-8?q?en=20if=20the=20value=20is=20=20=20=20=20=20=20None.=20Patch=20?= =?UTF-8?q?by=20Gihwan=20Kim.=20=20=20=20=20-=20gh-101936:=20The=20default?= =?UTF-8?q?=20value=20of=20fp=20becomes=20io.BytesIO?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=85 --- CVE-2007-4559-filter-tarfile_extractall.patch | 30 +++---- Python-3.10.10.tar.xz | 3 - Python-3.10.10.tar.xz.asc | 16 ---- Python-3.10.11.tar.xz | 3 + Python-3.10.11.tar.xz.asc | 16 ++++ invalid-json.patch | 44 ---------- python310.changes | 85 ++++++++++++++++++- python310.spec | 8 +- 8 files changed, 120 insertions(+), 85 deletions(-) delete mode 100644 Python-3.10.10.tar.xz delete mode 100644 Python-3.10.10.tar.xz.asc create mode 100644 Python-3.10.11.tar.xz create mode 100644 Python-3.10.11.tar.xz.asc delete mode 100644 invalid-json.patch diff --git a/CVE-2007-4559-filter-tarfile_extractall.patch b/CVE-2007-4559-filter-tarfile_extractall.patch index 6cbf07f..11e1e3e 100644 --- a/CVE-2007-4559-filter-tarfile_extractall.patch +++ b/CVE-2007-4559-filter-tarfile_extractall.patch @@ -1513,7 +1513,7 @@ Content-Transfer-Encoding: 8bit with open(os.path.join(TEMPDIR, "ustar/regtype"), "rb") as fobj: data = fobj.read() -@@ -454,7 +460,7 @@ class CommonReadTest(ReadTest): +@@ -455,7 +461,7 @@ class CommonReadTest(ReadTest): t = tar.next() with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"): @@ -1522,7 +1522,7 @@ Content-Transfer-Encoding: 8bit with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"): tar.extractfile(t).read() -@@ -609,16 +615,16 @@ class MiscReadTestBase(CommonReadTest): +@@ -610,16 +616,16 @@ class MiscReadTestBase(CommonReadTest): def test_extract_hardlink(self): # Test hardlink extraction (e.g. bug #857297). with tarfile.open(tarname, errorlevel=1, encoding="iso8859-1") as tar: @@ -1542,7 +1542,7 @@ Content-Transfer-Encoding: 8bit self.addCleanup(os_helper.unlink, os.path.join(TEMPDIR, "ustar/symtype")) with open(os.path.join(TEMPDIR, "ustar/symtype"), "rb") as f: data = f.read() -@@ -632,13 +638,14 @@ class MiscReadTestBase(CommonReadTest): +@@ -633,13 +639,14 @@ class MiscReadTestBase(CommonReadTest): os.mkdir(DIR) try: directories = [t for t in tar if t.isdir()] @@ -1559,7 +1559,7 @@ Content-Transfer-Encoding: 8bit def format_mtime(mtime): if isinstance(mtime, float): return "{} ({})".format(mtime, mtime.hex()) -@@ -661,7 +668,7 @@ class MiscReadTestBase(CommonReadTest): +@@ -662,7 +669,7 @@ class MiscReadTestBase(CommonReadTest): try: with tarfile.open(tarname, encoding="iso8859-1") as tar: tarinfo = tar.getmember(dirtype) @@ -1568,7 +1568,7 @@ Content-Transfer-Encoding: 8bit extracted = os.path.join(DIR, dirtype) self.assertEqual(os.path.getmtime(extracted), tarinfo.mtime) if sys.platform != "win32": -@@ -674,7 +681,7 @@ class MiscReadTestBase(CommonReadTest): +@@ -675,7 +682,7 @@ class MiscReadTestBase(CommonReadTest): with os_helper.temp_dir(DIR), \ tarfile.open(tarname, encoding="iso8859-1") as tar: directories = [t for t in tar if t.isdir()] @@ -1577,7 +1577,7 @@ Content-Transfer-Encoding: 8bit for tarinfo in directories: path = DIR / tarinfo.name self.assertEqual(os.path.getmtime(path), tarinfo.mtime) -@@ -685,7 +692,7 @@ class MiscReadTestBase(CommonReadTest): +@@ -686,7 +693,7 @@ class MiscReadTestBase(CommonReadTest): with os_helper.temp_dir(DIR), \ tarfile.open(tarname, encoding="iso8859-1") as tar: tarinfo = tar.getmember(dirtype) @@ -1586,7 +1586,7 @@ Content-Transfer-Encoding: 8bit extracted = DIR / dirtype self.assertEqual(os.path.getmtime(extracted), tarinfo.mtime) -@@ -1041,7 +1048,7 @@ class GNUReadTest(LongnameTest, ReadTest +@@ -1042,7 +1049,7 @@ class GNUReadTest(LongnameTest, ReadTest # an all platforms, and after that a test that will work only on # platforms/filesystems that prove to support sparse files. def _test_sparse_file(self, name): @@ -1595,7 +1595,7 @@ Content-Transfer-Encoding: 8bit filename = os.path.join(TEMPDIR, name) with open(filename, "rb") as fobj: data = fobj.read() -@@ -1408,7 +1415,8 @@ class WriteTest(WriteTestBase, unittest. +@@ -1409,7 +1416,8 @@ class WriteTest(WriteTestBase, unittest. with tarfile.open(temparchive, errorlevel=2) as tar: # this should not raise OSError: [Errno 17] File exists try: @@ -1605,7 +1605,7 @@ Content-Transfer-Encoding: 8bit except OSError: self.fail("extractall failed with symlinked files") finally: -@@ -2440,6 +2448,15 @@ class CommandLineTest(unittest.TestCase) +@@ -2441,6 +2449,15 @@ class CommandLineTest(unittest.TestCase) for tardata in files: tf.add(tardata, arcname=os.path.basename(tardata)) @@ -1621,7 +1621,7 @@ Content-Transfer-Encoding: 8bit def test_bad_use(self): rc, out, err = self.tarfilecmd_failure() self.assertEqual(out, b'') -@@ -2596,6 +2613,25 @@ class CommandLineTest(unittest.TestCase) +@@ -2597,6 +2614,25 @@ class CommandLineTest(unittest.TestCase) finally: os_helper.rmtree(tarextdir) @@ -1647,7 +1647,7 @@ Content-Transfer-Encoding: 8bit def test_extract_command_different_directory(self): self.make_simple_tarfile(tmpname) try: -@@ -2679,7 +2715,7 @@ class LinkEmulationTest(ReadTest, unitte +@@ -2680,7 +2716,7 @@ class LinkEmulationTest(ReadTest, unitte # symbolic or hard links tarfile tries to extract these types of members # as the regular files they point to. def _test_link_extraction(self, name): @@ -1656,7 +1656,7 @@ Content-Transfer-Encoding: 8bit with open(os.path.join(TEMPDIR, name), "rb") as f: data = f.read() self.assertEqual(sha256sum(data), sha256_regtype) -@@ -2811,8 +2847,10 @@ class NumericOwnerTest(unittest.TestCase +@@ -2812,8 +2848,10 @@ class NumericOwnerTest(unittest.TestCase mock_chown): with self._setup_test(mock_geteuid) as (tarfl, filename_1, _, filename_2): @@ -1669,7 +1669,7 @@ Content-Transfer-Encoding: 8bit # convert to filesystem paths f_filename_1 = os.path.join(TEMPDIR, filename_1) -@@ -2830,7 +2868,8 @@ class NumericOwnerTest(unittest.TestCase +@@ -2831,7 +2869,8 @@ class NumericOwnerTest(unittest.TestCase mock_chown): with self._setup_test(mock_geteuid) as (tarfl, filename_1, dirname_1, filename_2): @@ -1679,7 +1679,7 @@ Content-Transfer-Encoding: 8bit # convert to filesystem paths f_filename_1 = os.path.join(TEMPDIR, filename_1) -@@ -2855,7 +2894,8 @@ class NumericOwnerTest(unittest.TestCase +@@ -2856,7 +2895,8 @@ class NumericOwnerTest(unittest.TestCase def test_extract_without_numeric_owner(self, mock_geteuid, mock_chmod, mock_chown): with self._setup_test(mock_geteuid) as (tarfl, filename_1, _, _): @@ -1689,7 +1689,7 @@ Content-Transfer-Encoding: 8bit # convert to filesystem paths f_filename_1 = os.path.join(TEMPDIR, filename_1) -@@ -2869,6 +2909,890 @@ class NumericOwnerTest(unittest.TestCase +@@ -2870,6 +2910,890 @@ class NumericOwnerTest(unittest.TestCase tarfl.extract, filename_1, TEMPDIR, False, True) diff --git a/Python-3.10.10.tar.xz b/Python-3.10.10.tar.xz deleted file mode 100644 index bb9a380..0000000 --- a/Python-3.10.10.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0419e9085bf51b7a672009b3f50dbf1859acdf18ba725d0ec19aa5c8503f0ea3 -size 19627028 diff --git a/Python-3.10.10.tar.xz.asc b/Python-3.10.10.tar.xz.asc deleted file mode 100644 index 0bd900c..0000000 --- a/Python-3.10.10.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmPiQfoACgkQ/+h0BBaL -2EcB8hAAmFEIHZopWn+A4tDxd001eViLrOmjygqPn1doAQ3dAgyESt4Z/HDtN6rB -+6z5rsx+qdcP9kfb/+3V0gKBh/3V4bEpnD+EQtpONWhKbCcqOfq1ok1V+uNH8uOF -ixxWkY+MWJzPPhlQiW/sm9FP6CdnaeriKf1JMCUt9aiganpo2CQv5gPE/0PlSGO5 -BEKjCcyHHPIEAxC6jLm/+33PSzbhGq+YstK/1tcqUrJfkifipovmSZeFyzULPonK -MATPyliOupo3ixPs3LoJUjNpGD4fH+p2Lg1ZOgYv7vGmeLcadNVanRlqRg76m+ke -zvp/MAqQg4Fr75m2+mfDG/Md+PrSMvz71i55a1Q1NcYdW6QR62m08FCZg7/+t5pD -H91ywhMqTv1nySsEZGfuETPTs7gMCtyBeDjIhXBMcfbhGivd7r5zZJ8MUD/FSASC -fQ/vEVeHWQeWpfFgxLfLmRnkjIS7JCGlM9z6zsZqbppWqeA94sBIf4ka2JG2DnGP -1Pvn+ragiHt1++i2yVhmoAB0t44/SgXacCce5AT3yB71brT21cOXQs0Gq80MwVPI -nVbzdOtuGNGcvEi2fbO2IEcgegSHaOHo9PvYTRropSz3V7A95x8mA1xjZf2y77H5 -/mfJ4687YIItCIcNE5Zzj6GspWlWP31OvRFIIefnKYf2JuU+qt8= -=B3xo ------END PGP SIGNATURE----- diff --git a/Python-3.10.11.tar.xz b/Python-3.10.11.tar.xz new file mode 100644 index 0000000..c07774c --- /dev/null +++ b/Python-3.10.11.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3c3bc3048303721c904a03eb8326b631e921f11cc3be2988456a42f115daf04c +size 19640792 diff --git a/Python-3.10.11.tar.xz.asc b/Python-3.10.11.tar.xz.asc new file mode 100644 index 0000000..d3012ea --- /dev/null +++ b/Python-3.10.11.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEz9yiRbEEPPKl+Xhl/+h0BBaL2EcFAmQsoHwACgkQ/+h0BBaL +2Efs9BAAheWCnenhHhXi0m0DgyB6eEVH8xmZrBqA1WMgGQOqWVZmEnJdc0IXyFWQ +1A4C59d6rEvu8jvXTLvsqGEmehofKqq0bXB1tMUBn9CwSiELOm19WvCHc/Htwo2U +DsvAsXXO7vBkKBT9+CQ4BmkGzPUTrBLZRHsQX/M/tpx81jnQVunoMojyPK19sf1I +C+YnxE0cQVL9+INd0WtbVByJIwzBBDCLqTQWL//73CqFs8IO6PsjFXqmlVqVfpmz +aEXuGeRkRgy7kZaDdLcnhBq7a6vgaecfgfRUGyBgwgakfrHA5SOdsWdAonjA676J +6DHmFIf82R4wo7Vu0WAfFAq9jJfVxXN7n5Y/N/cxzqjhrfO341vCflN1c16VAFnu +ok7n50poENO/tMRerOEj5baL+mToi8Wh+cYHY6tNpaM2iP+bSyjoS+Ff225xhdNV +fqGuyaH7cPgGgoXECrSb7iTWYZxJxQV9S8OlR2gX8IlA+XrbGWQl0PvmErhO3FqN +W88gBmYrzrSl6+dzF62yn2gKFc2K5k6NmCcySFfjY87G7RhEf1ixPeDyMSvbKlVw +sJWeoXuCNPL+PQV+V76UAbn3bEvH87fyImxoYHNAIbHh8JaTvO5vIKDrrsw92siQ +6Pud3Oy6DcD5gWX2KcaAjQjruh18dljsbYN+2KVFfQHM8SYeXns= +=enP4 +-----END PGP SIGNATURE----- diff --git a/invalid-json.patch b/invalid-json.patch deleted file mode 100644 index d3a25ba..0000000 --- a/invalid-json.patch +++ /dev/null @@ -1,44 +0,0 @@ ---- - Doc/howto/logging-cookbook.rst | 24 ++++++++++++++---------- - 1 file changed, 14 insertions(+), 10 deletions(-) - ---- a/Doc/howto/logging-cookbook.rst -+++ b/Doc/howto/logging-cookbook.rst -@@ -340,10 +340,12 @@ adding a ``filters`` section parallel to - - .. code-block:: json - -- "filters": { -- "warnings_and_below": { -- "()" : "__main__.filter_maker", -- "level": "WARNING" -+ { -+ "filters": { -+ "warnings_and_below": { -+ "()" : "__main__.filter_maker", -+ "level": "WARNING" -+ } - } - } - -@@ -351,12 +353,14 @@ and changing the section on the ``stdout - - .. code-block:: json - -- "stdout": { -- "class": "logging.StreamHandler", -- "level": "INFO", -- "formatter": "simple", -- "stream": "ext://sys.stdout", -- "filters": ["warnings_and_below"] -+ { -+ "stdout": { -+ "class": "logging.StreamHandler", -+ "level": "INFO", -+ "formatter": "simple", -+ "stream": "ext://sys.stdout", -+ "filters": ["warnings_and_below"] -+ } - } - - A filter is just a function, so we can define the ``filter_maker`` (a factory diff --git a/python310.changes b/python310.changes index bae45db..1ff6218 100644 --- a/python310.changes +++ b/python310.changes @@ -1,10 +1,93 @@ ------------------------------------------------------------------- -Thu Apr 27 21:19:52 UTC 2023 - Matej Cepl +Thu Apr 27 21:23:19 UTC 2023 - Matej Cepl - Add CVE-2007-4559-filter-tarfile_extractall.patch to fix CVE-2007-4559 (bsc#1203750) by adding the filter for tarfile.extractall (PEP 706). +------------------------------------------------------------------- +Thu Apr 27 21:19:52 UTC 2023 - Matej Cepl + +- Update to 3.10.11: + - Core and Builtins + - gh-102416: Do not memoize incorrectly automatically + generated loop rules in the parser. Patch by Pablo Galindo. + - gh-102356: Fix a bug that caused a crash when deallocating + deeply nested filter objects. Patch by Marta Gómez Macías. + - gh-102397: Fix segfault from race condition in signal + handling during garbage collection. Patch by Kumar Aditya. + - gh-102126: Fix deadlock at shutdown when clearing thread + states if any finalizer tries to acquire the runtime head + lock. Patch by Kumar Aditya. + - gh-102027: Fix SSE2 and SSE3 detection in _blake2 internal + module. Patch by Max Bachmann. + - gh-101967: Fix possible segfault in + positional_only_passed_as_keyword function, when new list + created. + - gh-101765: Fix SystemError / segmentation fault in iter + __reduce__ when internal access of builtins.__dict__ keys + mutates the iter object. + - Library + - gh-102947: Improve traceback when dataclasses.fields() is + called on a non-dataclass. Patch by Alex Waygood + - gh-101979: Fix a bug where parentheses in the metavar + argument to argparse.ArgumentParser.add_argument() were + dropped. Patch by Yeojin Kim. + - gh-102179: Fix os.dup2() error message for negative fds. + - gh-101961: For the binary mode, fileinput.hookcompressed() + doesn’t set the encoding value even if the value is + None. Patch by Gihwan Kim. + - gh-101936: The default value of fp becomes io.BytesIO + if HTTPError is initialized without a designated fp + parameter. Patch by Long Vo. + - gh-101566: In zipfile, apply fix for extractall on the + underlying zipfile after being wrapped in Path. + - gh-101997: Upgrade pip wheel bundled with ensurepip (pip + 23.0.1) + - gh-101892: Callable iterators no longer raise SystemError + when the callable object exhausts the iterator but forgets + to either return a sentinel value or raise StopIteration. + - gh-97786: Fix potential undefined behaviour in corner cases + of floating-point-to-time conversions. + - gh-101517: Fixed bug where bdb looks up the source line + with linecache with a lineno=None, which causes it to fail + with an unhandled exception. + - gh-101673: Fix a pdb bug where ll clears the changes to + local variables. + - gh-96931: Fix incorrect results from + ssl.SSLSocket.shared_ciphers() + - gh-88233: Correctly preserve “extra” fields in zipfile + regardless of their ordering relative to a zip64 “extra.” + - gh-95495: When built against OpenSSL 3.0, the ssl module + had a bug where it reported unauthenticated EOFs (i.e. + without close_notify) as a clean TLS-level EOF. It now + raises SSLEOFError, matching the behavior in previous + versions of OpenSSL. The options attribute on SSLContext + also no longer includes OP_IGNORE_UNEXPECTED_EOF by + default. This option may be set to specify the previous + OpenSSL 3.0 behavior. + - gh-94440: Fix a concurrent.futures.process bug where + ProcessPoolExecutor shutdown could hang after a future has + been quickly submitted and canceled. + - Documentation + - gh-103112: Add docstring to http.client.HTTPResponse.read() + to fix pydoc output. + - gh-85417: Update cmath documentation to clarify behaviour + on branch cuts. + - gh-97725: Fix asyncio.Task.print_stack() description for + file=None. Patch by Oleg Iarygin. + - Tests + - gh-102980: Improve test coverage on pdb. + - gh-102537: Adjust the error handling strategy in + test_zoneinfo.TzPathTest.python_tzpath_context. Patch by + Paul Ganssle. + - gh-101377: Improved test_locale_calendar_formatweekday of + calendar. + - Build + - gh-102711: Fix -Wstrict-prototypes compiler warnings. +- Removed upstreamed: + - invalid-json.patch + ------------------------------------------------------------------- Mon Mar 13 08:39:53 UTC 2023 - Matej Cepl diff --git a/python310.spec b/python310.spec index 045fccd..238bbf6 100644 --- a/python310.spec +++ b/python310.spec @@ -103,7 +103,7 @@ Obsoletes: python39%{?1:-%{1}} %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so %bcond_without profileopt Name: %{python_pkg_name}%{psuffix} -Version: 3.10.10 +Version: 3.10.11 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -170,12 +170,9 @@ Patch36: support-expat-CVE-2022-25236-patched.patch # blocklist bypass via the urllib.parse component when supplying # a URL that starts with blank characters Patch37: CVE-2023-24329-blank-URL-bypass.patch -# PATCH-FIX-UPSTREAM invalid-json.patch gh#python/cpython#102582 mcepl@suse.com -# We require valid JSON in documentation -Patch38: invalid-json.patch # PATCH-FIX-UPSTREAM CVE-2007-4559-filter-tarfile_extractall.patch bsc#1203750 mcepl@suse.com # PEP 706 – Filter for tarfile.extractall -Patch39: CVE-2007-4559-filter-tarfile_extractall.patch +Patch38: CVE-2007-4559-filter-tarfile_extractall.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes @@ -450,7 +447,6 @@ other applications. %patch36 -p1 %patch37 -p1 %patch38 -p1 -%patch39 -p1 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac