rpm/python312
SHA256
1
0
Fork 0
forked from pool/python312
Code Pull Requests Activity

Accepting request 1168659 from devel:languages:python:Factory

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1168659
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python312?expand=0&rev=17
This commit is contained in:
Ana Guerrero 2024-04-23 16:55:03 +00:00 committed by Git OBS Bridge
commit 5aec8eeba8
11 changed files with 474 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023-27043-email-parsing-errors.patch
View File

@ -260,7 +260,7 @@ Co-Authored-By: Thomas Dwyer <github@tomd.tel>
from email.charset import Charset
from email.generator import Generator, DecodedGenerator, BytesGenerator
@@ -3337,15 +3338,137 @@ Foo
@@ -3352,15 +3353,137 @@ Foo
],
)
@ -406,7 +406,7 @@ Co-Authored-By: Thomas Dwyer <github@tomd.tel>
def test_getaddresses_embedded_comment(self):
"""Test proper handling of a nested comment"""
@@ -3536,6 +3659,54 @@ multipart/report
@@ -3551,6 +3674,54 @@ multipart/report
m = cls(*constructor, policy=email.policy.default)
self.assertIs(m.policy, email.policy.default)

67
CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch Normal file
View File

@ -0,0 +1,67 @@
Index: Python-3.12.3/Lib/test/test_xml_etree.py
===================================================================
--- Python-3.12.3.orig/Lib/test/test_xml_etree.py
+++ Python-3.12.3/Lib/test/test_xml_etree.py
@@ -121,6 +121,11 @@ ATTLIST_XML = """\
</foo>
"""
+IS_SLE_15_6 = os.environ.get("SLE_VERSION", "") == "0150600"
+fails_with_expat_2_6_0 = (unittest.expectedFailure
+ # 2.4 version patched in SLE
+ if IS_SLE_15_6 and pyexpat.version_info >= (2, 4, 0) else
+ lambda test: test)
def checkwarnings(*filters, quiet=False):
def decorator(test):
def newtest(*args, **kwargs):
@@ -1424,9 +1429,11 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'root')])
self.assertIsNone(parser.close())
+ @fails_with_expat_2_6_0
def test_simple_xml_chunk_1(self):
self.test_simple_xml(chunk_size=1, flush=True)
+ @fails_with_expat_2_6_0
def test_simple_xml_chunk_5(self):
self.test_simple_xml(chunk_size=5, flush=True)
@@ -1651,6 +1658,9 @@ class XMLPullParserTest(unittest.TestCas
self.assert_event_tags(parser, [('end', 'doc')])
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
parser = ET.XMLPullParser(events=('start', 'end'))
Index: Python-3.12.3/Lib/test/test_sax.py
===================================================================
--- Python-3.12.3.orig/Lib/test/test_sax.py
+++ Python-3.12.3/Lib/test/test_sax.py
@@ -1240,6 +1240,9 @@ class ExpatReaderTest(XmlTestBase):
self.assertEqual(result.getvalue(), start + b"<doc></doc>")
+ @unittest.skipIf(pyexpat.version_info < (2, 6, 0),
+ f'Expat {pyexpat.version_info} does not '
+ 'support reparse deferral')
def test_flush_reparse_deferral_disabled(self):
result = BytesIO()
xmlgen = XMLGenerator(result)
Index: Python-3.12.3/Lib/test/test_pyexpat.py
===================================================================
--- Python-3.12.3.orig/Lib/test/test_pyexpat.py
+++ Python-3.12.3/Lib/test/test_pyexpat.py
@@ -794,6 +794,10 @@ class ReparseDeferralTest(unittest.TestC
self.assertEqual(started, ['doc'])
def test_reparse_deferral_disabled(self):
+ if expat.version_info < (2, 6, 0):
+ self.skipTest(f'Expat {expat.version_info} does not '
+ 'support reparse deferral')
+
started = []
def start_element(name, _):

3
Python-3.12.2.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:be28112dac813d2053545c14bf13a16401a21877f1a69eb6ea5d84c4a0f3d870
size 20591308

18
Python-3.12.2.tar.xz.asc
View File

@ -1,18 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmXCmEZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwVxNQ/5AfuzQgW8NEaIe9J2cT78VvGa6I1DMSud8X6RnZLGDtk0D19ENhykO9bn
RtpbVGVUMWKoalU0AB3IZ4E7/ZLVl8ooZScfmzo4B3D9jdVcDJiIS8S2dYKPZ4QK
pVLTXZxi5/KUnirohguUdMlNEE/RyDMHpYO0wDpG4bfq6E9fkkrqm9n+j7/JZpQj
xEDyA5h3GBSus1KvG59C96r2YRFVXNebl1RgnCEuFKA6aJB/A5ht1UbINzS9vsaj
zGTRjMNdDVZVfomtYL63Zr5dHsv8t7jpwZHe+kqmY6FyiIElcV5euvjK+akujrjp
pY3KzyKC3tGcWz5qNaiL7H2WSW72e0fxbEZ1F2LUfmvfJM8oMcfEEb91R225m+Jp
Ot46t7DXYazcyRVkx1cfiAijPBjbxoLQXkKcZEFXkosJE543zqzy316of64Sh1Pj
vL+txgpMCpSYaXfgKImwya7F/twK9yPb6bvA6X2qcSZsK9FbC7d/WqSJejp0Nu5k
QCMwN3DICOERgN0gkgLccCsF6yH+a/06Mebx4gDBDrsXxEkgLHLrZkRwYrv2vlHg
/g6QOli029CMlbSbNIJeb2fEczRK4kqKlZyt9NOQ6InSwsAS5+F3DdhjQ2zu5lid
saAiV4yWU0RiyGp98X1vjLPOWjp/sILbYlLplJBY7LxWBqC7+2A=
=50z7
-----END PGP SIGNATURE-----

3
Python-3.12.3.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:56bfef1fdfc1221ce6720e43a661e3eb41785dd914ce99698d8c7896af4bdaa1
size 20625068

18
Python-3.12.3.tar.xz.asc Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmYVDdNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwU8Vg//aP8bxzPTDIM9Af1LLJj5LNLIuZOl5QysWQVbakoCpS8Z8ZiK3LyzGi7H
pQ5uJEnRjhULnOi+va2TPBDqiYvY1CkVizYzmUe1dMtzHdJUBE1TzybfON02JzPD
62oDHxUC1hvITyLE8tjnsgBuP9bbYYHnS+qqmDgBWS1M60i4bqcBiSdlWZp7ZTI4
KIxIy9eyNujHnNQrQQ1oqIoj7ty1Hrtkfqia/3cVq7rkQT8HecBIW0K82WuIXizm
/Ua/TQslTJsypslFYpoJBoIkWG2nk7RhJvfU5iLxQHen6cr7JOUo/u3jv0DIJyJs
LdBWG6noTIiqKJb65UswLUxexM5f3Y7gLEZ4FCqlbAOAPG16xwwC8Xd7LIF33cHK
133BvYCkwdl0MCpmsQuxi8i6Kql0MaEqJ9MEj6UN66ZJVpRx8hOm2FtZGhn5ZNxx
r5C2zXGw/IjXeS01wgD8cSRVA0XJdN4bu88vmvhqMuezg3CDF5bX85isoFUaLUjS
c5Lv1HNrqPiaWHOctnvzasy0djpwze+WCzsXFMI6VfejPpYwNlhmnxS7i3R9A4RK
gBwViMd5q5rwx365tCfRfGcBW6OOvrHZalhSGYmUw13sBarFliW9CvN4ghN9kWbN
YQwSggf5KD6v5mAAyReMrOJTyBG6B5hMlxKai5CzbRLlG25T2wI=
=ZQxz
-----END PGP SIGNATURE-----

30
fix-test-recursion-limit-15.6.patch Normal file
View File

@ -0,0 +1,30 @@
Index: Python-3.12.3/Lib/test/test_compile.py
===================================================================
--- Python-3.12.3.orig/Lib/test/test_compile.py
+++ Python-3.12.3/Lib/test/test_compile.py
@@ -14,6 +14,9 @@ from test.support import (script_helper,
requires_specialization, C_RECURSION_LIMIT)
from test.support.os_helper import FakePath
+IS_SLE_15_6 = os.environ.get("SLE_VERSION", "") == "0150600"
+IS_32bit = hasattr(os, "uname") and os.uname().machine in ["i386", "i486", "i586", "i686"]
+
class TestSpecifics(unittest.TestCase):
def compile_single(self, source):
@@ -110,6 +113,7 @@ class TestSpecifics(unittest.TestCase):
self.assertEqual(d['z'], 12)
@unittest.skipIf(support.is_wasi, "exhausts limited stack on WASI")
+ @unittest.skipIf(IS_SLE_15_6 and IS_32bit, "fails on 15.6 i586")
def test_extended_arg(self):
repeat = int(C_RECURSION_LIMIT * 0.9)
longexpr = 'x = x or ' + '-x' * repeat
@@ -603,6 +607,7 @@ class TestSpecifics(unittest.TestCase):
@support.cpython_only
@unittest.skipIf(support.is_wasi, "exhausts limited stack on WASI")
+ @unittest.skipIf(IS_SLE_15_6 and IS_32bit, "fails on 15.6 i586")
def test_compiler_recursion_limit(self):
# Expected limit is C_RECURSION_LIMIT * 2
# Duplicating the limit here is a little ugly.

16
fix_configure_rst.patch
View File

@ -3,11 +3,9 @@
Misc/NEWS | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
Index: Python-3.12.2/Doc/using/configure.rst
===================================================================
--- Python-3.12.2.orig/Doc/using/configure.rst
+++ Python-3.12.2/Doc/using/configure.rst
@@ -629,13 +629,11 @@ macOS Options
--- a/Doc/using/configure.rst
+++ b/Doc/using/configure.rst
@@ -631,13 +631,11 @@ macOS Options
See ``Mac/README.rst``.
@ -21,11 +19,9 @@ Index: Python-3.12.2/Doc/using/configure.rst
.. option:: --enable-framework=INSTALLDIR
Create a Python.framework rather than a traditional Unix install. Optional
Index: Python-3.12.2/Misc/NEWS
===================================================================
--- Python-3.12.2.orig/Misc/NEWS
+++ Python-3.12.2/Misc/NEWS
@@ -12998,7 +12998,7 @@ C API
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13428,7 +13428,7 @@ C API
- bpo-40939: Removed documentation for the removed ``PyParser_*`` C API.
- bpo-43795: The list in :ref:`limited-api-list` now shows the public name

107
libexpat260.patch
View File

@ -1,107 +0,0 @@
From f2eebf3c38eae77765247791576b437ec25ccfe2 Mon Sep 17 00:00:00 2001
From: Serhiy Storchaka <storchaka@gmail.com>
Date: Sun, 11 Feb 2024 12:08:39 +0200
Subject: [PATCH] gh-115133: Fix tests for XMLPullParser with Expat 2.6.0
(GH-115164)
Feeding the parser by too small chunks defers parsing to prevent
CVE-2023-52425. Future versions of Expat may be more reactive.
(cherry picked from commit 4a08e7b3431cd32a0daf22a33421cd3035343dc4)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
---
Lib/test/test_xml_etree.py | 58 ++++++++++++-------
...-02-08-14-21-28.gh-issue-115133.ycl4ko.rst | 2 +
2 files changed, 38 insertions(+), 22 deletions(-)
create mode 100644 Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
Index: Python-3.12.2/Lib/test/test_xml_etree.py
===================================================================
--- Python-3.12.2.orig/Lib/test/test_xml_etree.py
+++ Python-3.12.2/Lib/test/test_xml_etree.py
@@ -13,6 +13,7 @@ import itertools
import operator
import os
import pickle
+import pyexpat
import sys
import textwrap
import types
@@ -120,6 +121,10 @@ ATTLIST_XML = """\
</foo>
"""
+fails_with_expat_2_6_0 = (unittest.expectedFailure
+ if pyexpat.version_info >= (2, 6, 0) else
+ lambda test: test)
+
def checkwarnings(*filters, quiet=False):
def decorator(test):
def newtest(*args, **kwargs):
@@ -1400,28 +1405,37 @@ class XMLPullParserTest(unittest.TestCas
self.assertEqual([(action, elem.tag) for action, elem in events],
expected)
- def test_simple_xml(self):
- for chunk_size in (None, 1, 5):
- with self.subTest(chunk_size=chunk_size):
- parser = ET.XMLPullParser()
- self.assert_event_tags(parser, [])
- self._feed(parser, "<!-- comment -->\n", chunk_size)
- self.assert_event_tags(parser, [])
- self._feed(parser,
- "<root>\n <element key='value'>text</element",
- chunk_size)
- self.assert_event_tags(parser, [])
- self._feed(parser, ">\n", chunk_size)
- self.assert_event_tags(parser, [('end', 'element')])
- self._feed(parser, "<element>text</element>tail\n", chunk_size)
- self._feed(parser, "<empty-element/>\n", chunk_size)
- self.assert_event_tags(parser, [
- ('end', 'element'),
- ('end', 'empty-element'),
- ])
- self._feed(parser, "</root>\n", chunk_size)
- self.assert_event_tags(parser, [('end', 'root')])
- self.assertIsNone(parser.close())
+ def test_simple_xml(self, chunk_size=None):
+ parser = ET.XMLPullParser()
+ self.assert_event_tags(parser, [])
+ self._feed(parser, "<!-- comment -->\n", chunk_size)
+ self.assert_event_tags(parser, [])
+ self._feed(parser,
+ "<root>\n <element key='value'>text</element",
+ chunk_size)
+ self.assert_event_tags(parser, [])
+ self._feed(parser, ">\n", chunk_size)
+ self.assert_event_tags(parser, [('end', 'element')])
+ self._feed(parser, "<element>text</element>tail\n", chunk_size)
+ self._feed(parser, "<empty-element/>\n", chunk_size)
+ self.assert_event_tags(parser, [
+ ('end', 'element'),
+ ('end', 'empty-element'),
+ ])
+ self._feed(parser, "</root>\n", chunk_size)
+ self.assert_event_tags(parser, [('end', 'root')])
+ self.assertIsNone(parser.close())
+
+ @fails_with_expat_2_6_0
+ def test_simple_xml_chunk_1(self):
+ self.test_simple_xml(chunk_size=1)
+
+ @fails_with_expat_2_6_0
+ def test_simple_xml_chunk_5(self):
+ self.test_simple_xml(chunk_size=5)
+
+ def test_simple_xml_chunk_22(self):
+ self.test_simple_xml(chunk_size=22)
def test_feed_while_iterating(self):
parser = ET.XMLPullParser()
Index: Python-3.12.2/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
===================================================================
--- /dev/null
+++ Python-3.12.2/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
@@ -0,0 +1,2 @@
+Fix tests for :class:`~xml.etree.ElementTree.XMLPullParser` with Expat
+2.6.0.

337
python312.changes
View File

@ -1,3 +1,340 @@
-------------------------------------------------------------------
Mon Apr 15 10:31:32 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- Add CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to fix tests with
patched libexpat below 2.6.0 that doesn't update the version number,
just in 15.6.
- Drop libexpat260.patch, not needed anymore. This patch is merged
with the CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to keep
working on 15.6.
- Add fix-test-recursion-limit-15.6.patch, gh#python/cpython#115083.
-------------------------------------------------------------------
Wed Apr 10 14:41:07 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Update to 3.12.3:
- Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075)
- gh-115243: Fix possible crashes in
collections.deque.index() when the deque is concurrently
modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to
the certificate store, when the ssl.SSLContext is shared
across multiple threads.
- Core and Builtins
- gh-109120: Added handle of incorrect star expressions, e.g
f(3, *). Patch by Grigoryev Semyon
- gh-99108: Updated the hashlib built-in HACL* project C code
from upstream that we use for many implementations when
they are not present via OpenSSL in a given build. This
also avoids the rare potential for a C symbol name one
definition rule linking issue.
- gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to
sys.monitoring.MISSING instead of None for CALL event.
- gh-113964: Starting new threads and process creation
through os.fork() are now only prevented once all
non-daemon threads exit.
- gh-116604: Respect the status of the garbage collector when
indirect calls are made via PyErr_CheckSignals() and the
evaluation breaker. Patch by Pablo Galindo
- gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always
emits CALL
- gh-116296: Fix possible refleak in object.__reduce__()
internal error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser
when raising SyntaxError exceptions caused by invalid byte
sequences. Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115154: Fix a bug that was causing the
tokenize.untokenize() function to handle unicode named
literals incorrectly. Patch by Pablo Galindo
- gh-114828: Fix compilation crashes in uncommon code
examples using super() inside a comprehension in a class
body.
- gh-115011: Setters for members with an unsigned integer
type now support the same range of valid values for objects
that has a __index__() method as for int.
- gh-112215: Change the C recursion limits to more closely
reflect the underlying platform limits.
- gh-96497: Fix incorrect resolution of mangled class
variables used in assignment expressions in comprehensions.
- Library
- gh-117467: Preserve mailbox ownership when rewriting in
mailbox.mbox.flush(). Patch by Tony Mountifield.
- gh-117310: Fixed an unlikely early & extra Py_DECREF
triggered crash in ssl when creating a new _ssl._SSLContext
if CPython was built implausibly such that the
default cipher list is empty or the SSL library it
was linked against reports a failure from its C
SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of
self-referential modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries
with the name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any
to be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer
calls WaitForSingleObject() with a negative timeout: pass 0
ms if the timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Dont leave ConfigParser values
in an invalid state (stored as a list instead of a str)
after an earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values
in urllib.parse functions parse_qs() and parse_qsl(). Also,
they now raise a TypeError for non-zero integers and
non-empty sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated
tkinter.Checkbutton widget names to avoid collisions with
automatically generated tkinter.ttk.Checkbutton widget
names within the same parent widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving” but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of
AttributeError on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and
writev() on WASI.
- Under wasmtime for WASI 0.2, these
functions dont pass test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover
time in the logging.TimedRotatingFileHandler handler.
computeRollover() now always returns a timestamp larger
than the specified time and works correctly during the DST
change. doRollover() no longer overwrite the already rolled
over file, saving from data loss when run at midnight or
during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a
script with pdb
- gh-76511: Fix UnicodeEncodeError in
email.Message.as_string() that results when a message
that claims to be in the ascii character set actually has
non-ascii characters. Non-ascii characters are now replaced
with the U+FFFD replacement character, like in the replace
error handler.
- gh-116040: [Enum] fix by-value calls when second value is
falsey; e.g. Cardinal(1, 0)
- gh-75988: Fixed unittest.mock.create_autospec() to pass
the call through to the wrapped object to return the real
result.
- gh-115881: Fix issue where ast.parse() would incorrectly
flag conditional context managers (such as with (x() if y
else z()): ...) as invalid syntax if feature_version=(3,
8) was passed. This reverts changes to the grammar made as
part of gh-94949.
- gh-115886: Fix silent truncation of the
name with an embedded null character in
multiprocessing.shared_memory.SharedMemory.
- gh-115809: Improve algorithm for computing
which rolled-over log files to delete in
logging.TimedRotatingFileHandler. It is now reliable for
handlers without namer and with arbitrary deterministic
namer that leaves the datetime part in the file name
unmodified.
- gh-74668: urllib.parse functions parse_qs() and
parse_qsl() now support bytes arguments containing raw and
percent-encoded non-ASCII data.
- gh-67044: csv.writer() now always quotes or escapes '\r'
and '\n', regardless of lineterminator value.
- gh-115712: csv.writer() now quotes empty fields if
delimiter is a space and skipinitialspace is true and
raises exception if quoting is not possible.
- gh-112364: Fixed ast.unparse() to handle format_spec with
", ' or \\. Patched by Frank Hoffmann.
- gh-111358: Fix a bug in
asyncio.BaseEventLoop.shutdown_default_executor() to ensure
the timeout passed to the coroutine behaves as expected.
- gh-115618: Fix improper decreasing the reference count for
None argument in property methods getter(), setter() and
deleter().
- gh-115570: A DeprecationWarning is no longer omitted
on access to the __doc__ attributes of the deprecated
typing.io and typing.re pseudo-modules.
- gh-112006: Fix inspect.unwrap() for types with the
__wrapper__ data descriptor.
- gh-101293: Support callables with the __call__() method
and types with __new__() and __init__() methods set to
class methods, static methods, bound methods, partial
functions, and other types of methods and descriptors in
inspect.Signature.from_callable().
- gh-115392: Fix a bug in doctest where incorrect line
numbers would be reported for decorated functions.
- gh-114563: Fix several format() bugs when using the C
implementation of Decimal: * memory leak in some rare
cases when using the z format option (coerce negative 0) *
incorrect output when applying the z format option to type
F (fixed-point with capital NAN / INF) * incorrect output
when applying the # format option (alternate form)
- gh-115197: urllib.request no longer resolves the hostname
before checking it against the systems proxy bypass list
on macOS and Windows.
- gh-115165: Most exceptions are now ignored when attempting
to set the __orig_class__ attribute on objects returned
when calling typing generic aliases (including generic
aliases created using typing.Annotated). Previously only
AttributeError was ignored. Patch by Dave Shawley.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-115059: io.BufferedRandom.read1() now flushes the
underlying write buffer.
- gh-79382: Trailing ** no longer allows to match files and
non-existing paths in recursive glob().
- gh-114071: Support tuple subclasses using auto() for enum
member value.
- gh-114763: Protect modules loaded with
importlib.util.LazyLoader from race conditions when
multiple threads try to access attributes before the
loading is complete.
- gh-97959: Fix rendering class methods, bound methods,
method and function aliases in pydoc. Class methods
no longer have “method of builtins.type instance”
note. Corresponding notes are now added for class and
unbound methods. Method and function aliases now have
references to the module or the class where the origin
was defined if it differs from the current. Bound methods
are now listed in the static methods section. Methods of
builtin classes are now supported as well as methods of
Python classes.
- gh-112281: Allow creating union of types for
typing.Annotated with unhashable metadata.
- gh-111775: Fix
importlib.resources.simple.ResourceHandle.open() for text
mode, added missed stream argument.
- gh-90095: Make .pdbrc and -c work with any valid pdb
commands.
- gh-107155: Fix incorrect output of help(x) where x is a
lambda function, which has an __annotations__ dictionary
attribute with a "return" key.
- gh-105866: Fixed _get_slots bug which caused error when
defining dataclasses with slots and a weakref_slot.
- gh-60346: Fix ArgumentParser inconsistent with
parse_known_args.
- gh-100985: Update HTTPSConnection to consistently wrap IPv6
Addresses when using a proxy.
- gh-100884: email: fix misfolding of comma in address-lists
over multiple lines in combination with unicode encoding.
- gh-95782: Fix io.BufferedReader.tell(),
io.BufferedReader.seek(), _pyio.BufferedReader.tell(),
io.BufferedRandom.tell(), io.BufferedRandom.seek() and
_pyio.BufferedRandom.tell() being able to return negative
offsets.
- gh-96310: Fix a traceback in argparse when all options in a
mutually exclusive group are suppressed.
- gh-93205: Fixed a bug in
logging.handlers.TimedRotatingFileHandler where multiple
rotating handler instances pointing to files with the same
name but different extensions would conflict and not delete
the correct files.
- bpo-44865: Add missing call to localization function in
argparse.
- bpo-43952: Fix multiprocessing.connection.Listener.accept()
to accept empty bytes as authkey. Not accepting empty bytes
as key causes it to hang indefinitely.
- bpo-42125: linecache: get module name from __spec__ if
available. This allows getting source code for the __main__
module when a custom loader is used.
- gh-66543: Make mimetypes.guess_type() properly parsing
of URLs with only a host name, URLs containing fragment
or query, and filenames with only a UNC sharepoint on
Windows. Based on patch by Dong-hee Na.
- bpo-33775: Add default and version help text for
localization in argparse.
- Documentation
- gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under
“XML vulnerabilities”.
- gh-115233: Fix an example for LoggerAdapter in the Logging
Cookbook.
- Tests
- gh-83434: Disable JUnit XML output (--junit-xml=FILE
command line option) in regrtest when hunting for reference
leaks (-R option). Patch by Victor Stinner.
- gh-117187: Fix XML tests for vanilla Expat <2.6.0.
- gh-116333: Tests of TLS related things (error codes, etc)
were updated to be more lenient about specific error
message strings and behaviors as seen in the BoringSSL and
AWS-LC forks of OpenSSL.
- gh-115979: Update test_importlib so that it passes under
WASI SDK 21.
- gh-112536: Add tsan to test.regrtest for running TSAN
tests in reasonable execution times. Patch by Donghee Na.
- gh-116307: Added import helper isolated_modules as
CleanImport does not remove modules imported during the
context. Use it in importlib.resources tests to avoid
leaving mod around to impede importlib.metadata tests.
- gh-115720: Leak tests (-R, --huntrleaks) now show a summary
of the number of leaks found in each iteration.
- gh-115122: Add --bisect option to regrtest test runner:
run failed tests with test.bisect_cmd to identify failing
tests. Patch by Victor Stinner.
- gh-115596: Fix ProgramPriorityTests in test_os permanently
changing the process priority.
- Build
- gh-116313: Get WASI builds to work under wasmtime 18 w/
WASI 0.2/preview2 primitives.
- gh-116117: Backport libb2s PR #42 to fix compiling CPython
on 32-bit Windows with clang-cl.
- gh-115167: Avoid vendoring vcruntime140_threads.dll when
building with Visual Studio 2022 version 17.8.
- gh-112536: Add support for thread sanitizer (TSAN)
- Windows
- gh-117267: Ensure DirEntry.stat().st_ctime behaves
consistently with os.stat() during the deprecation
period of st_ctime by containing the same value as
st_birthtime. After the deprecation period, st_ctime
will be the metadata change time (or unavailable through
DirEntry), and only st_birthtime will contain the creation
time.
- gh-116773: Fix instances of <_overlapped.Overlapped object
at 0xXXX> still has pending operation at deallocation, the
process may crash.
- gh-91227: Fix the asyncio ProactorEventLoop implementation
so that sending a datagram to an address that is not
listening does not prevent receiving any more datagrams.
- gh-115554: The installer now has more strict rules about
updating the Python Launcher for Windows. In general, most
users only have a single launcher installed and will see no
difference. When multiple launchers have been installed,
the option to install the launcher is disabled until all
but one have been removed. Downgrading the launcher (which
was never allowed) is now more obviously blocked.
- gh-115543: Python Launcher for Windows can now
detect Python 3.13 when installed from the Microsoft
Store, and will install Python 3.12 by default when
PYLAUNCHER_ALLOW_INSTALL is set.
- gh-115049: Fixes py.exe launcher failing when run as users
without user profiles.
- gh-115009: Update Windows installer to use SQLite 3.45.1.
- IDLE
- gh-88516: On macOS show a proxy icon in the title bar of
editor windows to match platform behaviour.
- Tools/Demos
- gh-113516: Dont set LDSHARED when building for WASI.
- C API
- gh-117021: Fix integer overflow in PyLong_AsPid() on
non-Windows 64-bit platforms.
- gh-116869: Make the C API compatible with
-Werror=declaration-after-statement compiler flag
again. Patch by Victor Stinner.
-------------------------------------------------------------------
Wed Mar 6 14:13:58 UTC 2024 - Pedro Monreal <pmonreal@suse.com>

15
python312.spec
View File

@ -105,7 +105,7 @@
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
%bcond_without profileopt
Name: %{python_pkg_name}%{psuffix}
Version: 3.12.2
Version: 3.12.3
Release: 0
Summary: Python 3 Interpreter
License: Python-2.0
@ -160,12 +160,17 @@ Patch35: fix_configure_rst.patch
# Detect email address parsing errors and return empty tuple to
# indicate the parsing error (old API)
Patch36: CVE-2023-27043-email-parsing-errors.patch
# PATCH-FIX-UPSTREAM libexpat260.patch gh#python/cpython#115288
# Fix tests for XMLPullParser with Expat 2.6.0
Patch37: libexpat260.patch
# PATCH-FIX-UPSTREAM CVE-2023-6597-TempDir-cleaning-symlink.patch bsc#1219666 mcepl@suse.com
# tempfile.TemporaryDirectory: fix symlink bug in cleanup (from gh#python/cpython!99930)
Patch38: CVE-2023-6597-TempDir-cleaning-symlink.patch
# PATCH-FIX-OPENSUSE CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
# This problem on libexpat is patched on 15.6 without version
# update, this patch changes the tests to match the libexpat provided
# by SUSE
Patch39: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
# PATCH-FIX-OPENSUSE fix-test-recursion-limit-15.6.patch gh#python/cpython#115083
# Skip some failing tests in test_compile for i586 arch in 15.6.
Patch40: fix-test-recursion-limit-15.6.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@ -527,6 +532,8 @@ LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH \
%endif
%check
export SUSE_VERSION="0%{?suse_version}"
export SLE_VERSION="0%{?sle_version}"
%if %{with general}
# exclude test_gdb -- it doesn't run in buildservice anyway, and fails on missing debuginfos
# when you install gdb into your test env