SHA256
1
0
forked from pool/python312
Commit Graph

3 Commits

Author SHA256 Message Date
e62ac867bc - Update to 3.12.3:
- Security¶
    - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
      (CVE-2023-52425, bsc#1219559) by adding five new methods:
          xml.etree.ElementTree.XMLParser.flush()
          xml.etree.ElementTree.XMLPullParser.flush()
          xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
          xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
          xml.sax.expatreader.ExpatParser.flush()
    - gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075)
    - gh-115243: Fix possible crashes in
      collections.deque.index() when the deque is concurrently
      modified.
    - gh-114572: ssl.SSLContext.cert_store_stats() and
      ssl.SSLContext.get_ca_certs() now correctly lock access to
      the certificate store, when the ssl.SSLContext is shared
      across multiple threads.
  - Core and Builtins
    - gh-109120: Added handle of incorrect star expressions, e.g
      f(3, *). Patch by Grigoryev Semyon
    - gh-99108: Updated the hashlib built-in HACL* project C code
      from upstream that we use for many implementations when
      they are not present via OpenSSL in a given build. This
      also avoids the rare potential for a C symbol name one
      definition rule linking issue.
    - gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to
      sys.monitoring.MISSING instead of None for CALL event.
    - gh-113964: Starting new threads and process creation
      through os.fork() are now only prevented once all
      non-daemon threads exit.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=43
2024-04-10 14:51:57 +00:00
600a900c7b Update the patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=34
2024-02-12 13:36:22 +00:00
3e5f9031be - (bsc#1210638, CVE-2023-27043) Add
CVE-2023-27043-email-parsing-errors.patch, which rejects
  malformed addresses in email.parseaddr() (gh#python/cpython!111116)
  Detect email address parsing errors and return empty tuple to
  indicate the parsing error (old API). Add an optional 'strict'
  parameter to getaddresses() and parseaddr() functions. Patch by
  Thomas Dwyer.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=33
2024-02-12 13:35:44 +00:00