diff --git a/CVE-2024-6923-email-hdr-inject.patch b/CVE-2024-6923-email-hdr-inject.patch deleted file mode 100644 index e8bbb12..0000000 --- a/CVE-2024-6923-email-hdr-inject.patch +++ /dev/null @@ -1,361 +0,0 @@ -From a590277e980eaa8a08204b79ed6c62a763701c8b Mon Sep 17 00:00:00 2001 -From: Petr Viktorin -Date: Wed, 31 Jul 2024 00:19:48 +0200 -Subject: [PATCH] gh-121650: Encode newlines in headers, and verify headers are - sound (GH-122233) - -GH-GH- Encode header parts that contain newlines - -Per RFC 2047: - -> [...] these encoding schemes allow the -> encoding of arbitrary octet values, mail readers that implement this -> decoding should also ensure that display of the decoded data on the -> recipient's terminal will not cause unwanted side-effects - -It seems that the "quoted-word" scheme is a valid way to include -a newline character in a header value, just like we already allow -undecodable bytes or control characters. -They do need to be properly quoted when serialized to text, though. - -GH-GH- Verify that email headers are well-formed - -This should fail for custom fold() implementations that aren't careful -about newlines. - -(cherry picked from commit 097633981879b3c9de9a1dd120d3aa585ecc2384) - -Co-authored-by: Petr Viktorin -Co-authored-by: Bas Bloemsaat -Co-authored-by: Serhiy Storchaka ---- - Doc/library/email.errors.rst | 7 +++ - Doc/library/email.policy.rst | 18 ++++++ - Doc/whatsnew/3.13.rst | 9 +++ - Lib/email/_header_value_parser.py | 12 +++- - Lib/email/_policybase.py | 8 +++ - Lib/email/errors.py | 4 ++ - Lib/email/generator.py | 13 +++- - Lib/test/test_email/test_generator.py | 62 +++++++++++++++++++ - Lib/test/test_email/test_policy.py | 26 ++++++++ - ...-07-27-16-10-41.gh-issue-121650.nf6oc9.rst | 5 ++ - 10 files changed, 160 insertions(+), 4 deletions(-) - create mode 100644 Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst - -diff --git a/Doc/library/email.errors.rst b/Doc/library/email.errors.rst -index 33ab4265116178..f8f43d82a3df2e 100644 ---- a/Doc/library/email.errors.rst -+++ b/Doc/library/email.errors.rst -@@ -58,6 +58,13 @@ The following exception classes are defined in the :mod:`email.errors` module: - :class:`~email.mime.nonmultipart.MIMENonMultipart` (e.g. - :class:`~email.mime.image.MIMEImage`). - -+ -+.. exception:: HeaderWriteError() -+ -+ Raised when an error occurs when the :mod:`~email.generator` outputs -+ headers. -+ -+ - .. exception:: MessageDefect() - - This is the base class for all defects found when parsing email messages. -diff --git a/Doc/library/email.policy.rst b/Doc/library/email.policy.rst -index 83feedf728351e..314767d0802a08 100644 ---- a/Doc/library/email.policy.rst -+++ b/Doc/library/email.policy.rst -@@ -229,6 +229,24 @@ added matters. To illustrate:: - - .. versionadded:: 3.6 - -+ -+ .. attribute:: verify_generated_headers -+ -+ If ``True`` (the default), the generator will raise -+ :exc:`~email.errors.HeaderWriteError` instead of writing a header -+ that is improperly folded or delimited, such that it would -+ be parsed as multiple headers or joined with adjacent data. -+ Such headers can be generated by custom header classes or bugs -+ in the ``email`` module. -+ -+ As it's a security feature, this defaults to ``True`` even in the -+ :class:`~email.policy.Compat32` policy. -+ For backwards compatible, but unsafe, behavior, it must be set to -+ ``False`` explicitly. -+ -+ .. versionadded:: 3.13 -+ -+ - The following :class:`Policy` method is intended to be called by code using - the email library to create policy instances with custom settings: - -diff --git a/Doc/whatsnew/3.13.rst b/Doc/whatsnew/3.13.rst -index b53f419a59f062..35b808a4dd00a4 100644 ---- a/Doc/whatsnew/3.13.rst -+++ b/Doc/whatsnew/3.13.rst -@@ -724,6 +724,15 @@ doctest - email - ----- - -+* Headers with embedded newlines are now quoted on output. -+ -+ The :mod:`~email.generator` will now refuse to serialize (write) headers -+ that are improperly folded or delimited, such that they would be parsed as -+ multiple headers or joined with adjacent data. -+ If you need to turn this safety feature off, -+ set :attr:`~email.policy.Policy.verify_generated_headers`. -+ (Contributed by Bas Bloemsaat and Petr Viktorin in :gh:`121650`.) -+ - * :func:`email.utils.getaddresses` and :func:`email.utils.parseaddr` now return - ``('', '')`` 2-tuples in more situations where invalid email addresses are - encountered instead of potentially inaccurate values. Add optional *strict* -diff --git a/Lib/email/_header_value_parser.py b/Lib/email/_header_value_parser.py -index 7da1bbaf8a80d7..ec2215a5e5f33c 100644 ---- a/Lib/email/_header_value_parser.py -+++ b/Lib/email/_header_value_parser.py -@@ -92,6 +92,8 @@ - ASPECIALS = TSPECIALS | set("*'%") - ATTRIBUTE_ENDS = ASPECIALS | WSP - EXTENDED_ATTRIBUTE_ENDS = ATTRIBUTE_ENDS - set('%') -+NLSET = {'\n', '\r'} -+SPECIALSNL = SPECIALS | NLSET - - def quote_string(value): - return '"'+str(value).replace('\\', '\\\\').replace('"', r'\"')+'"' -@@ -2802,9 +2804,13 @@ def _refold_parse_tree(parse_tree, *, policy): - wrap_as_ew_blocked -= 1 - continue - tstr = str(part) -- if part.token_type == 'ptext' and set(tstr) & SPECIALS: -- # Encode if tstr contains special characters. -- want_encoding = True -+ if not want_encoding: -+ if part.token_type == 'ptext': -+ # Encode if tstr contains special characters. -+ want_encoding = not SPECIALSNL.isdisjoint(tstr) -+ else: -+ # Encode if tstr contains newlines. -+ want_encoding = not NLSET.isdisjoint(tstr) - try: - tstr.encode(encoding) - charset = encoding -diff --git a/Lib/email/_policybase.py b/Lib/email/_policybase.py -index 2ec54fbabae83c..5f9aa9fb091fa2 100644 ---- a/Lib/email/_policybase.py -+++ b/Lib/email/_policybase.py -@@ -157,6 +157,13 @@ class Policy(_PolicyBase, metaclass=abc.ABCMeta): - message_factory -- the class to use to create new message objects. - If the value is None, the default is Message. - -+ verify_generated_headers -+ -- if true, the generator verifies that each header -+ they are properly folded, so that a parser won't -+ treat it as multiple headers, start-of-body, or -+ part of another header. -+ This is a check against custom Header & fold() -+ implementations. - """ - - raise_on_defect = False -@@ -165,6 +172,7 @@ class Policy(_PolicyBase, metaclass=abc.ABCMeta): - max_line_length = 78 - mangle_from_ = False - message_factory = None -+ verify_generated_headers = True - - def handle_defect(self, obj, defect): - """Based on policy, either raise defect or call register_defect. -diff --git a/Lib/email/errors.py b/Lib/email/errors.py -index 3ad00565549968..02aa5eced6ae46 100644 ---- a/Lib/email/errors.py -+++ b/Lib/email/errors.py -@@ -29,6 +29,10 @@ class CharsetError(MessageError): - """An illegal charset was given.""" - - -+class HeaderWriteError(MessageError): -+ """Error while writing headers.""" -+ -+ - # These are parsing defects which the parser was able to work around. - class MessageDefect(ValueError): - """Base class for a message defect.""" -diff --git a/Lib/email/generator.py b/Lib/email/generator.py -index c8056ad47baa0f..47b9df8f4e6090 100644 ---- a/Lib/email/generator.py -+++ b/Lib/email/generator.py -@@ -14,12 +14,14 @@ - from copy import deepcopy - from io import StringIO, BytesIO - from email.utils import _has_surrogates -+from email.errors import HeaderWriteError - - UNDERSCORE = '_' - NL = '\n' # XXX: no longer used by the code below. - - NLCRE = re.compile(r'\r\n|\r|\n') - fcre = re.compile(r'^From ', re.MULTILINE) -+NEWLINE_WITHOUT_FWSP = re.compile(r'\r\n[^ \t]|\r[^ \n\t]|\n[^ \t]') - - - class Generator: -@@ -222,7 +224,16 @@ def _dispatch(self, msg): - - def _write_headers(self, msg): - for h, v in msg.raw_items(): -- self.write(self.policy.fold(h, v)) -+ folded = self.policy.fold(h, v) -+ if self.policy.verify_generated_headers: -+ linesep = self.policy.linesep -+ if not folded.endswith(self.policy.linesep): -+ raise HeaderWriteError( -+ f'folded header does not end with {linesep!r}: {folded!r}') -+ if NEWLINE_WITHOUT_FWSP.search(folded.removesuffix(linesep)): -+ raise HeaderWriteError( -+ f'folded header contains newline: {folded!r}') -+ self.write(folded) - # A blank line always separates headers from body - self.write(self._NL) - -diff --git a/Lib/test/test_email/test_generator.py b/Lib/test/test_email/test_generator.py -index bc6f734d4fd0a9..c75a842c33578e 100644 ---- a/Lib/test/test_email/test_generator.py -+++ b/Lib/test/test_email/test_generator.py -@@ -6,6 +6,7 @@ - from email.generator import Generator, BytesGenerator - from email.headerregistry import Address - from email import policy -+import email.errors - from test.test_email import TestEmailBase, parameterize - - -@@ -249,6 +250,44 @@ def test_rfc2231_wrapping_switches_to_default_len_if_too_narrow(self): - g.flatten(msg) - self.assertEqual(s.getvalue(), self.typ(expected)) - -+ def test_keep_encoded_newlines(self): -+ msg = self.msgmaker(self.typ(textwrap.dedent("""\ -+ To: nobody -+ Subject: Bad subject=?UTF-8?Q?=0A?=Bcc: injection@example.com -+ -+ None -+ """))) -+ expected = textwrap.dedent("""\ -+ To: nobody -+ Subject: Bad subject=?UTF-8?Q?=0A?=Bcc: injection@example.com -+ -+ None -+ """) -+ s = self.ioclass() -+ g = self.genclass(s, policy=self.policy.clone(max_line_length=80)) -+ g.flatten(msg) -+ self.assertEqual(s.getvalue(), self.typ(expected)) -+ -+ def test_keep_long_encoded_newlines(self): -+ msg = self.msgmaker(self.typ(textwrap.dedent("""\ -+ To: nobody -+ Subject: Bad subject=?UTF-8?Q?=0A?=Bcc: injection@example.com -+ -+ None -+ """))) -+ expected = textwrap.dedent("""\ -+ To: nobody -+ Subject: Bad subject -+ =?utf-8?q?=0A?=Bcc: -+ injection@example.com -+ -+ None -+ """) -+ s = self.ioclass() -+ g = self.genclass(s, policy=self.policy.clone(max_line_length=30)) -+ g.flatten(msg) -+ self.assertEqual(s.getvalue(), self.typ(expected)) -+ - - class TestGenerator(TestGeneratorBase, TestEmailBase): - -@@ -273,6 +312,29 @@ def test_flatten_unicode_linesep(self): - g.flatten(msg) - self.assertEqual(s.getvalue(), self.typ(expected)) - -+ def test_verify_generated_headers(self): -+ """gh-121650: by default the generator prevents header injection""" -+ class LiteralHeader(str): -+ name = 'Header' -+ def fold(self, **kwargs): -+ return self -+ -+ for text in ( -+ 'Value\r\nBad Injection\r\n', -+ 'NoNewLine' -+ ): -+ with self.subTest(text=text): -+ message = message_from_string( -+ "Header: Value\r\n\r\nBody", -+ policy=self.policy, -+ ) -+ -+ del message['Header'] -+ message['Header'] = LiteralHeader(text) -+ -+ with self.assertRaises(email.errors.HeaderWriteError): -+ message.as_string() -+ - - class TestBytesGenerator(TestGeneratorBase, TestEmailBase): - -diff --git a/Lib/test/test_email/test_policy.py b/Lib/test/test_email/test_policy.py -index c6b9c80efe1b54..baa35fd68e49c5 100644 ---- a/Lib/test/test_email/test_policy.py -+++ b/Lib/test/test_email/test_policy.py -@@ -26,6 +26,7 @@ class PolicyAPITests(unittest.TestCase): - 'raise_on_defect': False, - 'mangle_from_': True, - 'message_factory': None, -+ 'verify_generated_headers': True, - } - # These default values are the ones set on email.policy.default. - # If any of these defaults change, the docs must be updated. -@@ -294,6 +295,31 @@ def test_short_maxlen_error(self): - with self.assertRaises(email.errors.HeaderParseError): - policy.fold("Subject", subject) - -+ def test_verify_generated_headers(self): -+ """Turning protection off allows header injection""" -+ policy = email.policy.default.clone(verify_generated_headers=False) -+ for text in ( -+ 'Header: Value\r\nBad: Injection\r\n', -+ 'Header: NoNewLine' -+ ): -+ with self.subTest(text=text): -+ message = email.message_from_string( -+ "Header: Value\r\n\r\nBody", -+ policy=policy, -+ ) -+ class LiteralHeader(str): -+ name = 'Header' -+ def fold(self, **kwargs): -+ return self -+ -+ del message['Header'] -+ message['Header'] = LiteralHeader(text) -+ -+ self.assertEqual( -+ message.as_string(), -+ f"{text}\nBody", -+ ) -+ - # XXX: Need subclassing tests. - # For adding subclassed objects, make sure the usual rules apply (subclass - # wins), but that the order still works (right overrides left). -diff --git a/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst b/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst -new file mode 100644 -index 00000000000000..83dd28d4ac575b ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst -@@ -0,0 +1,5 @@ -+:mod:`email` headers with embedded newlines are now quoted on output. The -+:mod:`~email.generator` will now refuse to serialize (write) headers that -+are unsafely folded or delimited; see -+:attr:`~email.policy.Policy.verify_generated_headers`. (Contributed by Bas -+Bloemsaat and Petr Viktorin in :gh:`121650`.) diff --git a/CVE-2024-8088-inf-loop-zipfile_Path.patch b/CVE-2024-8088-inf-loop-zipfile_Path.patch deleted file mode 100644 index 350fb71..0000000 --- a/CVE-2024-8088-inf-loop-zipfile_Path.patch +++ /dev/null @@ -1,148 +0,0 @@ ---- - Lib/test/test_zipfile/_path/test_path.py | 78 ++++++++++ - Lib/zipfile/_path/__init__.py | 18 ++ - Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst | 1 - Misc/NEWS.d/next/Library/2024-08-26-13-45-20.gh-issue-123270.gXHvNJ.rst | 3 - 4 files changed, 98 insertions(+), 2 deletions(-) - ---- a/Lib/test/test_zipfile/_path/test_path.py -+++ b/Lib/test/test_zipfile/_path/test_path.py -@@ -5,6 +5,7 @@ import pathlib - import pickle - import stat - import sys -+import time - import unittest - import zipfile - import zipfile._path -@@ -577,3 +578,80 @@ class TestPath(unittest.TestCase): - zipfile.Path(alpharep) - with self.assertRaises(KeyError): - alpharep.getinfo('does-not-exist') -+ -+ def test_malformed_paths(self): -+ """ -+ Path should handle malformed paths gracefully. -+ -+ Paths with leading slashes are not visible. -+ -+ Paths with dots are treated like regular files. -+ """ -+ data = io.BytesIO() -+ zf = zipfile.ZipFile(data, "w") -+ zf.writestr("/one-slash.txt", b"content") -+ zf.writestr("//two-slash.txt", b"content") -+ zf.writestr("../parent.txt", b"content") -+ zf.filename = '' -+ root = zipfile.Path(zf) -+ assert list(map(str, root.iterdir())) == ['../'] -+ assert root.joinpath('..').joinpath('parent.txt').read_bytes() == b'content' -+ -+ def test_unsupported_names(self): -+ """ -+ Path segments with special characters are readable. -+ -+ On some platforms or file systems, characters like -+ ``:`` and ``?`` are not allowed, but they are valid -+ in the zip file. -+ """ -+ data = io.BytesIO() -+ zf = zipfile.ZipFile(data, "w") -+ zf.writestr("path?", b"content") -+ zf.writestr("V: NMS.flac", b"fLaC...") -+ zf.filename = '' -+ root = zipfile.Path(zf) -+ contents = root.iterdir() -+ assert next(contents).name == 'path?' -+ assert next(contents).name == 'V: NMS.flac' -+ assert root.joinpath('V: NMS.flac').read_bytes() == b"fLaC..." -+ -+ def test_backslash_not_separator(self): -+ """ -+ In a zip file, backslashes are not separators. -+ """ -+ data = io.BytesIO() -+ zf = zipfile.ZipFile(data, "w") -+ zf.writestr(DirtyZipInfo.for_name("foo\\bar", zf), b"content") -+ zf.filename = '' -+ root = zipfile.Path(zf) -+ (first,) = root.iterdir() -+ assert not first.is_dir() -+ assert first.name == 'foo\\bar' -+ -+ -+class DirtyZipInfo(zipfile.ZipInfo): -+ """ -+ Bypass name sanitization. -+ """ -+ -+ def __init__(self, filename, *args, **kwargs): -+ super().__init__(filename, *args, **kwargs) -+ self.filename = filename -+ -+ @classmethod -+ def for_name(cls, name, archive): -+ """ -+ Construct the same way that ZipFile.writestr does. -+ -+ TODO: extract this functionality and re-use -+ """ -+ self = cls(filename=name, date_time=time.localtime(time.time())[:6]) -+ self.compress_type = archive.compression -+ self.compress_level = archive.compresslevel -+ if self.filename.endswith('/'): # pragma: no cover -+ self.external_attr = 0o40775 << 16 # drwxrwxr-x -+ self.external_attr |= 0x10 # MS-DOS directory flag -+ else: -+ self.external_attr = 0o600 << 16 # ?rw------- -+ return self ---- a/Lib/zipfile/_path/__init__.py -+++ b/Lib/zipfile/_path/__init__.py -@@ -1,3 +1,12 @@ -+""" -+A Path-like interface for zipfiles. -+ -+This codebase is shared between zipfile.Path in the stdlib -+and zipp in PyPI. See -+https://github.com/python/importlib_metadata/wiki/Development-Methodology -+for more detail. -+""" -+ - import io - import posixpath - import zipfile -@@ -36,7 +45,7 @@ def _parents(path): - def _ancestry(path): - """ - Given a path with elements separated by -- posixpath.sep, generate all elements of that path -+ posixpath.sep, generate all elements of that path. - - >>> list(_ancestry('b/d')) - ['b/d', 'b'] -@@ -48,9 +57,14 @@ def _ancestry(path): - ['b'] - >>> list(_ancestry('')) - [] -+ -+ Multiple separators are treated like a single. -+ -+ >>> list(_ancestry('//b//d///f//')) -+ ['//b//d///f', '//b//d', '//b'] - """ - path = path.rstrip(posixpath.sep) -- while path and path != posixpath.sep: -+ while path.rstrip(posixpath.sep): - yield path - path, tail = posixpath.split(path) - ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst -@@ -0,0 +1 @@ -+:class:`zipfile.Path` objects now sanitize names from the zipfile. ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2024-08-26-13-45-20.gh-issue-123270.gXHvNJ.rst -@@ -0,0 +1,3 @@ -+Applied a more surgical fix for malformed payloads in :class:`zipfile.Path` -+causing infinite loops (gh-122905) without breaking contents using -+legitimate characters. diff --git a/Python-3.13.0rc1.tar.xz b/Python-3.13.0rc1.tar.xz deleted file mode 100644 index 1c7d783..0000000 --- a/Python-3.13.0rc1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:678b884775eec0224d5159fa900879020baca2a36ce942fd95febfa1adb4a6bd -size 20881016 diff --git a/Python-3.13.0rc1.tar.xz.asc b/Python-3.13.0rc1.tar.xz.asc deleted file mode 100644 index a2c4da5..0000000 --- a/Python-3.13.0rc1.tar.xz.asc +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmaquNZfFIAAAAAALgAo -aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx -Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6 -YwUclA//Tg0ybBUO7yjNvM85wbZLxIvYujAbReBRARLUkZXFGVMBG9zi3Arf4EE6 -PKvGvy0vg/jeQPraLBe4KQnaQUTU8qmLsjd7lWWEjZc0E+3zZzAvZ9hXNtcrqY4x -YdLaGT8762c4sFoNsp173MYrqdun/usraKK50V1m/BPAqHX1Pdy0yxykkfG4p7lC -LEUrc+2KtLWI9+Z0imH2FhI0OdhlSZKgJfi82dbmRDeJwMmEoG9+F9qmanrtIEVu -6Tpwv8RphXI1JV7mzr6EjZqW4oHRayHlA4qcS9mTYKBNAfveEODXgbvsGRenh1X1 -kJclnX/GBpcjP/+PZ9aheAxxrTEvg7kmjrcfZKfzxepJEvCaxlg9hTKAvmMcgKp0 -V8rhWxBBfy47q8pvezjI4ip2rcedtJ21e0M98PPQLpuUxeo1xldjPLeGh8hyC9Z4 -F8HAs+uv11FXV5zaJvUIMCPx125ceYhl/1Jh36bJFX9MvjFlKOtR9mnsu84D5piW -8+yUy353864bv9rrww/dMWzrrp7nO+/3gZi/goNGfMvm5KVpuhTro6xoW5KQ5LS+ -ZQGbWXl08lJ9+k8pUuwxCFHQCKjgjmerjb8xL9claBlF8FtfrQjy33BpxqF5BLpW -CUbabJ9bA9O7fPsPhbW0XQGdXIJJLjHTP39pxCPGoBqAyUVJOc8= -=CSLe ------END PGP SIGNATURE----- diff --git a/Python-3.13.0rc2.tar.xz b/Python-3.13.0rc2.tar.xz new file mode 100644 index 0000000..5b34990 --- /dev/null +++ b/Python-3.13.0rc2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d60e8b7c10de4f71d2dffaf7c7be8efa54dc1e532fe931dbb84e5f625709e237 +size 21055084 diff --git a/Python-3.13.0rc2.tar.xz.asc b/Python-3.13.0rc2.tar.xz.asc new file mode 100644 index 0000000..3970b4e --- /dev/null +++ b/Python-3.13.0rc2.tar.xz.asc @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmbbgTdfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx +Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6 +YwUUpBAAnxUxwaFw3/XLw+5v3k2cbtzPtRmLtg81LlJ2bD5VG+RlCjbwHK03FghH +kr4YILbFXN51mT0p2XtrXnd1WRYOIWTxXQ7jji02KY6OBlIordpa0KL415R+Y0O6 +fvS4sn9r5Ww8TMGHthGeN1boMjtFUHHRZKNUmIzVWihjxQX6UiPVcb9ezM2WDbhI +hmGtyEq7KLYwl9GTW/YlsAQXyVvveePgr6PrMjRRquOSVL2vD+ZA8qrQvzWYCza6 +jDa2+6jrFlE6PpbCUDoRMDagjU2gEG9DllSziayh3aqMHG2fVbEqzLtBHl9EJ7IL +yOkhgVVmqus52O5P0YhDDp2fkSxs2JgrXiF2Dd2UTIKKrFQkxmknoj/ScyyeajAj +ymqf1CZf3ydhpEng+HGpnU+vWBnQA+v7BZBQXaoPGvMzTeNy1cn5JPTFFkcKXKDE +jX8AzV82+OHnZ/80tLNTNCyFQNStKF2CNrHR1gnMAcgQTaJOlp4NMD3nC88WQlpx +M4HC/yXq4556AaAzv0CctfzMLejvwmszMxbADHI4FcS7BJO85WsSXH3pnAx3Gfgg +5NSEMB1ZAsoS9WbkxTkgaJOT9fHmf86S/sdx4W1zBetmag11bTVWHJwbE9z5V0YQ ++fwQYVsi+ecgs3mL7vJzg8vEpJ33O2/y4vqySQYZRA4aIKn9Ks0= +=dHr3 +-----END PGP SIGNATURE----- diff --git a/_multibuild b/_multibuild index 1d50bc4..6fef3f5 100644 --- a/_multibuild +++ b/_multibuild @@ -1,4 +1,6 @@ base doc + nogil + nogil-base diff --git a/bso1227999-reproducible-builds.patch b/bso1227999-reproducible-builds.patch deleted file mode 100644 index 1e7ab18..0000000 --- a/bso1227999-reproducible-builds.patch +++ /dev/null @@ -1,24 +0,0 @@ -From ac2b8869724d7a57d9b5efbdce2f20423214e8bb Mon Sep 17 00:00:00 2001 -From: "Bernhard M. Wiedemann" -Date: Tue, 16 Jul 2024 21:39:33 +0200 -Subject: [PATCH] Allow to override build date with SOURCE_DATE_EPOCH - -to make builds reproducible. -See https://reproducible-builds.org/ for why this is good -and https://reproducible-builds.org/specs/source-date-epoch/ -for the definition of this variable. ---- - Doc/library/functions.rst | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/Doc/library/functions.rst -+++ b/Doc/library/functions.rst -@@ -1502,7 +1502,7 @@ are always available. They are listed h - (where :func:`open` is declared), :mod:`os`, :mod:`os.path`, :mod:`tempfile`, - and :mod:`shutil`. - -- .. audit-event:: open file,mode,flags open -+ .. audit-event:: open path,mode,flags open - - The ``mode`` and ``flags`` arguments may have been modified or inferred from - the original call. diff --git a/fix_configure_rst.patch b/fix_configure_rst.patch deleted file mode 100644 index 986132a..0000000 --- a/fix_configure_rst.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- - Misc/NEWS | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/Misc/NEWS -+++ b/Misc/NEWS -@@ -17647,7 +17647,7 @@ C API - - bpo-40939: Removed documentation for the removed ``PyParser_*`` C API. - - - bpo-43795: The list in :ref:`limited-api-list` now shows the public name -- :c:struct:`PyFrameObject` rather than ``_frame``. The non-existing entry -+ :c:type:`PyFrameObject` rather than ``_frame``. The non-existing entry - ``_node`` no longer appears in the list. - - - bpo-44378: :c:func:`Py_IS_TYPE` no longer uses :c:func:`Py_TYPE` to avoid diff --git a/gh122136-test_asyncio-kernel-buffer-data.patch b/gh122136-test_asyncio-kernel-buffer-data.patch deleted file mode 100644 index 4ea07f6..0000000 --- a/gh122136-test_asyncio-kernel-buffer-data.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 235fbc05dcbca5cb5f7f0cd836317b8426e33243 Mon Sep 17 00:00:00 2001 -From: Petr Viktorin -Date: Wed, 28 Aug 2024 22:36:42 +0200 -Subject: [PATCH] gh-122136: test_asyncio: Don't fail if the kernel buffers - more data than advertised (GH-123423) (cherry picked from commit - b379f1b26c1e89c8e9160b4dede61b980cc77be6) - -Co-authored-by: Petr Viktorin ---- - Lib/test/test_asyncio/test_server.py | 18 +++++++++++++----- - 1 file changed, 13 insertions(+), 5 deletions(-) - -diff --git a/Lib/test/test_asyncio/test_server.py b/Lib/test/test_asyncio/test_server.py -index 4ca8a166a0f1a1..60a40cc8349fed 100644 ---- a/Lib/test/test_asyncio/test_server.py -+++ b/Lib/test/test_asyncio/test_server.py -@@ -227,7 +227,7 @@ async def serve(rd, wr): - - (s_rd, s_wr) = await fut - -- # Limit the socket buffers so we can reliably overfill them -+ # Limit the socket buffers so we can more reliably overfill them - s_sock = s_wr.get_extra_info('socket') - s_sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 65536) - c_sock = c_wr.get_extra_info('socket') -@@ -242,10 +242,18 @@ async def serve(rd, wr): - await asyncio.sleep(0) - - # Get the writer in a waiting state by sending data until the -- # socket buffers are full on both server and client sockets and -- # the kernel stops accepting more data -- s_wr.write(b'a' * c_sock.getsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF)) -- s_wr.write(b'a' * s_sock.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF)) -+ # kernel stops accepting more data in the send buffer. -+ # gh-122136: getsockopt() does not reliably report the buffer size -+ # available for message content. -+ # We loop until we start filling up the asyncio buffer. -+ # To avoid an infinite loop we cap at 10 times the expected value -+ c_bufsize = c_sock.getsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF) -+ s_bufsize = s_sock.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF) -+ for i in range(10): -+ s_wr.write(b'a' * c_bufsize) -+ s_wr.write(b'a' * s_bufsize) -+ if s_wr.transport.get_write_buffer_size() > 0: -+ break - self.assertNotEqual(s_wr.transport.get_write_buffer_size(), 0) - - task = asyncio.create_task(srv.wait_closed()) diff --git a/python313.changes b/python313.changes index b83d7cb..fca3fda 100644 --- a/python313.changes +++ b/python313.changes @@ -1,3 +1,193 @@ +------------------------------------------------------------------- +Sat Sep 7 15:36:03 UTC 2024 - Matej Cepl + +- Update to 3.13.0~rc2: + - Tools/Demos + - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15 + and multissltests to use 3.0.15, 3.1.7, and 3.2.3. + - Tests + - gh-119727: Add --single-process command line option to + Python test runner (regrtest). Patch by Victor Stinner. + - gh-101525: Skip test_gdb if the binary is relocated by + BOLT. Patch by Donghee Na. + - Security + - gh-123678: Upgrade libexpat to 2.6.3 + - gh-121285: Remove backtracking from tarfile header parsing + for hdrcharset, PAX, and GNU sparse headers (bsc#1230227, + CVE-2024-6232). + - Library + - gh-123448: Fixed memory leak of typing.NoDefault by moving + it to the static types array. + - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output + according to RFC 3596, §2.5. Patch by Bénédikt Tran. + - gh-123270: Applied a more surgical fix for malformed + payloads in zipfile.Path causing infinite loops (gh-122905) + without breaking contents using legitimate characters + (bsc#1229704, CVE-2024-8088). + - gh-123228: Fix return type for + _pyrepl.readline._ReadlineWrapper.get_line_buffer() to be + str(). Patch by Sergey B Kirpichev. + - gh-123240: Raise audit events for the input() in the new + REPL. + - gh-123243: Fix memory leak in _decimal. + - gh-122546: Consistently use same file name for different + exceptions in the new repl. Patch by Sergey B Kirpichev. + - gh-123213: xml.etree.ElementTree.Element.extend() and + Element assignment no longer hide the internal exception if + an erronous generator is passed. Patch by Bar Harel. + - gh-85110: Preserve relative path in URL without netloc in + urllib.parse.urlunsplit() and urllib.parse.urlunparse(). + - gh-123067: Fix quadratic complexity in parsing "-quoted + cookie values with backslashes by http.cookies + (bsc#1229596, CVE-2024-7592) + - gh-122981: Fix inspect.getsource() for generated classes + with Python base classes (e.g. enums). + - gh-122903: zipfile.Path.glob now correctly matches + directories instead of silently omitting them. + - gh-122905: zipfile.Path objects now sanitize names from the + zipfile. + - gh-122695: Fixed double-free when using gc.get_referents() + with a freed asyncio.Future iterator. + - gh-116263: logging.handlers.RotatingFileHandler no longer + rolls over empty log files. + - gh-105376: Restore the deprecated logging warn() method. It + was removed in Python 3.13 alpha 1. Keep the deprecated + warn() method in Python 3.13. Patch by Victor Stinner. + - gh-122744: Bump the version of pip bundled in ensurepip to + version 24.2. + - gh-118814: Fix the typing.TypeVar constructor when name is + passed by keyword. + - gh-122478: Remove internal frames from tracebacks + shown in code.InteractiveInterpreter with non-default + sys.excepthook(). Save correct tracebacks in + sys.last_traceback and update __traceback__ attribute of + sys.last_value and sys.last_exc. + - gh-116622: On Android, the FICLONE and FICLONERANGE + constants are no longer exposed by fcntl, as these ioctls + are blocked by SELinux. + - gh-82378: Make sure that the new REPL interprets + sys.tracebacklimit in the same way that the classic REPL + did. + - gh-122334: Fix crash when importing ssl after the main + interpreter restarts. + - gh-87320: In code.InteractiveInterpreter, handle exceptions + caused by calling a non-default sys.excepthook(). Before, + the exception bubbled up to the caller, ending the REPL. + - gh-121650: email headers with embedded newlines + are now quoted on output. The generator will + now refuse to serialize (write) headers + that are unsafely folded or delimited; see + verify_generated_headers. (Contributed by Bas Bloemsaat and + Petr Viktorin in gh-121650.; CVE-2024-6923, bsc#1228780) + - gh-121723: Make logging.config.dictConfig() accept any + object implementing the Queue public API. See the queue + configuration section for details. Patch by Bénédikt Tran. + - gh-122081: Fix a crash in the decimal.IEEEContext() + optional function available via the EXTRA_FUNCTIONALITY + configuration flag. + - gh-121804: Correctly show error locations, when SyntaxError + raised in new repl. Patch by Sergey B Kirpichev. + - gh-121151: Fix wrapping of long usage text of arguments + inside a mutually exclusive group in argparse. + - gh-108172: webbrowser honors OS preferred browser on Linux + when its desktop entry name contains the text of a known + browser name. + - gh-109109: You can now get the raw TLS . + Cocertificate chains from TLS connections . + Covia ssl.SSLSocket.get_verified_chain() and . + Cossl.SSLSocket.get_unverified_chain() methods ntributed by . + CoMateusz Nowak . + - IDLE + - gh-120083: Add explicit black IDLE Hovertip foreground + color needed for recent macOS. Fixes Sonoma showing + unreadable white on pale yellow. Patch by John Riggles. + - Core and Builtins + - gh-123572: Fix key mappings for various F-keys in Windows + for the new REPL. Patch by devdanzin + - gh-123484: Fix _Py_DebugOffsets for long objects to be + relative to the start of the object rather than the start + of a subobject. + - gh-123344: Add AST optimizations for type parameter + defaults. + - gh-123321: Prevent Parser/myreadline race condition from + segfaulting on multi-threaded use. Patch by Bar Harel and + Amit Wienner. + - gh-123177: Fix a bug causing stray prompts to appear in the + middle of wrapped lines in the new REPL. + - gh-122982: Extend the deprecation period for bool inversion + (~) by two years. + - gh-123177: Deactivate line wrap in the Apple Terminal via a + ANSI escape code. Patch by Pablo Galindo + - gh-123229: Fix valgrind warning by initializing the + f-string buffers to 0 in the tokenizer. Patch by Pablo + Galindo + - gh-122298: Restore printout of GC stats when + gc.set_debug(gc.DEBUG_STATS) is called. This featue was + accidentally removed when implementing incremental GC. + - gh-121804: Correctly show error locations when a + SyntaxError is raised in the basic REPL. Patch by Sergey B + Kirpichev. + - gh-123142: Fix too-wide source location in exception + tracebacks coming from broken iterables in comprehensions. + - gh-123048: Fix a bug where pattern matching code could emit + a JUMP_FORWARD with no source location. + - gh-123123: Fix displaying SyntaxError exceptions covering + multiple lines. Patch by Pablo Galindo + - gh-123083: Fix a potential use-after-free in + STORE_ATTR_WITH_HINT. + - gh-123022: Fix crash in free-threaded build when calling + Py_Initialize() from a non-main thread. + - gh-122888: Fix crash on certain calls to str() with + positional arguments of the wrong type. Patch by Jelle + Zijlstra. + - gh-116622: Fix Android stdout and stderr messages being + truncated or lost. + - gh-122527: Fix a crash that occurred when a + PyStructSequence was deallocated after its type’s + dictionary was cleared by the GC. The type’s tp_basicsize + now accounts for non-sequence fields that aren’t included + in the Py_SIZE of the sequence. + - gh-122445: Add only fields which are modified via self.* to + __static_attributes__. + - gh-98442: Fix too wide source locations of the cleanup + instructions of a with statement. + - gh-93691: Fix source locations of instructions generated + for with statements. + - gh-120097: FrameLocalsProxy now subclasses + collections.abc.Mapping and can be matched as a mapping in + match statements + - C API + - gh-122728: Fix PyEval_GetLocals() to avoid SystemError + (“bad argument to internal function”). Patch by Victor + Stinner. + - Build + - gh-123297: Propagate the value of LDFLAGS to LDCXXSHARED in + sysconfig. Patch by Pablo Galindo + - gh-116622: Rename build variable MODULE_LDFLAGS back + to LIBPYTHON, as it’s used by package build systems + (e.g. Meson). + - gh-118943: Fix an issue where the experimental JIT could be + built several times by the make regen-all target, leading + to possible race conditions on heavily parallelized builds. + - gh-118943: Fix a possible race condition affecting parallel + builds configured with --enable-experimental-jit, in which + FileNotFoundError could be caused by another process + already moving jit_stencils.h.new to jit_stencils.h. +- Remove upstreamed patches: + - bso1227999-reproducible-builds.patch + - CVE-2024-8088-inf-loop-zipfile_Path.patch + - gh120226-fix-sendfile-test-kernel-610.patch + - gh122136-test_asyncio-kernel-buffer-data.patch + - fix_configure_rst.patch + - CVE-2024-6923-email-hdr-inject.patch + +------------------------------------------------------------------- +Mon Sep 2 09:44:26 UTC 2024 - Matej Cepl + +- Add gh120226-fix-sendfile-test-kernel-610.patch to avoid + failing test_sendfile_close_peer_in_the_middle_of_receiving + tests on Linux >= 6.10 (GH-120227). + ------------------------------------------------------------------- Thu Aug 29 14:46:39 UTC 2024 - Matej Cepl @@ -445,6 +635,12 @@ Fri Jun 28 06:12:20 UTC 2024 - Matej Cepl - python-3.3.0b1-fix_date_time_compiler.patch - subprocess-raise-timeout.patch +------------------------------------------------------------------- +Thu Jun 6 11:48:20 UTC 2024 - Daniel Garcia + +- Build experimental package python313-base-nogil with + --disable-gil option. + ------------------------------------------------------------------- Thu Jun 6 09:59:51 UTC 2024 - Daniel Garcia @@ -1328,8 +1524,9 @@ Thu May 9 08:18:00 UTC 2024 - Daniel Garcia ipaddress.IPv4Address.is_global ipaddress.IPv6Address.is_private ipaddress.IPv6Address.is_global - - Also in the corresponding ipaddress.IPv4Network and - ipaddress.IPv6Network attributes. + - Also in the corresponding ipaddress.IPv4Network and + ipaddress.IPv6Network attributes. + - Fixes bsc#1226448 (CVE-2024-4032). - gh-63283: In encodings.idna, any capitalization of the the ACE prefix (xn--) is now acceptable. Patch by Pepijn de Vos and Zackery Spytz. @@ -2617,7 +2814,7 @@ Thu Feb 8 08:10:09 UTC 2024 - Daniel Garcia behavior, accept malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can be use to check if the strict paramater is available. Patch by Thomas Dwyer and Victor - Stinner to improve the CVE-2023-27043 fix. + Stinner to improve the CVE-2023-27043 fix (bsc#1210638). - gh-52161: cmd.Cmd.do_help() now cleans docstrings with inspect.cleandoc() before writing them. Patch by Filip Łapkiewicz. @@ -6096,7 +6293,8 @@ Thu Jul 16 21:45:50 UTC 2020 - Callum Farmer - Spec file fixes - Re-added subprocess-raise-timeout.patch: now compatible -- Removed bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch: contained in upstream +- Removed bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch: + contained in upstream ------------------------------------------------------------------- Wed Jul 15 09:10:42 UTC 2020 - Tomáš Chvátal diff --git a/python313.spec b/python313.spec index df2f0e5..9437cc3 100644 --- a/python313.spec +++ b/python313.spec @@ -22,18 +22,36 @@ %bcond_without doc %bcond_with base %bcond_with general +%bcond_without GIL %endif %if "%{flavor}" == "base" %define psuffix -core %bcond_with doc %bcond_without base %bcond_with general +%bcond_without GIL %endif %if "%{flavor}" == "" %define psuffix %{nil} %bcond_with doc %bcond_with base %bcond_without general +%bcond_without GIL +%endif + +%if "%{flavor}" == "nogil" +%define psuffix %{nil} +%bcond_with doc +%bcond_with base +%bcond_without general +%bcond_with GIL +%endif +%if "%{flavor}" == "nogil-base" +%define psuffix -nogil-core +%bcond_with doc +%bcond_without base +%bcond_with general +%bcond_with GIL %endif %if 0%{?do_profiling} @@ -51,6 +69,11 @@ %endif %define python_pkg_name python313 +%if %{without GIL} +%define python_pkg_name python313-nogil +%define base_pkg_name python313 +%endif + %if "%{python_pkg_name}" == "%{primary_python}" %define primary_interpreter 1 %else @@ -87,6 +110,10 @@ %define sitedir %{_libdir}/python%{python_version} # three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 %define abi_kind %{nil} +%if %{without GIL} +%define abi_kind t +%define sitedir %{_libdir}/python%{python_version}%{abi_kind} +%endif # python ABI version - used in some file names %define python_abi %{python_version}%{abi_kind} # soname ABI tag defined in PEP 3149 @@ -117,8 +144,8 @@ # _md5.cpython-38m-x86_64-linux-gnu.so %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so Name: %{python_pkg_name}%{psuffix} -Version: 3.13.0~rc1 -%define tarversion 3.13.0rc1 +Version: 3.13.0~rc2 +%define tarversion 3.13.0rc2 %define tarname Python-%{tarversion} Release: 0 Summary: Python 3 Interpreter @@ -174,21 +201,6 @@ Patch08: no-skipif-doctests.patch # PATCH-FIX-SLE skip-test_pyobject_freed_is_freed.patch mcepl@suse.com # skip a test failing on SLE-15 Patch09: skip-test_pyobject_freed_is_freed.patch -# PATCH-FIX-SLE fix_configure_rst.patch bpo#43774 mcepl@suse.com -# remove duplicate link targets and make documentation with old Sphinx in SLE -Patch10: fix_configure_rst.patch -# PATCH-FIX-UPSTREAM CVE-2024-6923-email-hdr-inject.patch bsc#1228780 mcepl@suse.com -# prevent email header injection, patch from gh#python/cpython!122608 -Patch12: CVE-2024-6923-email-hdr-inject.patch -# PATCH-FIX-UPSTREAM bso1227999-reproducible-builds.patch bsc#1227999 mcepl@suse.com -# reproducibility patches -Patch13: bso1227999-reproducible-builds.patch -# PATCH-FIX-UPSTREAM CVE-2024-8088-inf-loop-zipfile_Path.patch bsc#1229704 mcepl@suse.com -# avoid denial of service in zipfile -Patch14: CVE-2024-8088-inf-loop-zipfile_Path.patch -# PATCH-FIX-UPSTREAM gh122136-test_asyncio-kernel-buffer-data.patch gh#python/cpython#122136 mcepl@suse.com -# test.test_asyncio.test_server.TestServer2.test_abort_clients fails because of changes in the kernel -Patch15: gh122136-test_asyncio-kernel-buffer-data.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes @@ -226,6 +238,10 @@ BuildRequires: python3-python-docs-theme >= 2022.1 BuildRequires: clang => 18 BuildRequires: llvm => 18 +%if %{without GIL} +ExcludeArch: aarch64 +%endif + %if %{with general} # required for idle3 (.desktop and .appdata.xml files) BuildRequires: appstream-glib @@ -444,7 +460,7 @@ This package contains libpython3.2 shared library for embedding in other applications. %prep -%autosetup -p1 -N -n %{tarname} +%setup -q -n %{tarname} %autopatch -p1 -M 07 %if 0%{?suse_version} <= 1500 @@ -478,7 +494,7 @@ sed -i -e '/Breakpoint 3 at ...pdb.py:97/s/97/96/' Lib/test/test_pdb.py %endif # Cannot remove it because of gh#python/cpython#92875 -# rm -r Modules/expat +rm -r Modules/expat # drop duplicate README from site-packages rm Lib/site-packages/README.txt @@ -536,6 +552,9 @@ export CFLAGS="%{optflags} -IVendor/" %endif %if %{with experimental_jit} --enable-experimental-jit=yes-off \ +%endif +%if %{without GIL} + --disable-gil \ %endif --enable-loadable-sqlite-extensions @@ -680,12 +699,12 @@ done # Idle is not packaged in base due to the appstream-glib dependency # move idle config into /etc -install -d -m 755 %{buildroot}%{_sysconfdir}/idle%{python_version} +install -d -m 755 %{buildroot}%{_sysconfdir}/idle%{python_abi} ( cd %{buildroot}/%{sitedir}/idlelib/ for file in *.def ; do - mv $file %{buildroot}%{_sysconfdir}/idle%{python_version}/ - ln -sf %{_sysconfdir}/idle%{python_version}/$file %{buildroot}/%{sitedir}/idlelib/ + mv $file %{buildroot}%{_sysconfdir}/idle%{python_abi}/ + ln -sf %{_sysconfdir}/idle%{python_abi}/$file %{buildroot}/%{sitedir}/idlelib/ done ) @@ -693,23 +712,28 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/idle%{python_version} ls -l %{buildroot}%{_bindir}/ rm %{buildroot}%{_bindir}/idle3 +# mve idle binary to idle3.13t to avoid conflict +%if %{without GIL} +mv %{buildroot}%{_bindir}/idle%{python_version} %{buildroot}%{_bindir}/idle%{python_abi} +%endif + # install idle icons for size in 16 32 48 ; do install -m 644 -D Lib/idlelib/Icons/idle_${size}.png \ - %{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle%{python_version}.png + %{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle%{python_abi}.png done # install idle desktop file -cp %{SOURCE19} idle%{python_version}.desktop -sed -i -e 's:idle3:idle%{python_version}:g' idle%{python_version}.desktop -install -m 644 -D -t %{buildroot}%{_datadir}/applications idle%{python_version}.desktop +cp %{SOURCE19} idle%{python_abi}.desktop +sed -i -e 's:idle3:idle%{python_abi}:g' idle%{python_abi}.desktop +install -m 644 -D -t %{buildroot}%{_datadir}/applications idle%{python_abi}.desktop -cp %{SOURCE20} idle%{python_version}.appdata.xml -sed -i -e 's:idle3.desktop:idle%{python_version}.desktop:g' idle%{python_version}.appdata.xml -install -m 644 -D -t %{buildroot}%{_datadir}/metainfo idle%{python_version}.appdata.xml -appstream-util validate-relax --nonet %{buildroot}%{_datadir}/metainfo/idle%{python_version}.appdata.xml +cp %{SOURCE20} idle%{python_abi}.appdata.xml +sed -i -e 's:idle3.desktop:idle%{python_abi}.desktop:g' idle%{python_abi}.appdata.xml +install -m 644 -D -t %{buildroot}%{_datadir}/metainfo idle%{python_abi}.appdata.xml +appstream-util validate-relax --nonet %{buildroot}%{_datadir}/metainfo/idle%{python_abi}.appdata.xml -%fdupes %{buildroot}/%{_libdir}/python%{python_version} +%fdupes %{buildroot}/%{_libdir}/python%{python_abi} %endif %if %{with base} %make_install @@ -721,7 +745,7 @@ find %{buildroot} -name "*.a" -delete install -d -m 755 %{buildroot}%{sitedir}/site-packages install -d -m 755 %{buildroot}%{sitedir}/site-packages/__pycache__ # and their 32bit counterparts explicitly -mkdir -p %{buildroot}%{_prefix}/lib/python%{python_version}/site-packages/__pycache__ +mkdir -p %{buildroot}%{_prefix}/lib/python%{python_abi}/site-packages/__pycache__ # cleanup parts that don't belong for dir in curses dbm sqlite3 tkinter idlelib; do @@ -749,7 +773,7 @@ sed -e 's,__PYTHONPREFIX__,%{python_pkg_name},' -e 's,__PYTHON__,python%{python_ %endif # link shared library instead of static library that tools expect -ln -s ../../libpython%{python_abi}.so %{buildroot}%{_libdir}/python%{python_version}/config-%{python_abi}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}/libpython%{python_abi}.so +ln -s ../../libpython%{python_abi}.so %{buildroot}%{_libdir}/python%{python_abi}/config-%{python_abi}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}/libpython%{python_abi}.so # delete idle3, which has to many packaging dependencies for base rm %{buildroot}%{_bindir}/idle3* @@ -805,6 +829,17 @@ LD_LIBRARY_PATH=. ./python -O -c "from py_compile import compile; compile('$FAIL done < %{SOURCE9} ) echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-import-failed-hooks.pth + +# not packaged without GIL +%if %{without GIL} +rm -rf %{buildroot}%{_libdir}/pkgconfig/python-%{python_version}.pc +rm -rf %{buildroot}%{_libdir}/pkgconfig/python-%{python_version}-embed.pc +rm %{buildroot}%{_bindir}/python%{python_version} +rm %{buildroot}%{_bindir}/pydoc%{python_version} +rm %{buildroot}%{_bindir}/python%{python_version}-config +rm %{buildroot}%{_mandir}/man1/python%{python_version}.1* +%endif + %endif %if %{with general} @@ -831,21 +866,22 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %files -n %{python_pkg_name}-idle %{sitedir}/idlelib -%dir %{_sysconfdir}/idle%{python_version} -%config %{_sysconfdir}/idle%{python_version}/* +%dir %{_sysconfdir}/idle%{python_abi} +%config %{_sysconfdir}/idle%{python_abi}/* %doc Lib/idlelib/README.txt %doc Lib/idlelib/TODO.txt %doc Lib/idlelib/extend.txt %doc Lib/idlelib/ChangeLog -%{_bindir}/idle%{python_version} -%{_datadir}/applications/idle%{python_version}.desktop -%{_datadir}/metainfo/idle%{python_version}.appdata.xml -%{_datadir}/icons/hicolor/*/apps/idle%{python_version}.png +%{_bindir}/idle%{python_abi} +%{_datadir}/applications/idle%{python_abi}.desktop +%{_datadir}/metainfo/idle%{python_abi}.appdata.xml +%{_datadir}/icons/hicolor/*/apps/idle%{python_abi}.png %dir %{_datadir}/icons/hicolor %dir %{_datadir}/icons/hicolor/16x16 %dir %{_datadir}/icons/hicolor/32x32 %dir %{_datadir}/icons/hicolor/48x48 %dir %{_datadir}/icons/hicolor/*/apps + # endif for if general %endif @@ -920,7 +956,11 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %if %{primary_interpreter} %{_mandir}/man1/python3.1%{?ext_man} %endif + +%if %{with GIL} %{_mandir}/man1/python%{python_version}.1%{?ext_man} +%endif + %if %{suse_version} > 1550 # PEP-0668 %{sitedir}/EXTERNALLY-MANAGED @@ -931,8 +971,10 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %if %{primary_interpreter} %{_rpmconfigdir}/macros.d/macros.python3 %endif + # binary parts %dir %{sitedir}/lib-dynload + %{dynlib array} %{dynlib _asyncio} %{dynlib binascii} @@ -993,11 +1035,13 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %{dynlib _sha1} %{dynlib _sha2} %{dynlib _sha3} -# python parts -%dir %{_prefix}/lib/python%{python_version} -%dir %{_prefix}/lib/python%{python_version}/site-packages -%dir %{_prefix}/lib/python%{python_version}/site-packages/__pycache__ + %dir %{sitedir} +# python parts +%dir %{_prefix}/lib/python%{python_abi} +%dir %{_prefix}/lib/python%{python_abi}/site-packages +%dir %{_prefix}/lib/python%{python_abi}/site-packages/__pycache__ + %dir %{sitedir}/site-packages %dir %{sitedir}/site-packages/__pycache__ # %%exclude %%{sitedir}/*/test @@ -1041,9 +1085,11 @@ echo %{sitedir}/_import_failed > %{buildroot}/%{sitedir}/site-packages/zzzz-impo %{_bindir}/pydoc3 %endif # executables +%if %{with GIL} %attr(755, root, root) %{_bindir}/pydoc%{python_version} -# %%attr(755, root, root) %%{_bindir}/python%%{python_abi} -%attr(755, root, root) %{_bindir}/python%{python_version} +%endif +%attr(755, root, root) %{_bindir}/python%{python_abi} + # endif for if base %endif