forked from pool/python38
- Update to 3.8.19:
- Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-113659: Skip .pth files with names starting with a dot or hidden file attribute. - Core and Builtins - gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004 codecs read out of bounds - Library - gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. - gh-81194: Fix a crash in socket.if_indextoname() with specific value (UINT_MAX). Fix an integer overflow in socket.if_indextoname() on 64-bit non-Windows platforms. - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now raises BadZipFile when try to read an entry that overlaps with other entry or central directory. - gh-107077: Seems that in some conditions, OpenSSL will return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL when a certification verification has failed, but the error parameters will still contain ERR_LIB_SSL OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=149
This commit is contained in:
parent
9e0baf2aee
commit
9921186373
@ -21,7 +21,7 @@ https://bugs.python.org/issue35746
|
|||||||
|
|
||||||
--- a/Lib/test/test_ssl.py
|
--- a/Lib/test/test_ssl.py
|
||||||
+++ b/Lib/test/test_ssl.py
|
+++ b/Lib/test/test_ssl.py
|
||||||
@@ -501,6 +501,27 @@ class BasicSocketTests(unittest.TestCase
|
@@ -507,6 +507,27 @@ class BasicSocketTests(unittest.TestCase
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -1,191 +0,0 @@
|
|||||||
---
|
|
||||||
Lib/tempfile.py | 26 +-
|
|
||||||
Lib/test/test_tempfile.py | 117 +++++++++-
|
|
||||||
Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst | 2
|
|
||||||
3 files changed, 136 insertions(+), 9 deletions(-)
|
|
||||||
|
|
||||||
--- a/Lib/tempfile.py
|
|
||||||
+++ b/Lib/tempfile.py
|
|
||||||
@@ -263,6 +263,22 @@ def _mkstemp_inner(dir, pre, suf, flags,
|
|
||||||
raise FileExistsError(_errno.EEXIST,
|
|
||||||
"No usable temporary file name found")
|
|
||||||
|
|
||||||
+def _dont_follow_symlinks(func, path, *args):
|
|
||||||
+ # Pass follow_symlinks=False, unless not supported on this platform.
|
|
||||||
+ if func in _os.supports_follow_symlinks:
|
|
||||||
+ func(path, *args, follow_symlinks=False)
|
|
||||||
+ elif _os.name == 'nt' or not _os.path.islink(path):
|
|
||||||
+ func(path, *args)
|
|
||||||
+
|
|
||||||
+def _resetperms(path):
|
|
||||||
+ try:
|
|
||||||
+ chflags = _os.chflags
|
|
||||||
+ except AttributeError:
|
|
||||||
+ pass
|
|
||||||
+ else:
|
|
||||||
+ _dont_follow_symlinks(chflags, path, 0)
|
|
||||||
+ _dont_follow_symlinks(_os.chmod, path, 0o700)
|
|
||||||
+
|
|
||||||
|
|
||||||
# User visible interfaces.
|
|
||||||
|
|
||||||
@@ -786,17 +802,11 @@ class TemporaryDirectory(object):
|
|
||||||
def _rmtree(cls, name):
|
|
||||||
def onerror(func, path, exc_info):
|
|
||||||
if issubclass(exc_info[0], PermissionError):
|
|
||||||
- def resetperms(path):
|
|
||||||
- try:
|
|
||||||
- _os.chflags(path, 0)
|
|
||||||
- except AttributeError:
|
|
||||||
- pass
|
|
||||||
- _os.chmod(path, 0o700)
|
|
||||||
|
|
||||||
try:
|
|
||||||
if path != name:
|
|
||||||
- resetperms(_os.path.dirname(path))
|
|
||||||
- resetperms(path)
|
|
||||||
+ _resetperms(_os.path.dirname(path))
|
|
||||||
+ _resetperms(path)
|
|
||||||
|
|
||||||
try:
|
|
||||||
_os.unlink(path)
|
|
||||||
--- a/Lib/test/test_tempfile.py
|
|
||||||
+++ b/Lib/test/test_tempfile.py
|
|
||||||
@@ -1377,6 +1377,103 @@ class TestTemporaryDirectory(BaseTestCas
|
|
||||||
"were deleted")
|
|
||||||
d2.cleanup()
|
|
||||||
|
|
||||||
+ @support.skip_unless_symlink
|
|
||||||
+ def test_cleanup_with_symlink_modes(self):
|
|
||||||
+ # cleanup() should not follow symlinks when fixing mode bits (#91133)
|
|
||||||
+ with self.do_create(recurse=0) as d2:
|
|
||||||
+ file1 = os.path.join(d2, 'file1')
|
|
||||||
+ open(file1, 'wb').close()
|
|
||||||
+ dir1 = os.path.join(d2, 'dir1')
|
|
||||||
+ os.mkdir(dir1)
|
|
||||||
+ for mode in range(8):
|
|
||||||
+ mode <<= 6
|
|
||||||
+ with self.subTest(mode=format(mode, '03o')):
|
|
||||||
+ def test(target, target_is_directory):
|
|
||||||
+ d1 = self.do_create(recurse=0)
|
|
||||||
+ symlink = os.path.join(d1.name, 'symlink')
|
|
||||||
+ os.symlink(target, symlink,
|
|
||||||
+ target_is_directory=target_is_directory)
|
|
||||||
+ try:
|
|
||||||
+ os.chmod(symlink, mode, follow_symlinks=False)
|
|
||||||
+ except NotImplementedError:
|
|
||||||
+ pass
|
|
||||||
+ try:
|
|
||||||
+ os.chmod(symlink, mode)
|
|
||||||
+ except FileNotFoundError:
|
|
||||||
+ pass
|
|
||||||
+ os.chmod(d1.name, mode)
|
|
||||||
+ d1.cleanup()
|
|
||||||
+ self.assertFalse(os.path.exists(d1.name))
|
|
||||||
+
|
|
||||||
+ with self.subTest('nonexisting file'):
|
|
||||||
+ test('nonexisting', target_is_directory=False)
|
|
||||||
+ with self.subTest('nonexisting dir'):
|
|
||||||
+ test('nonexisting', target_is_directory=True)
|
|
||||||
+
|
|
||||||
+ with self.subTest('existing file'):
|
|
||||||
+ os.chmod(file1, mode)
|
|
||||||
+ old_mode = os.stat(file1).st_mode
|
|
||||||
+ test(file1, target_is_directory=False)
|
|
||||||
+ new_mode = os.stat(file1).st_mode
|
|
||||||
+ self.assertEqual(new_mode, old_mode,
|
|
||||||
+ '%03o != %03o' % (new_mode, old_mode))
|
|
||||||
+
|
|
||||||
+ with self.subTest('existing dir'):
|
|
||||||
+ os.chmod(dir1, mode)
|
|
||||||
+ old_mode = os.stat(dir1).st_mode
|
|
||||||
+ test(dir1, target_is_directory=True)
|
|
||||||
+ new_mode = os.stat(dir1).st_mode
|
|
||||||
+ self.assertEqual(new_mode, old_mode,
|
|
||||||
+ '%03o != %03o' % (new_mode, old_mode))
|
|
||||||
+
|
|
||||||
+ @unittest.skipUnless(hasattr(os, 'chflags'), 'requires os.chflags')
|
|
||||||
+ @support.skip_unless_symlink
|
|
||||||
+ def test_cleanup_with_symlink_flags(self):
|
|
||||||
+ # cleanup() should not follow symlinks when fixing flags (#91133)
|
|
||||||
+ flags = stat.UF_IMMUTABLE | stat.UF_NOUNLINK
|
|
||||||
+ self.check_flags(flags)
|
|
||||||
+
|
|
||||||
+ with self.do_create(recurse=0) as d2:
|
|
||||||
+ file1 = os.path.join(d2, 'file1')
|
|
||||||
+ open(file1, 'wb').close()
|
|
||||||
+ dir1 = os.path.join(d2, 'dir1')
|
|
||||||
+ os.mkdir(dir1)
|
|
||||||
+ def test(target, target_is_directory):
|
|
||||||
+ d1 = self.do_create(recurse=0)
|
|
||||||
+ symlink = os.path.join(d1.name, 'symlink')
|
|
||||||
+ os.symlink(target, symlink,
|
|
||||||
+ target_is_directory=target_is_directory)
|
|
||||||
+ try:
|
|
||||||
+ os.chflags(symlink, flags, follow_symlinks=False)
|
|
||||||
+ except NotImplementedError:
|
|
||||||
+ pass
|
|
||||||
+ try:
|
|
||||||
+ os.chflags(symlink, flags)
|
|
||||||
+ except FileNotFoundError:
|
|
||||||
+ pass
|
|
||||||
+ os.chflags(d1.name, flags)
|
|
||||||
+ d1.cleanup()
|
|
||||||
+ self.assertFalse(os.path.exists(d1.name))
|
|
||||||
+
|
|
||||||
+ with self.subTest('nonexisting file'):
|
|
||||||
+ test('nonexisting', target_is_directory=False)
|
|
||||||
+ with self.subTest('nonexisting dir'):
|
|
||||||
+ test('nonexisting', target_is_directory=True)
|
|
||||||
+
|
|
||||||
+ with self.subTest('existing file'):
|
|
||||||
+ os.chflags(file1, flags)
|
|
||||||
+ old_flags = os.stat(file1).st_flags
|
|
||||||
+ test(file1, target_is_directory=False)
|
|
||||||
+ new_flags = os.stat(file1).st_flags
|
|
||||||
+ self.assertEqual(new_flags, old_flags)
|
|
||||||
+
|
|
||||||
+ with self.subTest('existing dir'):
|
|
||||||
+ os.chflags(dir1, flags)
|
|
||||||
+ old_flags = os.stat(dir1).st_flags
|
|
||||||
+ test(dir1, target_is_directory=True)
|
|
||||||
+ new_flags = os.stat(dir1).st_flags
|
|
||||||
+ self.assertEqual(new_flags, old_flags)
|
|
||||||
+
|
|
||||||
@support.cpython_only
|
|
||||||
def test_del_on_collection(self):
|
|
||||||
# A TemporaryDirectory is deleted when garbage collected
|
|
||||||
@@ -1489,9 +1586,27 @@ class TestTemporaryDirectory(BaseTestCas
|
|
||||||
d.cleanup()
|
|
||||||
self.assertFalse(os.path.exists(d.name))
|
|
||||||
|
|
||||||
- @unittest.skipUnless(hasattr(os, 'chflags'), 'requires os.lchflags')
|
|
||||||
+ def check_flags(self, flags):
|
|
||||||
+ # skip the test if these flags are not supported (ex: FreeBSD 13)
|
|
||||||
+ filename = support.TESTFN
|
|
||||||
+ try:
|
|
||||||
+ open(filename, "w").close()
|
|
||||||
+ try:
|
|
||||||
+ os.chflags(filename, flags)
|
|
||||||
+ except OSError as exc:
|
|
||||||
+ # "OSError: [Errno 45] Operation not supported"
|
|
||||||
+ self.skipTest(f"chflags() doesn't support flags "
|
|
||||||
+ f"{flags:#b}: {exc}")
|
|
||||||
+ else:
|
|
||||||
+ os.chflags(filename, 0)
|
|
||||||
+ finally:
|
|
||||||
+ support.unlink(filename)
|
|
||||||
+
|
|
||||||
+ @unittest.skipUnless(hasattr(os, 'chflags'), 'requires os.chflags')
|
|
||||||
def test_flags(self):
|
|
||||||
flags = stat.UF_IMMUTABLE | stat.UF_NOUNLINK
|
|
||||||
+ self.check_flags(flags)
|
|
||||||
+
|
|
||||||
d = self.do_create(recurse=3, dirs=2, files=2)
|
|
||||||
with d:
|
|
||||||
# Change files and directories flags recursively.
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/Misc/NEWS.d/next/Library/2022-12-01-16-57-44.gh-issue-91133.LKMVCV.rst
|
|
||||||
@@ -0,0 +1,2 @@
|
|
||||||
+Fix a bug in :class:`tempfile.TemporaryDirectory` cleanup, which now no longer
|
|
||||||
+dereferences symlinks when working around file system permission errors.
|
|
@ -82,7 +82,7 @@ Co-authored-by: Iryna Shcherbina <shcherbina.iryna@gmail.com>
|
|||||||
os.path.join(destination, "include", "python", "foopkg"))
|
os.path.join(destination, "include", "python", "foopkg"))
|
||||||
--- a/Lib/site.py
|
--- a/Lib/site.py
|
||||||
+++ b/Lib/site.py
|
+++ b/Lib/site.py
|
||||||
@@ -335,11 +335,15 @@ def getsitepackages(prefixes=None):
|
@@ -344,11 +344,15 @@ def getsitepackages(prefixes=None):
|
||||||
seen.add(prefix)
|
seen.add(prefix)
|
||||||
|
|
||||||
if os.sep == '/':
|
if os.sep == '/':
|
||||||
@ -130,7 +130,7 @@ Co-authored-by: Iryna Shcherbina <shcherbina.iryna@gmail.com>
|
|||||||
'data': '{userbase}',
|
'data': '{userbase}',
|
||||||
--- a/Lib/test/test_site.py
|
--- a/Lib/test/test_site.py
|
||||||
+++ b/Lib/test/test_site.py
|
+++ b/Lib/test/test_site.py
|
||||||
@@ -268,8 +268,8 @@ class HelperFunctionsTests(unittest.Test
|
@@ -307,8 +307,8 @@ class HelperFunctionsTests(unittest.Test
|
||||||
dirs = site.getsitepackages()
|
dirs = site.getsitepackages()
|
||||||
if os.sep == '/':
|
if os.sep == '/':
|
||||||
# OS X, Linux, FreeBSD, etc
|
# OS X, Linux, FreeBSD, etc
|
||||||
@ -183,7 +183,7 @@ Co-authored-by: Iryna Shcherbina <shcherbina.iryna@gmail.com>
|
|||||||
}
|
}
|
||||||
--- a/configure
|
--- a/configure
|
||||||
+++ b/configure
|
+++ b/configure
|
||||||
@@ -15264,9 +15264,9 @@ fi
|
@@ -15276,9 +15276,9 @@ fi
|
||||||
|
|
||||||
|
|
||||||
if test x$PLATFORM_TRIPLET = x; then
|
if test x$PLATFORM_TRIPLET = x; then
|
||||||
|
@ -13,8 +13,6 @@ Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe
|
|||||||
Lib/site.py | 9 ++++++++-
|
Lib/site.py | 9 ++++++++-
|
||||||
2 files changed, 21 insertions(+), 3 deletions(-)
|
2 files changed, 21 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
diff --git a/Lib/distutils/command/install.py b/Lib/distutils/command/install.py
|
|
||||||
index ae4f915669..0e4fd5b74a 100644
|
|
||||||
--- a/Lib/distutils/command/install.py
|
--- a/Lib/distutils/command/install.py
|
||||||
+++ b/Lib/distutils/command/install.py
|
+++ b/Lib/distutils/command/install.py
|
||||||
@@ -418,8 +418,19 @@ class install(Command):
|
@@ -418,8 +418,19 @@ class install(Command):
|
||||||
@ -39,11 +37,9 @@ index ae4f915669..0e4fd5b74a 100644
|
|||||||
|
|
||||||
else:
|
else:
|
||||||
if self.exec_prefix is None:
|
if self.exec_prefix is None:
|
||||||
diff --git a/Lib/site.py b/Lib/site.py
|
|
||||||
index 22d53fa562..9513526109 100644
|
|
||||||
--- a/Lib/site.py
|
--- a/Lib/site.py
|
||||||
+++ b/Lib/site.py
|
+++ b/Lib/site.py
|
||||||
@@ -348,7 +348,14 @@ def getsitepackages(prefixes=None):
|
@@ -357,7 +357,14 @@ def getsitepackages(prefixes=None):
|
||||||
return sitepackages
|
return sitepackages
|
||||||
|
|
||||||
def addsitepackages(known_paths, prefixes=None):
|
def addsitepackages(known_paths, prefixes=None):
|
||||||
@ -59,6 +55,3 @@ index 22d53fa562..9513526109 100644
|
|||||||
for sitedir in getsitepackages(prefixes):
|
for sitedir in getsitepackages(prefixes):
|
||||||
if os.path.isdir(sitedir):
|
if os.path.isdir(sitedir):
|
||||||
addsitedir(sitedir, known_paths)
|
addsitedir(sitedir, known_paths)
|
||||||
--
|
|
||||||
2.21.0
|
|
||||||
|
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:3ffb71cd349a326ba7b2fadc7e7df86ba577dd9c4917e52a8401adbda7405e3f
|
|
||||||
size 20696952
|
|
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEE4/8oOcBIslwITevpsmmV4xAlBWgFAmTnuvoACgkQsmmV4xAl
|
|
||||||
BWj4nA//brAaCYj+V6woO1gcYScI2xk2Ncmq3Mj1T/s0tkLxpFcaevsu4snnY4tV
|
|
||||||
VhGVTMZPBSi7F1stLXwwb2WLisuNsr2oYCdze2BKyMWyRrF1SlLX+Uj7R5PQbZRn
|
|
||||||
b7PuFTQcfUxXISkof6fL8dhfF+uWkLUO83xxb/Yxl37IXZVIXaJbOFQtIVRxhbFC
|
|
||||||
U4yAwKdzMLpvwOdzHgc5l6GewUdIkBWGVObalSXs8jCOeu+GY/Q17oUQv9pxsSp6
|
|
||||||
UY1nnvfYSPzOeIB5QzdNVoISP4DZRacZu5k26niK2QhUUdey66KWPBUgxQ5jFoJl
|
|
||||||
bhpA1Idp9p54sNgZOSYkWsMvoLSBkXuzfcmfgGCANZ2FYkGCs0En6YbUHwBTjWdk
|
|
||||||
ll+ZrxZuYTy1JfP0fFEp1vLBBSdjla5MIDFp5DRT0GL82GvwGvPyH5JEhhinFReZ
|
|
||||||
kkdk2leRUWKhNhGfv9Ln3A/glNX2txIDKuXT1/N2CQXxfOpQA6QqFGjkUVAQa8iY
|
|
||||||
LqpHyTs66pmrTqqEzbRUv6o+fEvJPzMzhs526EBvpzj/xhCY2we84FEAzKtF6Vmm
|
|
||||||
vT4bHKhw6eKfpGZFbSQrH2mnl4b7B/6zPfzsotec44tNijeuc/fAlJfaINg2Xvcg
|
|
||||||
9rhOV6KGsNI6K5PNdemQxJ1hoeDS7WnKJPAutQQor1uqrvekby0=
|
|
||||||
=F51n
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
Python-3.8.19.tar.xz
Normal file
3
Python-3.8.19.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:d2807ac69f69b84fd46a0b93bbd02a4fa48d3e70f4b2835ff0f72a2885040076
|
||||||
|
size 18975156
|
16
Python-3.8.19.tar.xz.asc
Normal file
16
Python-3.8.19.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQIzBAABCgAdFiEE4/8oOcBIslwITevpsmmV4xAlBWgFAmX5t/gACgkQsmmV4xAl
|
||||||
|
BWgW0RAAkQYR6L3LNvuAg3OS/wD6Kouv3CnXeAwYY/BHglsHawtz+gM4jZRK8fIo
|
||||||
|
vEKBk6uoZBvXX1yJR+cxLZOxb9K/X7zYJXyBxRav8veBzXePTVhJBNSS/ckE0ARN
|
||||||
|
bD8M2P/7byMlm616aNNE1hrIIaxNoX8/yTEK3DmISQonc8vCW6ygIXm3Vw/6rqG8
|
||||||
|
n16MGG2r4dNEI+pEs8LPj8/VBaHHkbyvK9y2DQ8ywBqsaE459bN4HdzTkMxh28s0
|
||||||
|
scDl33PwTabFgVUTXILs+vBNnHc6ylo6gEd6fAe7Epec5wnvexKykel9ZtidxHwB
|
||||||
|
KQl2YKErJGF97T1Aj/Cru82jBYS/YS2QVy2cX0sYhiTgOXsvB7vOViFESR3IlSEL
|
||||||
|
aQv+f+lBXZp8T4MbDuzz2H7dqNY0sYqmTcqJU9r4H+RGLw43PHLSRVfIDPiaheA+
|
||||||
|
n1ZYzzgfm2uucO+iIpDwAOvTWznj4YcFwX116fn2kJYLtJeI58wVIbtMTDCl/l9U
|
||||||
|
hNY+b5L5JsHlyoRSjDwAtQVBm3fS0YqV4OhWglhvvuEdobRK+F3+hmHvo18YxZyl
|
||||||
|
WXLBUwZy9LQoEyuc1YFemWYw7g3u1ru8WTCFtPm91OeErkKq3QuqwiCjROgUmN9D
|
||||||
|
xUypHTocPhkdF1yEVqG+HMDin9Rw+l2KMgFt5XLNYFvAycGlsk4=
|
||||||
|
=Uo2Y
|
||||||
|
-----END PGP SIGNATURE-----
|
@ -86,7 +86,7 @@
|
|||||||
else:
|
else:
|
||||||
--- a/Lib/site.py
|
--- a/Lib/site.py
|
||||||
+++ b/Lib/site.py
|
+++ b/Lib/site.py
|
||||||
@@ -335,12 +335,18 @@ def getsitepackages(prefixes=None):
|
@@ -344,12 +344,18 @@ def getsitepackages(prefixes=None):
|
||||||
seen.add(prefix)
|
seen.add(prefix)
|
||||||
|
|
||||||
if os.sep == '/':
|
if os.sep == '/':
|
||||||
@ -107,7 +107,7 @@
|
|||||||
else:
|
else:
|
||||||
sitepackages.append(prefix)
|
sitepackages.append(prefix)
|
||||||
sitepackages.append(os.path.join(prefix, "lib64", "site-packages"))
|
sitepackages.append(os.path.join(prefix, "lib64", "site-packages"))
|
||||||
@@ -348,14 +354,7 @@ def getsitepackages(prefixes=None):
|
@@ -357,14 +363,7 @@ def getsitepackages(prefixes=None):
|
||||||
return sitepackages
|
return sitepackages
|
||||||
|
|
||||||
def addsitepackages(known_paths, prefixes=None):
|
def addsitepackages(known_paths, prefixes=None):
|
||||||
@ -198,7 +198,7 @@
|
|||||||
os.makedirs(lib_dynload)
|
os.makedirs(lib_dynload)
|
||||||
--- a/Lib/test/test_site.py
|
--- a/Lib/test/test_site.py
|
||||||
+++ b/Lib/test/test_site.py
|
+++ b/Lib/test/test_site.py
|
||||||
@@ -268,8 +268,11 @@ class HelperFunctionsTests(unittest.Test
|
@@ -307,8 +307,11 @@ class HelperFunctionsTests(unittest.Test
|
||||||
dirs = site.getsitepackages()
|
dirs = site.getsitepackages()
|
||||||
if os.sep == '/':
|
if os.sep == '/':
|
||||||
# OS X, Linux, FreeBSD, etc
|
# OS X, Linux, FreeBSD, etc
|
||||||
@ -341,7 +341,7 @@
|
|||||||
}
|
}
|
||||||
--- a/configure
|
--- a/configure
|
||||||
+++ b/configure
|
+++ b/configure
|
||||||
@@ -15264,9 +15264,9 @@ fi
|
@@ -15276,9 +15276,9 @@ fi
|
||||||
|
|
||||||
|
|
||||||
if test x$PLATFORM_TRIPLET = x; then
|
if test x$PLATFORM_TRIPLET = x; then
|
||||||
|
@ -1,107 +0,0 @@
|
|||||||
From f2eebf3c38eae77765247791576b437ec25ccfe2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Serhiy Storchaka <storchaka@gmail.com>
|
|
||||||
Date: Sun, 11 Feb 2024 12:08:39 +0200
|
|
||||||
Subject: [PATCH] gh-115133: Fix tests for XMLPullParser with Expat 2.6.0
|
|
||||||
(GH-115164)
|
|
||||||
|
|
||||||
Feeding the parser by too small chunks defers parsing to prevent
|
|
||||||
CVE-2023-52425. Future versions of Expat may be more reactive.
|
|
||||||
(cherry picked from commit 4a08e7b3431cd32a0daf22a33421cd3035343dc4)
|
|
||||||
|
|
||||||
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
|
||||||
---
|
|
||||||
Lib/test/test_xml_etree.py | 58 ++++++++++++-------
|
|
||||||
...-02-08-14-21-28.gh-issue-115133.ycl4ko.rst | 2 +
|
|
||||||
2 files changed, 38 insertions(+), 22 deletions(-)
|
|
||||||
create mode 100644 Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
|
|
||||||
|
|
||||||
Index: Python-3.8.18/Lib/test/test_xml_etree.py
|
|
||||||
===================================================================
|
|
||||||
--- Python-3.8.18.orig/Lib/test/test_xml_etree.py
|
|
||||||
+++ Python-3.8.18/Lib/test/test_xml_etree.py
|
|
||||||
@@ -14,6 +14,7 @@ import locale
|
|
||||||
import operator
|
|
||||||
import os
|
|
||||||
import pickle
|
|
||||||
+import pyexpat
|
|
||||||
import sys
|
|
||||||
import textwrap
|
|
||||||
import types
|
|
||||||
@@ -103,6 +104,10 @@ EXTERNAL_ENTITY_XML = """\
|
|
||||||
<document>&entity;</document>
|
|
||||||
"""
|
|
||||||
|
|
||||||
+fails_with_expat_2_6_0 = (unittest.expectedFailure
|
|
||||||
+ if pyexpat.version_info >= (2, 6, 0) else
|
|
||||||
+ lambda test: test)
|
|
||||||
+
|
|
||||||
def checkwarnings(*filters, quiet=False):
|
|
||||||
def decorator(test):
|
|
||||||
def newtest(*args, **kwargs):
|
|
||||||
@@ -1266,28 +1271,37 @@ class XMLPullParserTest(unittest.TestCas
|
|
||||||
self.assertEqual([(action, elem.tag) for action, elem in events],
|
|
||||||
expected)
|
|
||||||
|
|
||||||
- def test_simple_xml(self):
|
|
||||||
- for chunk_size in (None, 1, 5):
|
|
||||||
- with self.subTest(chunk_size=chunk_size):
|
|
||||||
- parser = ET.XMLPullParser()
|
|
||||||
- self.assert_event_tags(parser, [])
|
|
||||||
- self._feed(parser, "<!-- comment -->\n", chunk_size)
|
|
||||||
- self.assert_event_tags(parser, [])
|
|
||||||
- self._feed(parser,
|
|
||||||
- "<root>\n <element key='value'>text</element",
|
|
||||||
- chunk_size)
|
|
||||||
- self.assert_event_tags(parser, [])
|
|
||||||
- self._feed(parser, ">\n", chunk_size)
|
|
||||||
- self.assert_event_tags(parser, [('end', 'element')])
|
|
||||||
- self._feed(parser, "<element>text</element>tail\n", chunk_size)
|
|
||||||
- self._feed(parser, "<empty-element/>\n", chunk_size)
|
|
||||||
- self.assert_event_tags(parser, [
|
|
||||||
- ('end', 'element'),
|
|
||||||
- ('end', 'empty-element'),
|
|
||||||
- ])
|
|
||||||
- self._feed(parser, "</root>\n", chunk_size)
|
|
||||||
- self.assert_event_tags(parser, [('end', 'root')])
|
|
||||||
- self.assertIsNone(parser.close())
|
|
||||||
+ def test_simple_xml(self, chunk_size=None):
|
|
||||||
+ parser = ET.XMLPullParser()
|
|
||||||
+ self.assert_event_tags(parser, [])
|
|
||||||
+ self._feed(parser, "<!-- comment -->\n", chunk_size)
|
|
||||||
+ self.assert_event_tags(parser, [])
|
|
||||||
+ self._feed(parser,
|
|
||||||
+ "<root>\n <element key='value'>text</element",
|
|
||||||
+ chunk_size)
|
|
||||||
+ self.assert_event_tags(parser, [])
|
|
||||||
+ self._feed(parser, ">\n", chunk_size)
|
|
||||||
+ self.assert_event_tags(parser, [('end', 'element')])
|
|
||||||
+ self._feed(parser, "<element>text</element>tail\n", chunk_size)
|
|
||||||
+ self._feed(parser, "<empty-element/>\n", chunk_size)
|
|
||||||
+ self.assert_event_tags(parser, [
|
|
||||||
+ ('end', 'element'),
|
|
||||||
+ ('end', 'empty-element'),
|
|
||||||
+ ])
|
|
||||||
+ self._feed(parser, "</root>\n", chunk_size)
|
|
||||||
+ self.assert_event_tags(parser, [('end', 'root')])
|
|
||||||
+ self.assertIsNone(parser.close())
|
|
||||||
+
|
|
||||||
+ @fails_with_expat_2_6_0
|
|
||||||
+ def test_simple_xml_chunk_1(self):
|
|
||||||
+ self.test_simple_xml(chunk_size=1)
|
|
||||||
+
|
|
||||||
+ @fails_with_expat_2_6_0
|
|
||||||
+ def test_simple_xml_chunk_5(self):
|
|
||||||
+ self.test_simple_xml(chunk_size=5)
|
|
||||||
+
|
|
||||||
+ def test_simple_xml_chunk_22(self):
|
|
||||||
+ self.test_simple_xml(chunk_size=22)
|
|
||||||
|
|
||||||
def test_feed_while_iterating(self):
|
|
||||||
parser = ET.XMLPullParser()
|
|
||||||
Index: Python-3.8.18/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
|
|
||||||
===================================================================
|
|
||||||
--- /dev/null
|
|
||||||
+++ Python-3.8.18/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst
|
|
||||||
@@ -0,0 +1,2 @@
|
|
||||||
+Fix tests for :class:`~xml.etree.ElementTree.XMLPullParser` with Expat
|
|
||||||
+2.6.0.
|
|
@ -1,7 +1,11 @@
|
|||||||
|
---
|
||||||
|
Lib/site.py | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
--- a/Lib/site.py
|
--- a/Lib/site.py
|
||||||
+++ b/Lib/site.py
|
+++ b/Lib/site.py
|
||||||
@@ -76,7 +76,7 @@ import _sitebuiltins
|
@@ -77,7 +77,7 @@ import io
|
||||||
import io
|
import stat
|
||||||
|
|
||||||
# Prefixes for site-packages; add additional prefixes like /usr/local here
|
# Prefixes for site-packages; add additional prefixes like /usr/local here
|
||||||
-PREFIXES = [sys.prefix, sys.exec_prefix]
|
-PREFIXES = [sys.prefix, sys.exec_prefix]
|
||||||
|
@ -1,3 +1,60 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Mar 21 20:29:12 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
|
||||||
|
|
||||||
|
- Update to 3.8.19:
|
||||||
|
- Security
|
||||||
|
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
|
||||||
|
(CVE-2023-52425) by adding five new methods:
|
||||||
|
xml.etree.ElementTree.XMLParser.flush()
|
||||||
|
xml.etree.ElementTree.XMLPullParser.flush()
|
||||||
|
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
|
||||||
|
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
|
||||||
|
xml.sax.expatreader.ExpatParser.flush()
|
||||||
|
- gh-115399: Update bundled libexpat to 2.6.0
|
||||||
|
- gh-113659: Skip .pth files with names starting with a dot
|
||||||
|
or hidden file attribute.
|
||||||
|
- Core and Builtins
|
||||||
|
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
|
||||||
|
codecs read out of bounds
|
||||||
|
- Library
|
||||||
|
- gh-115197: urllib.request no longer resolves the hostname
|
||||||
|
before checking it against the system’s proxy bypass list
|
||||||
|
on macOS and Windows.
|
||||||
|
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
|
||||||
|
- gh-81194: Fix a crash in socket.if_indextoname() with
|
||||||
|
specific value (UINT_MAX). Fix an integer overflow in
|
||||||
|
socket.if_indextoname() on 64-bit non-Windows platforms.
|
||||||
|
- gh-109858: Protect zipfile from “quoted-overlap”
|
||||||
|
zipbomb. It now raises BadZipFile when try to read an entry
|
||||||
|
that overlaps with other entry or central directory.
|
||||||
|
- gh-107077: Seems that in some conditions, OpenSSL will
|
||||||
|
return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL
|
||||||
|
when a certification verification has failed, but
|
||||||
|
the error parameters will still contain ERR_LIB_SSL
|
||||||
|
and SSL_R_CERTIFICATE_VERIFY_FAILED. We are now
|
||||||
|
detecting this situation and raising the appropiate
|
||||||
|
ssl.SSLCertVerificationError. Patch by Pablo Galindo
|
||||||
|
- gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup,
|
||||||
|
which now no longer dereferences symlinks when working
|
||||||
|
around file system permission errors.
|
||||||
|
- Documentation
|
||||||
|
- gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under
|
||||||
|
“XML vulnerabilities”.
|
||||||
|
- Tests
|
||||||
|
- gh-108310: SSL tests for pre-handshake close were
|
||||||
|
previously not enabled on Python 3.8 due to an incorrect
|
||||||
|
backport. This is now fixed. Patch by Lumír Balhar.
|
||||||
|
- Remove upstreamed patches:
|
||||||
|
- CVE-2023-6597-TempDir-cleaning-symlink.patch
|
||||||
|
- libexpat260.patch
|
||||||
|
- Refreshed patches:
|
||||||
|
- CVE-2019-5010-null-defer-x509-cert-DOS.patch
|
||||||
|
- F00102-lib64.patch
|
||||||
|
- F00251-change-user-install-location.patch
|
||||||
|
- python-3.3.0b1-localpath.patch
|
||||||
|
- skip_random_failing_tests.patch
|
||||||
|
- SUSE-FEDORA-multilib.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Mar 6 14:13:58 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
|
Wed Mar 6 14:13:58 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
@ -92,7 +92,7 @@
|
|||||||
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
|
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
|
||||||
%bcond_without profileopt
|
%bcond_without profileopt
|
||||||
Name: %{python_pkg_name}%{psuffix}
|
Name: %{python_pkg_name}%{psuffix}
|
||||||
Version: 3.8.18
|
Version: 3.8.19
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Python 3 Interpreter
|
Summary: Python 3 Interpreter
|
||||||
License: Python-2.0
|
License: Python-2.0
|
||||||
@ -183,12 +183,6 @@ Patch41: 99366-patch.dict-can-decorate-async.patch
|
|||||||
# Detect email address parsing errors and return empty tuple to
|
# Detect email address parsing errors and return empty tuple to
|
||||||
# indicate the parsing error (old API), from gh#python/cpython!105127
|
# indicate the parsing error (old API), from gh#python/cpython!105127
|
||||||
Patch42: CVE-2023-27043-email-parsing-errors.patch
|
Patch42: CVE-2023-27043-email-parsing-errors.patch
|
||||||
# PATCH-FIX-UPSTREAM libexpat260.patch gh#python/cpython#115289
|
|
||||||
# Fix tests for XMLPullParser with Expat 2.6.0
|
|
||||||
Patch43: libexpat260.patch
|
|
||||||
# PATCH-FIX-UPSTREAM CVE-2023-6597-TempDir-cleaning-symlink.patch bsc#1219666 mcepl@suse.com
|
|
||||||
# tempfile.TemporaryDirectory: fix symlink bug in cleanup (from gh#python/cpython!99930)
|
|
||||||
Patch44: CVE-2023-6597-TempDir-cleaning-symlink.patch
|
|
||||||
BuildRequires: autoconf-archive
|
BuildRequires: autoconf-archive
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: fdupes
|
BuildRequires: fdupes
|
||||||
@ -461,8 +455,6 @@ other applications.
|
|||||||
%patch -P 38 -p1
|
%patch -P 38 -p1
|
||||||
%patch -P 41 -p1
|
%patch -P 41 -p1
|
||||||
%patch -P 42 -p1
|
%patch -P 42 -p1
|
||||||
%patch -P 43 -p1
|
|
||||||
%patch -P 44 -p1
|
|
||||||
|
|
||||||
# drop Autoconf version requirement
|
# drop Autoconf version requirement
|
||||||
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
|
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
|
||||||
|
@ -78,7 +78,8 @@ Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
|
|||||||
---
|
---
|
||||||
Lib/test/_test_multiprocessing.py | 3 +++
|
Lib/test/_test_multiprocessing.py | 3 +++
|
||||||
Lib/test/test_asyncio/test_events.py | 4 +++-
|
Lib/test/test_asyncio/test_events.py | 4 +++-
|
||||||
2 files changed, 6 insertions(+), 1 deletion(-)
|
Lib/test/test_buffer.py | 1 +
|
||||||
|
3 files changed, 7 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
--- a/Lib/test/_test_multiprocessing.py
|
--- a/Lib/test/_test_multiprocessing.py
|
||||||
+++ b/Lib/test/_test_multiprocessing.py
|
+++ b/Lib/test/_test_multiprocessing.py
|
||||||
@ -98,7 +99,7 @@ Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
|
|||||||
def test_async_timeout(self):
|
def test_async_timeout(self):
|
||||||
res = self.pool.apply_async(sqr, (6, TIMEOUT2 + 1.0))
|
res = self.pool.apply_async(sqr, (6, TIMEOUT2 + 1.0))
|
||||||
get = TimingWrapper(res.get)
|
get = TimingWrapper(res.get)
|
||||||
@@ -4643,6 +4645,7 @@ class TestWait(unittest.TestCase):
|
@@ -4651,6 +4653,7 @@ class TestWait(unittest.TestCase):
|
||||||
sem.release()
|
sem.release()
|
||||||
time.sleep(period)
|
time.sleep(period)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user