forked from pool/python38
Matej Cepl
9921186373
- Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-113659: Skip .pth files with names starting with a dot
or hidden file attribute.
- Core and Builtins
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
codecs read out of bounds
- Library
- gh-115197: urllib.request no longer resolves the hostname
before checking it against the system’s proxy bypass list
on macOS and Windows.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-81194: Fix a crash in socket.if_indextoname() with
specific value (UINT_MAX). Fix an integer overflow in
socket.if_indextoname() on 64-bit non-Windows platforms.
- gh-109858: Protect zipfile from “quoted-overlap”
zipbomb. It now raises BadZipFile when try to read an entry
that overlaps with other entry or central directory.
- gh-107077: Seems that in some conditions, OpenSSL will
return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL
when a certification verification has failed, but
the error parameters will still contain ERR_LIB_SSL
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=149
58 lines
2.3 KiB
Diff
58 lines
2.3 KiB
Diff
From 910f38d9768d39d4d31426743ae4081ed1ab66b6 Mon Sep 17 00:00:00 2001
|
|
From: Michal Cyprian <m.cyprian@gmail.com>
|
|
Date: Mon, 26 Jun 2017 16:32:56 +0200
|
|
Subject: [PATCH] 00251: Change user install location
|
|
|
|
Set values of prefix and exec_prefix in distutils install command
|
|
to /usr/local if executable is /usr/bin/python* and RPM build
|
|
is not detected to make pip and distutils install into separate location.
|
|
|
|
Fedora Change: https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe
|
|
---
|
|
Lib/distutils/command/install.py | 15 +++++++++++++--
|
|
Lib/site.py | 9 ++++++++-
|
|
2 files changed, 21 insertions(+), 3 deletions(-)
|
|
|
|
--- a/Lib/distutils/command/install.py
|
|
+++ b/Lib/distutils/command/install.py
|
|
@@ -418,8 +418,19 @@ class install(Command):
|
|
raise DistutilsOptionError(
|
|
"must not supply exec-prefix without prefix")
|
|
|
|
- self.prefix = os.path.normpath(sys.prefix)
|
|
- self.exec_prefix = os.path.normpath(sys.exec_prefix)
|
|
+ # self.prefix is set to sys.prefix + /local/
|
|
+ # if neither RPM build nor virtual environment is
|
|
+ # detected to make pip and distutils install packages
|
|
+ # into the separate location.
|
|
+ if (not (hasattr(sys, 'real_prefix') or
|
|
+ sys.prefix != sys.base_prefix) and
|
|
+ 'RPM_BUILD_ROOT' not in os.environ):
|
|
+ addition = "/local"
|
|
+ else:
|
|
+ addition = ""
|
|
+
|
|
+ self.prefix = os.path.normpath(sys.prefix) + addition
|
|
+ self.exec_prefix = os.path.normpath(sys.exec_prefix) + addition
|
|
|
|
else:
|
|
if self.exec_prefix is None:
|
|
--- a/Lib/site.py
|
|
+++ b/Lib/site.py
|
|
@@ -357,7 +357,14 @@ def getsitepackages(prefixes=None):
|
|
return sitepackages
|
|
|
|
def addsitepackages(known_paths, prefixes=None):
|
|
- """Add site-packages to sys.path"""
|
|
+ """Add site-packages to sys.path
|
|
+
|
|
+ '/usr/local' is included in PREFIXES if RPM build is not detected
|
|
+ to make packages installed into this location visible.
|
|
+
|
|
+ """
|
|
+ if ENABLE_USER_SITE and 'RPM_BUILD_ROOT' not in os.environ:
|
|
+ PREFIXES.insert(0, "/usr/local")
|
|
for sitedir in getsitepackages(prefixes):
|
|
if os.path.isdir(sitedir):
|
|
addsitedir(sitedir, known_paths)
|