Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python39 for openSUSE:Factory checked in at 2021-02-25 18:26:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python39 (Old) and /work/SRC/openSUSE:Factory/.python39.new.2378 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python39" Thu Feb 25 18:26:50 2021 rev:13 rq:874156 version:3.9.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python39/python39.changes 2021-02-16 22:50:27.990664712 +0100 +++ /work/SRC/openSUSE:Factory/.python39.new.2378/python39.changes 2021-02-25 18:26:57.686161933 +0100 @@ -0,0 +1,18 @@ +------------------------------------------------------------------- +Fri Feb 19 16:58:38 UTC 2021 - Matej Cepl <[email protected]> + +- Update to 3.9.2: + - bpo#42938 (bsc#1181126): Avoid static buffers when computing + the repr of ctypes.c_double and ctypes.c_longdouble + values. This issue was assigned CVE-2021-3177. + - bpo#42967 (bso#1182379): Fix web cache poisoning + vulnerability by defaulting the query args separator to &, + and allowing the user to choose a custom separator. This + issue was assigned CVE-2021-23336. +- Upstreamed patches were removed: + - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch + - bsc1167501-invalid-alignment.patch + - skip_random_failing_tests.patch + - CVE-2019-5010-null-defer-x509-cert-DOS.patch + +------------------------------------------------------------------- Old: ---- CVE-2019-5010-null-defer-x509-cert-DOS.patch CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch Python-3.9.1.tar.xz Python-3.9.1.tar.xz.asc bsc1167501-invalid-alignment.patch skip_random_failing_tests.patch New: ---- Python-3.9.2.tar.xz Python-3.9.2.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python39.spec ++++++ --- /var/tmp/diff_new_pack.VXGY7z/_old 2021-02-25 18:26:58.850162689 +0100 +++ /var/tmp/diff_new_pack.VXGY7z/_new 2021-02-25 18:26:58.854162692 +0100 @@ -1,5 +1,5 @@ # -# spec file for package python39 +# spec file for package python39-core # # Copyright (c) 2021 SUSE LLC # @@ -53,7 +53,7 @@ # Will do the /usr/bin/python3 and all the core links %define primary_interpreter 0 # We don't process beta signs well -%define folderversion 3.9.1 +%define folderversion 3.9.2 %define tarname Python-%{tarversion} %define sitedir %{_libdir}/python%{python_version} # three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 @@ -88,7 +88,7 @@ %bcond_without profileopt %endif Name: %{python_pkg_name}%{psuffix} -Version: 3.9.1 +Version: 3.9.2 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -127,27 +127,15 @@ Patch09: python-3.3.0b1-test-posix_fadvise.patch # Raise timeout value for test_subprocess Patch15: subprocess-raise-timeout.patch -# skip some tests only for PowerPC -Patch23: skip_random_failing_tests.patch Patch25: python3-imp-returntype.patch -# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 [email protected] -# https://github.com/python/cpython/pull/11569 -# Fix segfault in ssl's cert parser -Patch27: CVE-2019-5010-null-defer-x509-cert-DOS.patch # PATCH-FEATURE-UPSTREAM bpo-31046_ensurepip_honours_prefix.patch bpo#31046 [email protected] # ensurepip should honour the value of $(prefix) Patch29: bpo-31046_ensurepip_honours_prefix.patch -# PATCH-FIX-UPSTREAM bsc1167501-invalid-alignment.patch gh#python/cpython#19133 [email protected] -# Fix wrong misalignment of pointer to vectorcallfunc -Patch31: bsc1167501-invalid-alignment.patch # PATCH-FIX-UPSTREAM stop calling removed Sphinx function gh#python/cpython#13236 Patch32: sphinx-update-removed-function.patch # PATCH-FIX-SLE no-skipif-doctests.patch jsc#SLE-13738 [email protected] # SLE-15 version of Sphinx doesn't know about skipif directive in doctests. Patch33: no-skipif-doctests.patch -# PATCH-FIX-UPSTREAM CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch bsc#1181126 [email protected] -# buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution -Patch34: CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch BuildRequires: automake BuildRequires: fdupes BuildRequires: gmp-devel @@ -387,18 +375,12 @@ %patch08 -p1 %patch09 -p1 %patch15 -p1 -%ifarch ppc ppc64 ppc64le -%patch23 -p1 -%endif %patch25 -p1 -%patch27 -p1 %patch29 -p1 -%patch31 -p1 %patch32 -p1 -%if 0%{?suse_version} <= 1500 +# %%if 0%%{?suse_version} <= 1500 %patch33 -p1 -%endif -%patch34 -p1 +# %%endif # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac ++++++ Python-3.9.1.tar.xz -> Python-3.9.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/python39/Python-3.9.1.tar.xz /work/SRC/openSUSE:Factory/.python39.new.2378/Python-3.9.2.tar.xz differ: char 27, line 1 ++++++ no-skipif-doctests.patch ++++++ --- /var/tmp/diff_new_pack.VXGY7z/_old 2021-02-25 18:26:59.002162788 +0100 +++ /var/tmp/diff_new_pack.VXGY7z/_new 2021-02-25 18:26:59.002162788 +0100 @@ -179,7 +179,7 @@ >>> turtle.pos() (440.00,-0.00) @@ -665,7 +643,6 @@ Tell Turtle's state - orientation which depends on the mode - "standard"/"world" or "logo"). + orientation which depends on the mode - "standard"/"world" or "logo". .. doctest:: - :skipif: _tkinter is None @@ -267,7 +267,7 @@ >>> turtle.penup() >>> turtle.isdown() @@ -917,7 +884,6 @@ Color control - newly set pencolor. + newly set pencolor. .. doctest:: - :skipif: _tkinter is None @@ -275,7 +275,7 @@ >>> colormode() 1.0 @@ -966,7 +932,6 @@ Color control - with the newly set fillcolor. + with the newly set fillcolor. .. doctest:: - :skipif: _tkinter is None @@ -283,7 +283,7 @@ >>> turtle.fillcolor("violet") >>> turtle.fillcolor() @@ -1005,7 +970,6 @@ Color control - with the newly set colors. + with the newly set colors. .. doctest:: - :skipif: _tkinter is None @@ -347,7 +347,7 @@ >>> turtle.shape() 'classic' @@ -1195,7 +1152,6 @@ Appearance - resizemode("user") is called by :func:`shapesize` when used with arguments. + ``resizemode("user")`` is called by :func:`shapesize` when used with arguments. .. doctest:: - :skipif: _tkinter is None @@ -563,7 +563,7 @@ >>> def f(): ... fd(50) @@ -1824,7 +1754,6 @@ Using screen events - named turtle: + named ``turtle``: .. doctest:: - :skipif: _tkinter is None ++++++ subprocess-raise-timeout.patch ++++++ --- /var/tmp/diff_new_pack.VXGY7z/_old 2021-02-25 18:26:59.042162813 +0100 +++ /var/tmp/diff_new_pack.VXGY7z/_new 2021-02-25 18:26:59.042162813 +0100 @@ -1,6 +1,6 @@ --- a/Lib/test/test_subprocess.py +++ b/Lib/test/test_subprocess.py -@@ -230,7 +230,8 @@ +@@ -252,7 +252,8 @@ class ProcessTestCase(BaseTestCase): "time.sleep(3600)"], # Some heavily loaded buildbots (sparc Debian 3.x) require # this much time to start and print. @@ -9,4 +9,4 @@ + timeout=10) self.fail("Expected TimeoutExpired.") self.assertEqual(c.exception.output, b'BDFL') - +
