Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python310 for openSUSE:Factory checked in at 2026-03-09 16:12:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python310 (Old) and /work/SRC/openSUSE:Factory/.python310.new.8177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python310" Mon Mar 9 16:12:53 2026 rev:72 rq:1337544 version:3.10.20 Changes: -------- --- /work/SRC/openSUSE:Factory/python310/python310.changes 2026-02-13 12:46:42.358204311 +0100 +++ /work/SRC/openSUSE:Factory/.python310.new.8177/python310.changes 2026-03-09 16:13:03.405172654 +0100 @@ -1,0 +2,89 @@ +Thu Mar 5 18:38:39 UTC 2026 - Matej Cepl <[email protected]> + +- Update to 3.10.20: + - Security + - gh-144125: BytesGenerator will now refuse to serialize + (write) headers that are unsafely folded or delimited; see + verify_generated_headers. (Contributed by Bas Bloemsaat and + Petr Viktorin in gh-121650). + - gh-143935: Fixed a bug in the folding of comments when + flattening an email message using a modern email policy. + Comments consisting of a very long sequence of non-foldable + characters could trigger a forced line wrap that omitted + the required leading space on the continuation line, + causing the remainder of the comment to be interpreted as + a new header field. This enabled header injection with + carefully crafted inputs (bsc#1257029 CVE-2025-11468). + - gh-143925: Reject control characters in data: URL media + types. + - gh-143919: Reject control characters in http.cookies.Morsel + fields and values (bsc#1257031, CVE-2026-0672). + - gh-143916: Reject C0 control characters within + wsgiref.headers.Headers fields, values, and parameters + (bsc#1257042, CVE-2026-0865). + - gh-142145: Remove quadratic behavior in xml.minidom node ID + cache clearing. In order to do this without breaking + existing users, we also add the ownerDocument attribute to + xml.dom.minidom elements and attributes created by directly + instantiating the Element or Attr class. Note that this way + of creating nodes is not supported; creator functions like + xml.dom.Document.documentElement() should be used instead + (bsc#1254997, CVE-2025-12084). + - gh-137836: Add support of the “plaintext” element, RAWTEXT + elements “xmp”, “iframe”, “noembed” and “noframes”, and + optionally RAWTEXT element “noscript” in + html.parser.HTMLParser. + - gh-136063: email.message: ensure linear complexity for + legacy HTTP parameters parsing. Patch by Bénédikt Tran. + - gh-136065: Fix quadratic complexity in + os.path.expandvars() (bsc#1252974, CVE-2025-6075). + - gh-119451: Fix a potential memory denial of service in the + http.client module. When connecting to a malicious server, + it could cause an arbitrary amount of memory to be + allocated. This could have led to symptoms including + a MemoryError, swapping, out of memory (OOM) killed + processes or containers, or even system crashes + (CVE-2025-13836, bsc#1254400). + - gh-119452: Fix a potential memory denial of service in the + http.server module. When a malicious user is connected to + the CGI server on Windows, it could cause an arbitrary + amount of memory to be allocated. This could have led to + symptoms including a MemoryError, swapping, out of memory + (OOM) killed processes or containers, or even system + crashes. + - gh-119342: Fix a potential memory denial of service in the + plistlib module. When reading a Plist file received from + untrusted source, it could cause an arbitrary amount of + memory to be allocated. This could have led to symptoms + including a MemoryError, swapping, out of memory (OOM) + killed processes or containers, or even system crashes + (bsc#1254401, CVE-2025-13837). + - Library + - gh-144833: Fixed a use-after-free in ssl when SSL_new() + returns NULL in newPySSLSocket(). The error was reported + via a dangling pointer after the object had already been + freed. + - gh-144363: Update bundled libexpat to 2.7.4 + - gh-90949: Add SetAllocTrackerActivationThreshold() and + SetAllocTrackerMaximumAmplification() to xmlparser objects + to prevent use of disproportional amounts of dynamic memory + from within an Expat parser. Patch by Bénédikt Tran. + - Core and Builtins + - gh-120384: Fix an array out of bounds crash in + list_ass_subscript, which could be invoked via some + specificly tailored input: including concurrent + modification of a list object, where one thread assigns + a slice and another clears it. + - gh-120298: Fix use-after free in list_richcompare_impl + which can be invoked via some specificly tailored evil + input. +- Remove upstreamed patches: + - CVE-2025-11468-email-hdr-fold-comment.patch + - CVE-2025-12084-minidom-quad-search.patch + - CVE-2025-13836-http-resp-cont-len.patch + - CVE-2025-13837-plistlib-mailicious-length.patch + - CVE-2025-6075-expandvars-perf-degrad.patch + - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch + - CVE-2026-0865-wsgiref-ctrl-chars.patch + +------------------------------------------------------------------- Old: ---- CVE-2025-11468-email-hdr-fold-comment.patch CVE-2025-12084-minidom-quad-search.patch CVE-2025-13836-http-resp-cont-len.patch CVE-2025-13837-plistlib-mailicious-length.patch CVE-2025-6075-expandvars-perf-degrad.patch CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch CVE-2026-0865-wsgiref-ctrl-chars.patch Python-3.10.19.tar.xz Python-3.10.19.tar.xz.sigstore New: ---- Python-3.10.20.tar.xz Python-3.10.20.tar.xz.sigstore ----------(Old B)---------- Old:- Remove upstreamed patches: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch Old: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch Old: - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch Old: - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch Old: - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch Old: - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch Old: - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python310.spec ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.569261768 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.569261768 +0100 @@ -108,7 +108,7 @@ # _md5.cpython-38m-x86_64-linux-gnu.so %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so Name: %{python_pkg_name}%{psuffix} -Version: 3.10.19 +Version: 3.10.20 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -203,27 +203,6 @@ Patch28: sphinx-802.patch # PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 [email protected] Patch29: gh139257-Support-docutils-0.22.patch -# PATCH-FIX-UPSTREAM CVE-2025-6075-expandvars-perf-degrad.patch bsc#1252974 [email protected] -# Avoid potential quadratic complexity vulnerabilities in path modules -Patch30: CVE-2025-6075-expandvars-perf-degrad.patch -# PATCH-FIX-UPSTREAM CVE-2025-13836-http-resp-cont-len.patch bsc#1254400 [email protected] -# Avoid loading possibly compromised length of HTTP response -Patch31: CVE-2025-13836-http-resp-cont-len.patch -# PATCH-FIX-UPSTREAM CVE-2025-12084-minidom-quad-search.patch bsc#1254997 [email protected] -# prevent quadratic behavior in node ID cache clearing -Patch32: CVE-2025-12084-minidom-quad-search.patch -# PATCH-FIX-UPSTREAM CVE-2025-13837-plistlib-mailicious-length.patch bsc#1254401 [email protected] -# protect against OOM when loading malicious content -Patch33: CVE-2025-13837-plistlib-mailicious-length.patch -# PATCH-FIX-UPSTREAM CVE-2025-11468-email-hdr-fold-comment.patch bsc#1257029 [email protected] -# this patch makes things totally awesome -Patch34: CVE-2025-11468-email-hdr-fold-comment.patch -# PATCH-FIX-UPSTREAM CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch bsc#1257031 [email protected] -# rejects control characters in http cookies. -Patch35: CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch -# PATCH-FIX-UPSTREAM CVE-2026-0865-wsgiref-ctrl-chars.patch bsc#1257042 [email protected] -# Reject control characters in wsgiref.headers.Headers -Patch37: CVE-2026-0865-wsgiref-ctrl-chars.patch # PATCH-FIX-UPSTREAM CVE-2025-15366-imap-ctrl-chars.patch bsc#1257044 [email protected] # Reject control characters in wsgiref.headers.Headers Patch38: CVE-2025-15366-imap-ctrl-chars.patch ++++++ CVE-2023-52425-libexpat-2.6.0-backport.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.601263086 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.605263251 +0100 @@ -4,11 +4,11 @@ Lib/test/test_xml_etree.py | 7 +++++++ 3 files changed, 14 insertions(+) -Index: Python-3.10.19/Lib/test/test_pyexpat.py +Index: Python-3.10.20/Lib/test/test_pyexpat.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_pyexpat.py 2025-10-09 17:25:03.000000000 +0200 -+++ Python-3.10.19/Lib/test/test_pyexpat.py 2025-12-19 23:10:22.001497953 +0100 -@@ -802,6 +802,10 @@ +--- Python-3.10.20.orig/Lib/test/test_pyexpat.py 2026-03-05 19:42:14.505101236 +0100 ++++ Python-3.10.20/Lib/test/test_pyexpat.py 2026-03-05 19:42:23.343680667 +0100 +@@ -807,6 +807,10 @@ self.assertEqual(started, ['doc']) def test_reparse_deferral_disabled(self): @@ -19,10 +19,10 @@ started = [] def start_element(name, _): -Index: Python-3.10.19/Lib/test/test_sax.py +Index: Python-3.10.20/Lib/test/test_sax.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_sax.py 2025-10-09 17:25:03.000000000 +0200 -+++ Python-3.10.19/Lib/test/test_sax.py 2025-12-19 23:10:22.002078897 +0100 +--- Python-3.10.20.orig/Lib/test/test_sax.py 2026-03-05 19:42:14.505101236 +0100 ++++ Python-3.10.20/Lib/test/test_sax.py 2026-03-05 19:42:23.344649745 +0100 @@ -1240,6 +1240,9 @@ self.assertEqual(result.getvalue(), start + b"<doc></doc>") @@ -33,10 +33,10 @@ def test_flush_reparse_deferral_disabled(self): result = BytesIO() xmlgen = XMLGenerator(result) -Index: Python-3.10.19/Lib/test/test_xml_etree.py +Index: Python-3.10.20/Lib/test/test_xml_etree.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_xml_etree.py 2025-10-09 17:25:03.000000000 +0200 -+++ Python-3.10.19/Lib/test/test_xml_etree.py 2025-12-19 23:10:22.002413090 +0100 +--- Python-3.10.20.orig/Lib/test/test_xml_etree.py 2026-03-05 19:42:14.505101236 +0100 ++++ Python-3.10.20/Lib/test/test_xml_etree.py 2026-03-05 19:42:23.345531779 +0100 @@ -1420,9 +1420,13 @@ self.assert_event_tags(parser, [('end', 'root')]) self.assertIsNone(parser.close()) ++++++ CVE-2025-15282-urllib-ctrl-chars.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.621263909 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.625264074 +0100 @@ -8,27 +8,19 @@ Co-authored-by: Seth Michael Larson <[email protected]> --- - Lib/test/test_urllib.py | 8 ++++++++ + Lib/test/test_urllib.py | 7 +++++++ Lib/urllib/request.py | 5 +++++ Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst | 1 + - 3 files changed, 14 insertions(+) + 3 files changed, 13 insertions(+) create mode 100644 Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst -Index: Python-3.10.19/Lib/test/test_urllib.py +Index: Python-3.10.20/Lib/test/test_urllib.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_urllib.py 2026-02-12 01:05:56.127447144 +0100 -+++ Python-3.10.19/Lib/test/test_urllib.py 2026-02-12 01:08:02.226352573 +0100 -@@ -11,6 +11,7 @@ - from test import support - from test.support import os_helper - from test.support import warnings_helper -+from test.support import control_characters_c0 - import os - try: - import ssl -@@ -683,6 +684,13 @@ - # missing padding character - self.assertRaises(ValueError,urllib.request.urlopen,'data:;base64,Cg=') +--- Python-3.10.20.orig/Lib/test/test_urllib.py 2026-03-05 19:39:02.061358156 +0100 ++++ Python-3.10.20/Lib/test/test_urllib.py 2026-03-05 23:19:43.575732909 +0100 +@@ -607,6 +607,13 @@ + "https://localhost";, cafile="/nonexistent/path", context=context + ) + def test_invalid_mediatype(self): + for c0 in control_characters_c0(): @@ -38,15 +30,15 @@ + self.assertRaises(ValueError,urllib.request.urlopen, + f'data:text/html{c0};base64,ZGF0YQ==') - class urlretrieve_FileTests(unittest.TestCase): - """Test urllib.urlretrieve() on local files""" -Index: Python-3.10.19/Lib/urllib/request.py + class urlopen_DataTests(unittest.TestCase): + """Test urlopen() opening a data URL.""" +Index: Python-3.10.20/Lib/urllib/request.py =================================================================== ---- Python-3.10.19.orig/Lib/urllib/request.py 2026-02-12 01:05:56.627830069 +0100 -+++ Python-3.10.19/Lib/urllib/request.py 2026-02-12 01:08:02.226810828 +0100 -@@ -1654,6 +1654,11 @@ - scheme, data = url.split(":",1) - mediatype, data = data.split(",",1) +--- Python-3.10.20.orig/Lib/urllib/request.py 2026-03-05 19:39:02.551702670 +0100 ++++ Python-3.10.20/Lib/urllib/request.py 2026-03-05 23:19:43.576415166 +0100 +@@ -1659,6 +1659,11 @@ + raise ValueError( + "Control characters not allowed in data: mediatype") + # Disallow control characters within mediatype. + if re.search(r"[\x00-\x1F\x7F]", mediatype): @@ -56,10 +48,10 @@ # even base64 encoded data URLs might be quoted so unquote in any case: data = unquote_to_bytes(data) if mediatype.endswith(";base64"): -Index: Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst +Index: Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst 2026-02-12 01:08:02.227192287 +0100 ++++ Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-51-19.gh-issue-143925.mrtcHW.rst 2026-03-05 23:19:43.576850667 +0100 @@ -0,0 +1 @@ +Reject control characters in ``data:`` URL media types. ++++++ CVE-2025-15366-imap-ctrl-chars.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.645264897 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.649265063 +0100 @@ -9,10 +9,10 @@ Misc/NEWS.d/next/Security/2026-01-16-11-41-06.gh-issue-143921.AeCOor.rst | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) -Index: Python-3.10.19/Lib/imaplib.py +Index: Python-3.10.20/Lib/imaplib.py =================================================================== ---- Python-3.10.19.orig/Lib/imaplib.py 2026-02-12 01:05:53.821319313 +0100 -+++ Python-3.10.19/Lib/imaplib.py 2026-02-12 01:06:28.558652908 +0100 +--- Python-3.10.20.orig/Lib/imaplib.py 2026-03-05 19:38:59.446918283 +0100 ++++ Python-3.10.20/Lib/imaplib.py 2026-03-05 23:19:20.515035897 +0100 @@ -132,7 +132,7 @@ # We compile these in _mode_xxx. _Literal = br'.*{(?P<size>\d+)}$' @@ -31,10 +31,10 @@ data = data + b' ' + arg literal = self.literal -Index: Python-3.10.19/Lib/test/test_imaplib.py +Index: Python-3.10.20/Lib/test/test_imaplib.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_imaplib.py 2026-02-12 01:05:55.293033311 +0100 -+++ Python-3.10.19/Lib/test/test_imaplib.py 2026-02-12 01:07:45.387053336 +0100 +--- Python-3.10.20.orig/Lib/test/test_imaplib.py 2026-03-05 19:39:01.155920382 +0100 ++++ Python-3.10.20/Lib/test/test_imaplib.py 2026-03-05 23:19:20.517235411 +0100 @@ -538,6 +538,12 @@ self.assertEqual(data[0], b'Returned to authenticated state. (Success)') self.assertEqual(client.state, 'AUTH') @@ -48,10 +48,10 @@ class NewIMAPTests(NewIMAPTestsMixin, unittest.TestCase): imap_class = imaplib.IMAP4 -Index: Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-41-06.gh-issue-143921.AeCOor.rst +Index: Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-41-06.gh-issue-143921.AeCOor.rst =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-41-06.gh-issue-143921.AeCOor.rst 2026-02-12 01:06:28.559224837 +0100 ++++ Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-41-06.gh-issue-143921.AeCOor.rst 2026-03-05 23:19:20.517573599 +0100 @@ -0,0 +1 @@ +Reject control characters in IMAP commands. ++++++ CVE-2025-15367-poplib-ctrl-chars.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.669265886 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.673266050 +0100 @@ -9,10 +9,10 @@ Misc/NEWS.d/next/Security/2026-01-16-11-43-47.gh-issue-143923.DuytMe.rst | 1 + 3 files changed, 11 insertions(+) -Index: Python-3.10.19/Lib/poplib.py +Index: Python-3.10.20/Lib/poplib.py =================================================================== ---- Python-3.10.19.orig/Lib/poplib.py 2026-02-12 01:05:54.262197434 +0100 -+++ Python-3.10.19/Lib/poplib.py 2026-02-12 01:12:02.945762019 +0100 +--- Python-3.10.20.orig/Lib/poplib.py 2026-03-08 23:15:49.317939172 +0100 ++++ Python-3.10.20/Lib/poplib.py 2026-03-08 23:16:17.565025049 +0100 @@ -122,6 +122,8 @@ def _putcmd(self, line): if self._debugging: print('*cmd*', repr(line)) @@ -22,10 +22,10 @@ self._putline(line) -Index: Python-3.10.19/Lib/test/test_poplib.py +Index: Python-3.10.20/Lib/test/test_poplib.py =================================================================== ---- Python-3.10.19.orig/Lib/test/test_poplib.py 2026-02-12 01:05:55.796995175 +0100 -+++ Python-3.10.19/Lib/test/test_poplib.py 2026-02-12 01:12:32.837694637 +0100 +--- Python-3.10.20.orig/Lib/test/test_poplib.py 2026-03-08 23:15:49.317939172 +0100 ++++ Python-3.10.20/Lib/test/test_poplib.py 2026-03-08 23:16:17.565463185 +0100 @@ -15,6 +15,7 @@ from test.support import hashlib_helper from test.support import socket_helper @@ -48,10 +48,10 @@ @requires_ssl def test_stls_capa(self): capa = self.client.capa() -Index: Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-43-47.gh-issue-143923.DuytMe.rst +Index: Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-43-47.gh-issue-143923.DuytMe.rst =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ Python-3.10.19/Misc/NEWS.d/next/Security/2026-01-16-11-43-47.gh-issue-143923.DuytMe.rst 2026-02-12 01:12:02.946199975 +0100 ++++ Python-3.10.20/Misc/NEWS.d/next/Security/2026-01-16-11-43-47.gh-issue-143923.DuytMe.rst 2026-03-08 23:16:17.565764242 +0100 @@ -0,0 +1 @@ +Reject control characters in POP3 commands. ++++++ Python-3.10.19.tar.xz -> Python-3.10.20.tar.xz ++++++ /work/SRC/openSUSE:Factory/python310/Python-3.10.19.tar.xz /work/SRC/openSUSE:Factory/.python310.new.8177/Python-3.10.20.tar.xz differ: char 26, line 1 ++++++ Python-3.10.19.tar.xz.sigstore -> Python-3.10.20.tar.xz.sigstore ++++++ --- /work/SRC/openSUSE:Factory/python310/Python-3.10.19.tar.xz.sigstore 2025-10-17 17:26:13.391106288 +0200 +++ /work/SRC/openSUSE:Factory/.python310.new.8177/Python-3.10.20.tar.xz.sigstore 2026-03-09 16:13:01.413090624 +0100 @@ -1 +1 @@ -{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICzjCCAlSgAwIBAgIUPLyAcJBqiNboHaWs7BHcTxLyk10wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUxMDA5MTYwMzQ1WhcNMjUxMDA5MTYxMzQ1WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/Ph0DALE7DyuLJPqS8zTKbHvI4d4FTFysDKBex9xr05SkjWCKLXNIrQmtHHOMQxZHtnLqlyGWc9C6R2a1cTbTaOCAXMwggFvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUybzXPdm39+0wK3RSdJ45ttTJN3kwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wIgYDVR0RAQH/BBgwFoEUcGFibG9nc2FsQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGLBgorBgEEAdZ5AgQCBH0EewB5AHcA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGZybbSOQAABAMASDBGAiEAw9xx7UYivhAyYIxj8O/bRt/WdKL74c3MZDyXembfzTMCIQCDyspf74flglREl1yUs9/t+X2OhtzftOQdBPGH4ZWjbTAKBggqhkjOPQQDAwNoADBlAjBDE2ymGrMzZxRO+yRwzl1ujWuR6SeVI1Ty5+VVUW0QGikW9a4+ 3I+DB3TUxPNvh80CMQCGOyJMos1BBpAgiUyvb22OJ3BhzGgmC9dFSgcvzlyms5blKLAtBjf1+IlyFdEkBIc="}, "tlogEntries": [{"logIndex": "597674983", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1760025826", "inclusionPromise": {"signedEntryTimestamp": "MEUCIQDOhM/d61Xhr0Tn1mq0RFlu6kVvr+yr/OqE5ztg4LdI7AIgD6WPgOpn/1MgSp/XZ+ftU8wtZR32T+2wR03bkJOtQbE="}, "inclusionProof": {"logIndex": "475770721", "rootHash": "B1gv7JXRafrhEphKVN52yfrMBZ3YKQQELBICIGE0Xbk=", "treeSize": "475770722", "hashes": ["WK4RpC4pMLkEw8wOVJNRhaVH/LNHi65GwYW198mWnlA=", "opCnXnHA8HzxF/z3Qb6GpkzKVubqUgILN9729tSo7bk=", "81B2Ob5iKGTzITexeN47H++3/4QI6rNrwIp50yNjvYs=", "y24fAVX92cj3coVxwKg7azZlV2Oy7R0nwdY1HtepWQE=", "ojBgFF5g+M4hyxvL++Yi4mkmz2qJwkCl+1EpxEvLUdk=", "mZCvajPPCTqDtyHpKtXR1PctgiNLlTcGb/DjzXpA/eY=", "wCMog5TY7QnhcGa4vMQ8Scgr8Ti0zxV/CrgLR9sXadk=", "lU4SDoAFOyhGKqjcmr+9hlvgGNEuazsT3vZ4Hl7u4Sw=", "4fiFuSaFvn0p4uqLNF0ReEHj2uOks8Djwmd /wiJjI4I=", "WlOPUw/aSCRGCD82nA+ExVSdSAGkafb1nGxd3PAXPSk=", "V/aAsI+q3p5YLtfajhhBrAJmnMLh+6w/evHpWZ4yYJI=", "qXhJobQjWl6SO/pue3trUW2uL4jXx24Ip7lpd4hc5bU=", "56ObhlROm9L8Q4JyN+mxEQ5pZD5QdobB1xZFIeL0lVg=", "EGaD/cNavzxGYLx1Gl0uNNWBZvyXlSHSdlIeH7m+63A=", "2Wv4GiithwNukRKV06clevnQQYCzXmSS/+/OJtXgsXQ=", "1mfy94KpcItqshH9+gwqV6jccupcaMpVsF28New8zDY=", "vS7O4ozHIQZJWBiov+mkpI27GE8zAmVCEkRcP3NDyNE="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n475770722\nB1gv7JXRafrhEphKVN52yfrMBZ3YKQQELBICIGE0Xbk=\n\n\u2014 rekor.sigstore.dev wNI9ajBFAiEAi6W3v4n0hXFzBd/6jaKqBKmR6NSI62pITwqVgYWddeMCIG8EzMyqDkIyqMIi18EuboV6kml4tBJox32CvAaQHdnQ\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJjOGY0YTU5NjU3MjIwMWQ4MWRkN2RmOTFmNzBlMTc3ZTE5YTcwZjFkNDg5OTY4YjU0YjVmYmJmMjlhOTdjMDc2In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJQWltQ1ZnNTF3SzVCU2FoZVlGZFpNRWVPZUZrdEZJT2d3bUZRdnNEdVJ3 NUFpQngzRTB5c0t5OEl5V3gyQk5KVzUrVG9GNmUxRmhaKzlNWEhoVGJnTVF6aGc9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZha05EUVd4VFowRjNTVUpCWjBsVlVFeDVRV05LUW5GcFRtSnZTR0ZYY3pkQ1NHTlVlRXg1YXpFd2QwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZlRTFFUVRWTlZGbDNUWHBSTVZkb1kwNU5hbFY0VFVSQk5VMVVXWGhOZWxFeFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVV2VUdnd1JFRk1SVGRFZVhWTVNsQnhVemg2VkV0aVNIWkpOR1EwUmxSR2VYTkVTMElLWlhnNWVISXdOVk5yYWxkRFMweFlUa2x5VVcxMFNFaFBUVkY0V2toMGJreHhiSGxIVjJNNVF6WlNNbUV4WTFSaVZHRlBRMEZZVFhkblowWjJUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlY1WW5wWUNsQmtiVE01S3pCM1N6TlNVMlJLTkRWMGRGUktUak5yZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBsbldVUldVakJTUVZGSUwwSkNaM2RHY jBWVlkwZEdhV0pIT1c1ak1rWnpVVWhDTldSSGFIWmlhVFYyWTIxamQwdFJXVXRMZDFsQ1FrRkhSQXAyZWtGQ1FWRlJZbUZJVWpCalNFMDJUSGs1YUZreVRuWmtWelV3WTNrMWJtSXlPVzVpUjFWMVdUSTVkRTFEYzBkRGFYTkhRVkZSUW1jM09IZEJVV2RGQ2toUmQySmhTRkl3WTBoTk5reDVPV2haTWs1MlpGYzFNR041Tlc1aU1qbHVZa2RWZFZreU9YUk5TVWRNUW1kdmNrSm5SVVZCWkZvMVFXZFJRMEpJTUVVS1pYZENOVUZJWTBFelZEQjNZWE5pU0VWVVNtcEhValJqYlZkak0wRnhTa3RZY21wbFVFc3pMMmcwY0hsblF6aHdOMjgwUVVGQlIxcDVZbUpUVDFGQlFRcENRVTFCVTBSQ1IwRnBSVUYzT1hoNE4xVlphWFpvUVhsWlNYaHFPRTh2WWxKMEwxZGtTMHczTkdNelRWcEVlVmhsYldKbWVsUk5RMGxSUTBSNWMzQm1DamMwWm14bmJGSkZiREY1VlhNNUwzUXJXREpQYUhSNlpuUlBVV1JDVUVkSU5GcFhhbUpVUVV0Q1oyZHhhR3RxVDFCUlVVUkJkMDV2UVVSQ2JFRnFRa1FLUlRKNWJVZHlUWHBhZUZKUEszbFNkM3BzTVhWcVYzVlNObE5sVmtreFZIazFLMVpXVlZjd1VVZHBhMWM1WVRRck0wa3JSRUl6VkZWNFVFNTJhRGd3UXdwTlVVTkhUM2xLVFc5ek1VSkNjRUZuYVZWNWRtSXlNazlLTTBKb2VrZG5iVU01WkVaVFoyTjJlbXg1YlhNMVlteExURUYwUW1wbU1TdEpiSGxHWkVWckNrSkpZejBLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}], "timestampVerificationData": {}}, "messag eSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "yPSlllciAdgd19+R9w4XfhmnDx1ImWi1S1+78pqXwHY="}, "signature": "MEQCIAimCVg51wK5BSaheYFdZMEeOeFktFIOgwmFQvsDuRw5AiBx3E0ysKy8IyWx2BNJW5+ToF6e1FhZ+9MXHhTbgMQzhg=="}} +{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"certificate":{"rawBytes":"MIICzTCCAlSgAwIBAgIUDhoArZLe6c38fDaopvK8CP875B4wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjYwMzAzMDExMDAzWhcNMjYwMzAzMDEyMDAzWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE58F5Ofb9nq7EsHC961Pc/WJbCQHg7vxPfoArUfUv3Qo3pJkzcHjVgqEoxlYzGMnIl3I7FdbcaVO5USKsGWTWSaOCAXMwggFvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUmeInD47KeQVcl6B0n3yUFZn0CsQwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wIgYDVR0RAQH/BBgwFoEUcGFibG9nc2FsQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGLBgorBgEEAdZ5AgQCBH0EewB5AHcA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGcsT62UwAABAMASDBGAiEAtmAUEzUXz6jJ8QB4+VdAL6ZSHbDoslJlXW4Fz8U5iiMCIQCRqOfH4T2l6gXe/yz23dy3jAHybVLLEGzPhtjhycLD5TAKBggqhkjOPQQDAwNnADBkAjArsGoXtWBUkzvNTvafksr/S9KDapVo2/g0JqCNLeC1B53SxybZ8wGaD 0CdRucbXgwCME4LVWe8LENh87QijZI5AutcbF6SV/q8cZU4ApvM/EG67PD4y3Cq9mnfkSTmq0acaA=="},"tlogEntries":[{"logIndex":"1013523411","logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"kindVersion":{"kind":"hashedrekord","version":"0.0.1"},"integratedTime":"1772500203","inclusionPromise":{"signedEntryTimestamp":"MEQCIQCo79CUmW825tPvDuDuktkD/8u2HdFtaXqGyvvn2Hwb3QIfJ2LlRVJv5J7RQpv5Ewgdj8eu0U0XNPmi8oGmNy52EQ=="},"inclusionProof":{"logIndex":"891619149","rootHash":"HNDps+Y1dPfxC24y65NMHyhhH8AsRJ9eavTYluKA0qE=","treeSize":"891619162","hashes":["SPHnI4ETb+r1yabvTNyY9wLxjGV+8XOHp95gEWG38Ik=","FeCim6GlixcSxMIWYhhHkPlDZw3gJyhnqdvIlobqO6Y=","TBjakqWuJID8vKIkxLbNFABPMhjI+4y07Ao8gWeqlPk=","P3GI25pQEMPpsTat9A2DB6hY9nnzGTg3sXhDR1zw+M8=","vofkJmHhhpNFFvVa5o8bQ3Jgs6jcBJ1EavajnxpIMJE=","EWYnCECJv0SafYTC7+J7Xyf0/XQdTjqUNIT8+hBO4K0=","mkxfyh3vx7bcSlqWpqeM0dDGBluMXwIuGhO9b91r7kQ=","wa+GBBGYEcG2IjHwMEZ+XaPwenxIPiNdhg03+jve2AE=","b+riDtYoB/vSd+NhQTMSxzu4K38oIYzGugTGUV9BT4o=","MhEKDSN20jNRzVYiOH1KqKscs ycWpqtIWUHTSR1BW/0=","UfqWnx1YuXWnR6tQB8LboYpg7AuaUmwROEn7wJBVDjM=","HU7296NTl8Wek0AyCPeTMXdik0fZbtCiBDPDqVeye0E=","Xo5tam8gxbsWohATkFEqn5hvHpPFwBJ0SDjNE5DiI2A=","ZleKYeRKwUF3HP3HO0kxHMVeJgY3N/euGinVhlVWaq0=","fLAvE46NqCVV86EpB2pKkwJlFjjFk7ntX3lC+PiZuIo=","T4DqWD42hAtN+vX8jKCWqoC4meE4JekI9LxYGCcPy1M="],"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n891619162\nHNDps+Y1dPfxC24y65NMHyhhH8AsRJ9eavTYluKA0qE=\n\n— rekor.sigstore.dev wNI9ajBGAiEA+cSb4NsHP9NGziDOeheM8Bad1rciubnFMcFINY5oszkCIQChlhjlB+qQtG2nfPvI+TY5sVkT2iqeT42vnRrNPhzpUQ==\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJkZTY1MTc0MjE2MDFlMzlhOWEzYmMzZTFiYzRjN2IyZjIzOTI5NzQyM2VlMDVlMjgyNTk4YzgzZWMwNjQ3NTA1In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJRXRnT0hlNXBLY3c2TTAyZVlSSDV2M25HMWdMSDhxZFVsVlRuRmhzK1kxNEFpQllpcFBoT3MxQW5RVHhyOXN2Q29zZWZtSjZXTExDanRQWmdkMWtnRzBubWc9PSIsInB1YmxpY0tleSI6eyJjb250ZW50 IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZWRU5EUVd4VFowRjNTVUpCWjBsVlJHaHZRWEphVEdVMll6TTRaa1JoYjNCMlN6aERVRGczTlVJMGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFpkMDE2UVhwTlJFVjRUVVJCZWxkb1kwNU5hbGwzVFhwQmVrMUVSWGxOUkVGNlYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVUxT0VZMVQyWmlPVzV4TjBWelNFTTVOakZRWXk5WFNtSkRVVWhuTjNaNFVHWnZRWElLVldaVmRqTlJiek53U210NlkwaHFWbWR4Ulc5NGJGbDZSMDF1U1d3elNUZEdaR0pqWVZaUE5WVlRTM05IVjFSWFUyRlBRMEZZVFhkblowWjJUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZ0WlVsdUNrUTBOMHRsVVZaamJEWkNNRzR6ZVZWR1dtNHdRM05SZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBsbldVUldVakJTUVZGSUwwSkNaM2RHYjBWVlkwZEdhV0pIT1c1ak1rWnpVVWhDTldSSGFIWmlhVFYyWTIxamQwdFJXVXRMZDFsQ1FrRkhSQXAyZWtGQ1FWRlJZbUZJV WpCalNFMDJUSGs1YUZreVRuWmtWelV3WTNrMWJtSXlPVzVpUjFWMVdUSTVkRTFEYzBkRGFYTkhRVkZSUW1jM09IZEJVV2RGQ2toUmQySmhTRkl3WTBoTk5reDVPV2haTWs1MlpGYzFNR041Tlc1aU1qbHVZa2RWZFZreU9YUk5TVWRNUW1kdmNrSm5SVVZCWkZvMVFXZFJRMEpJTUVVS1pYZENOVUZJWTBFelZEQjNZWE5pU0VWVVNtcEhValJqYlZkak0wRnhTa3RZY21wbFVFc3pMMmcwY0hsblF6aHdOMjgwUVVGQlIyTnpWRFl5VlhkQlFRcENRVTFCVTBSQ1IwRnBSVUYwYlVGVlJYcFZXSG8yYWtvNFVVSTBLMVprUVV3MldsTklZa1J2YzJ4S2JGaFhORVo2T0ZVMWFXbE5RMGxSUTFKeFQyWklDalJVTW13MloxaGxMM2w2TWpOa2VUTnFRVWg1WWxaTVRFVkhlbEJvZEdwb2VXTk1SRFZVUVV0Q1oyZHhhR3RxVDFCUlVVUkJkMDV1UVVSQ2EwRnFRWElLYzBkdldIUlhRbFZyZW5aT1ZIWmhabXR6Y2k5VE9VdEVZWEJXYnpJdlp6QktjVU5PVEdWRE1VSTFNMU40ZVdKYU9IZEhZVVF3UTJSU2RXTmlXR2QzUXdwTlJUUk1WbGRsT0V4RlRtZzROMUZwYWxwSk5VRjFkR05pUmpaVFZpOXhPR05hVlRSQmNIWk5MMFZITmpkUVJEUjVNME54T1cxdVptdFRWRzF4TUdGakNtRkJQVDBLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}],"timestampVerificationData":{"rfc3161Timestamps":[{"signedTimestamp":"MIIE6DADAgEAMIIE3wYJKoZIhvcNAQcCoIIE0DCCBMwCAQMxDTALBglghkgBZQMEAgEw gcEGCyqGSIb3DQEJEAEEoIGxBIGuMIGrAgEBBgkrBgEEAYO/MAIwMTANBglghkgBZQMEAgEFAAQgvi6FRn1Y7syA2BQYQwQMeiDUB+DL5pes7mPI7WdBRiUCFH5MbrWq5urNF2XQvNpdozZVH9J5GA8yMDI2MDMwMzAxMTAwM1owAwIBAQIIGLZG56CphR+gMqQwMC4xFTATBgNVBAoTDHNpZ3N0b3JlLmRldjEVMBMGA1UEAxMMc2lnc3RvcmUtdHNhoIICFDCCAhAwggGWoAMCAQICFDoTVC8MkGHuvMFDL8uKjosqI4sMMAoGCCqGSM49BAMDMDkxFTATBgNVBAoTDHNpZ3N0b3JlLmRldjEgMB4GA1UEAxMXc2lnc3RvcmUtdHNhLXNlbGZzaWduZWQwHhcNMjUwNDA4MDY1OTQzWhcNMzUwNDA2MDY1OTQzWjAuMRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxFTATBgNVBAMTDHNpZ3N0b3JlLXRzYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABOK2tmfISjYoNk/ZBYwgE6Bht9I5MvlkL9wcy/pir4dUijUf1MLsLHzQoOLK8qGAHfBOorKL1QNzOGqDXZvUA4udGfJ0xMr6oHwz7UyMFyLX4lvwBX9Ve7sJG5AKI9McXKNqMGgwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBSJ/XlDh8/QZUbDAkbHLHNbfbTrAzAfBgNVHSMEGDAWgBSY7AHvf7tR/9SVHm+KiJhTB4nOvzAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAKBggqhkjOPQQDAwNoADBlAjA7abFf+imjtKshf1DLF9mklFykBXaBk6bUBnNH7atXLLpRzxhunbJsjDXdyQfhtxECMQDmo7wXI6SZim+Db/tk2qI/FHOfm+ooehVwgiq2kqrqXtO86rMDHFyU3tXBMbx775cxggHaMIIB1gIBATBRMDkxF TATBgNVBAoTDHNpZ3N0b3JlLmRldjEgMB4GA1UEAxMXc2lnc3RvcmUtdHNhLXNlbGZzaWduZWQCFDoTVC8MkGHuvMFDL8uKjosqI4sMMAsGCWCGSAFlAwQCAaCB/DAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJKoZIhvcNAQkFMQ8XDTI2MDMwMzAxMTAwM1owLwYJKoZIhvcNAQkEMSIEIO+Yvw8NRuBPNFCci43mRe+yCz25yWCaTIc+x/wiuiCuMIGOBgsqhkiG9w0BCRACLzF/MH0wezB5BCCF+Se8B6tiysO0Q1bBDvyBssaIP9p6uebYcNnROs0FtzBVMD2kOzA5MRUwEwYDVQQKEwxzaWdzdG9yZS5kZXYxIDAeBgNVBAMTF3NpZ3N0b3JlLXRzYS1zZWxmc2lnbmVkAhQ6E1QvDJBh7rzBQy/Lio6LKiOLDDAKBggqhkjOPQQDAgRmMGQCMGAijQiYukXAs2IHeNMTctoahixAHWC4Pjmbd7F6wez2O+MUi/HvBHw4SofCAL3oTAIwdNjzO/9lbEjBtMKW0YSntWcPfT6sV9VVBzwel4nO9VqFuu4QrG7BkeMswVksJRCR"}]}},"messageSignature":{"messageDigest":{"algorithm":"SHA2_256","digest":"3mUXQhYB45qaO8PhvEx7LyOSl0I+4F4oJZjIPsBkdQU="},"signature":"MEQCIEtgOHe5pKcw6M02eYRH5v3nG1gLH8qdUlVTnFhs+Y14AiBYipPhOs1AnQTxr9svCosefmJ6WLLCjtPZgd1kgG0nmg=="}} ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.793270993 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.797271157 +0100 @@ -1,6 +1,6 @@ -mtime: 1770892390 -commit: 539e53b74e21ccb33f66e62a62b47bbff0587f63094b112fc84f996e1b1deded +mtime: 1773009008 +commit: 57861cf3b8d53ce5850469f33cc39f90de70086fae365910abde24bc7da69399 url: https://src.opensuse.org/python-interpreters/python310.git -revision: 539e53b74e21ccb33f66e62a62b47bbff0587f63094b112fc84f996e1b1deded +revision: 57861cf3b8d53ce5850469f33cc39f90de70086fae365910abde24bc7da69399 projectscmsync: https://src.opensuse.org/python-interpreters/_ObsPrj ++++++ bso1227999-reproducible-builds.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:05.833272640 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:05.837272804 +0100 @@ -12,9 +12,11 @@ Doc/library/functions.rst | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) ---- a/Doc/conf.py -+++ b/Doc/conf.py -@@ -89,7 +89,8 @@ html_short_title = '%s Documentation' % +Index: Python-3.10.20/Doc/conf.py +=================================================================== +--- Python-3.10.20.orig/Doc/conf.py 2026-03-05 19:42:18.977099103 +0100 ++++ Python-3.10.20/Doc/conf.py 2026-03-05 19:42:32.395647783 +0100 +@@ -89,7 +89,8 @@ # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. @@ -24,9 +26,11 @@ # Path to find HTML templates. templates_path = ['tools/templates'] ---- a/Doc/library/functions.rst -+++ b/Doc/library/functions.rst -@@ -1320,7 +1320,7 @@ are always available. They are listed h +Index: Python-3.10.20/Doc/library/functions.rst +=================================================================== +--- Python-3.10.20.orig/Doc/library/functions.rst 2026-03-05 19:42:18.980496911 +0100 ++++ Python-3.10.20/Doc/library/functions.rst 2026-03-05 19:42:32.397607125 +0100 +@@ -1320,7 +1320,7 @@ (where :func:`open` is declared), :mod:`os`, :mod:`os.path`, :mod:`tempfile`, and :mod:`shutil`. ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-03-08 23:30:21.000000000 +0100 @@ -0,0 +1,5 @@ +.osc +*.obscpio +_build* +.pbuild +python310-*-build/ ++++++ fix_configure_rst.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:06.005279723 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:06.009279887 +0100 @@ -3,10 +3,10 @@ Misc/NEWS | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) -Index: Python-3.10.19/Doc/using/configure.rst +Index: Python-3.10.20/Doc/using/configure.rst =================================================================== ---- Python-3.10.19.orig/Doc/using/configure.rst 2025-10-09 17:25:03.000000000 +0200 -+++ Python-3.10.19/Doc/using/configure.rst 2025-12-19 23:10:08.779794344 +0100 +--- Python-3.10.20.orig/Doc/using/configure.rst 2026-03-03 01:49:35.000000000 +0100 ++++ Python-3.10.20/Doc/using/configure.rst 2026-03-05 19:41:57.289556663 +0100 @@ -42,7 +42,6 @@ See :data:`sys.int_info.bits_per_digit <sys.int_info>`. @@ -29,11 +29,11 @@ .. cmdoption:: --enable-framework=INSTALLDIR Create a Python.framework rather than a traditional Unix install. Optional -Index: Python-3.10.19/Misc/NEWS +Index: Python-3.10.20/Misc/NEWS =================================================================== ---- Python-3.10.19.orig/Misc/NEWS 2025-10-09 17:25:03.000000000 +0200 -+++ Python-3.10.19/Misc/NEWS 2025-12-19 23:10:08.784479751 +0100 -@@ -4018,7 +4018,7 @@ +--- Python-3.10.20.orig/Misc/NEWS 2026-03-03 01:49:35.000000000 +0100 ++++ Python-3.10.20/Misc/NEWS 2026-03-05 19:41:57.302556681 +0100 +@@ -4112,7 +4112,7 @@ ----- - bpo-43795: The list in :ref:`stable-abi-list` now shows the public name ++++++ gh120226-fix-sendfile-test-kernel-610.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:06.029280711 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:06.033280875 +0100 @@ -13,9 +13,11 @@ Lib/test/test_asyncio/test_sendfile.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) ---- a/Lib/test/test_asyncio/test_sendfile.py -+++ b/Lib/test/test_asyncio/test_sendfile.py -@@ -93,13 +93,10 @@ class MyProto(asyncio.Protocol): +Index: Python-3.10.20/Lib/test/test_asyncio/test_sendfile.py +=================================================================== +--- Python-3.10.20.orig/Lib/test/test_asyncio/test_sendfile.py 2026-03-05 19:39:00.579333997 +0100 ++++ Python-3.10.20/Lib/test/test_asyncio/test_sendfile.py 2026-03-05 19:42:33.925609321 +0100 +@@ -93,13 +93,10 @@ class SendfileBase: ++++++ gh139257-Support-docutils-0.22.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:06.053281699 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:06.053281699 +0100 @@ -7,10 +7,10 @@ Doc/tools/extensions/pyspecific.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) -Index: Python-3.10.18/Doc/tools/extensions/pyspecific.py +Index: Python-3.10.20/Doc/tools/extensions/pyspecific.py =================================================================== ---- Python-3.10.18.orig/Doc/tools/extensions/pyspecific.py 2025-09-30 18:24:01.155883150 +0200 -+++ Python-3.10.18/Doc/tools/extensions/pyspecific.py 2025-09-30 18:24:01.192999890 +0200 +--- Python-3.10.20.orig/Doc/tools/extensions/pyspecific.py 2026-03-05 19:42:35.193611143 +0100 ++++ Python-3.10.20/Doc/tools/extensions/pyspecific.py 2026-03-05 19:42:36.490804092 +0100 @@ -55,11 +55,21 @@ SOURCE_URI = 'https://github.com/python/cpython/tree/3.10/%s' ++++++ sphinx-72.patch ++++++ ++++ 1012 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/python310/sphinx-72.patch ++++ and /work/SRC/openSUSE:Factory/.python310.new.8177/sphinx-72.patch ++++++ sphinx-802.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:06.197287629 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:06.205287958 +0100 @@ -2,9 +2,11 @@ Doc/tools/extensions/pyspecific.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) ---- a/Doc/tools/extensions/pyspecific.py -+++ b/Doc/tools/extensions/pyspecific.py -@@ -28,7 +28,13 @@ try: +Index: Python-3.10.20/Doc/tools/extensions/pyspecific.py +=================================================================== +--- Python-3.10.20.orig/Doc/tools/extensions/pyspecific.py 2026-03-05 19:42:18.992268971 +0100 ++++ Python-3.10.20/Doc/tools/extensions/pyspecific.py 2026-03-08 23:16:00.413991280 +0100 +@@ -28,7 +28,13 @@ except ImportError: from sphinx.environment import NoUri from sphinx.locale import _ as sphinx_gettext ++++++ support-expat-CVE-2022-25236-patched.patch ++++++ --- /var/tmp/diff_new_pack.739ntc/_old 2026-03-09 16:13:06.233289111 +0100 +++ /var/tmp/diff_new_pack.739ntc/_new 2026-03-09 16:13:06.237289277 +0100 @@ -27,17 +27,19 @@ 1 file changed, 9 insertions(+), 14 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst ---- a/Lib/test/test_minidom.py -+++ b/Lib/test/test_minidom.py -@@ -6,7 +6,6 @@ import io +Index: Python-3.10.20/Lib/test/test_minidom.py +=================================================================== +--- Python-3.10.20.orig/Lib/test/test_minidom.py 2026-03-05 19:39:01.567696516 +0100 ++++ Python-3.10.20/Lib/test/test_minidom.py 2026-03-05 19:42:02.323563898 +0100 +@@ -7,7 +7,6 @@ from test import support import unittest -import pyexpat import xml.dom.minidom - from xml.dom.minidom import parse, Attr, Node, Document, parseString -@@ -1163,13 +1162,11 @@ class MinidomTest(unittest.TestCase): + from xml.dom.minidom import parse, Attr, Node, Document, Element, parseString +@@ -1194,13 +1193,11 @@ # Verify that character decoding errors raise exceptions instead # of crashing @@ -56,7 +58,7 @@ b'<fran\xe7ais>Comment \xe7a va ? Tr\xe8s bien ?</fran\xe7ais>') doc.unlink() -@@ -1631,12 +1628,10 @@ class MinidomTest(unittest.TestCase): +@@ -1662,12 +1659,10 @@ self.confirm(doc2.namespaceURI == xml.dom.EMPTY_NAMESPACE) def testExceptionOnSpacesInXMLNSValue(self):
