Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python310 for openSUSE:Factory checked in at 2026-03-22 14:11:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python310 (Old) and /work/SRC/openSUSE:Factory/.python310.new.8177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python310" Sun Mar 22 14:11:53 2026 rev:73 rq:1341597 version:3.10.20 Changes: -------- --- /work/SRC/openSUSE:Factory/python310/python310.changes 2026-03-09 16:13:03.405172654 +0100 +++ /work/SRC/openSUSE:Factory/.python310.new.8177/python310.changes 2026-03-22 14:12:53.799146045 +0100 @@ -1,0 +2,12 @@ +Wed Mar 18 09:22:58 UTC 2026 - Matej Cepl <[email protected]> + +- Fix changelog + +------------------------------------------------------------------- +Fri Mar 13 18:20:40 UTC 2026 - Matej Cepl <[email protected]> + +- Add CVE-2026-2297-SourcelessFileLoader-io_open_code.patch + ensuring that `SourcelessFileLoader` uses `io.open_code` when + opening `.pyc` files (bsc#1259240, CVE-2026-2297). + +------------------------------------------------------------------- @@ -9 +21 @@ - Petr Viktorin in gh-121650). + Petr Viktorin in gh-121650) (bsc#1257181, CVE-2026-1299). New: ---- CVE-2026-2297-SourcelessFileLoader-io_open_code.patch ----------(New B)---------- New: - Add CVE-2026-2297-SourcelessFileLoader-io_open_code.patch ensuring that `SourcelessFileLoader` uses `io.open_code` when ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python310.spec ++++++ --- /var/tmp/diff_new_pack.yXrhSU/_old 2026-03-22 14:12:58.463337840 +0100 +++ /var/tmp/diff_new_pack.yXrhSU/_new 2026-03-22 14:12:58.475338333 +0100 @@ -212,6 +212,9 @@ # PATCH-FIX-UPSTREAM CVE-2025-15367-poplib-ctrl-chars.patch bsc#1257041 [email protected] # Reject control characters in poplib Patch40: CVE-2025-15367-poplib-ctrl-chars.patch +# PATCH-FIX-UPSTREAM CVE-2026-2297-SourcelessFileLoader-io_open_code.patch bsc#1259240 [email protected] +# Ensure SourcelessFileLoader uses io.open_code +Patch41: CVE-2026-2297-SourcelessFileLoader-io_open_code.patch ### END OF PATCHES BuildRequires: autoconf-archive BuildRequires: automake ++++++ CVE-2026-2297-SourcelessFileLoader-io_open_code.patch ++++++ ++++ 2483 lines (skipped) ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.yXrhSU/_old 2026-03-22 14:12:59.515381100 +0100 +++ /var/tmp/diff_new_pack.yXrhSU/_new 2026-03-22 14:12:59.543382252 +0100 @@ -1,6 +1,6 @@ -mtime: 1773009008 -commit: 57861cf3b8d53ce5850469f33cc39f90de70086fae365910abde24bc7da69399 +mtime: 1773847372 +commit: 22234fcccd2d3959f01902c5a089736702587658965ac9d3b6aa2bdf157298a3 url: https://src.opensuse.org/python-interpreters/python310.git -revision: 57861cf3b8d53ce5850469f33cc39f90de70086fae365910abde24bc7da69399 +revision: 22234fcccd2d3959f01902c5a089736702587658965ac9d3b6aa2bdf157298a3 projectscmsync: https://src.opensuse.org/python-interpreters/_ObsPrj ++++++ build.specials.obscpio ++++++ --- old/.gitignore 2026-03-08 23:30:21.000000000 +0100 +++ new/.gitignore 2026-03-18 16:23:58.000000000 +0100 @@ -1,5 +1,8 @@ .osc *.obscpio -_build* +*.osc +_build.* .pbuild +*.orig +*.rej python310-*-build/ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-03-18 16:23:58.000000000 +0100 @@ -0,0 +1,8 @@ +.osc +*.obscpio +*.osc +_build.* +.pbuild +*.orig +*.rej +python310-*-build/
