Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python39 for openSUSE:Factory checked in at 2021-05-02 18:35:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python39 (Old) and /work/SRC/openSUSE:Factory/.python39.new.1947 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python39" Sun May 2 18:35:20 2021 rev:15 rq:889130 version:3.9.4 Changes: -------- --- /work/SRC/openSUSE:Factory/python39/python39.changes 2021-04-15 16:56:39.346602000 +0200 +++ /work/SRC/openSUSE:Factory/.python39.new.1947/python39.changes 2021-05-02 18:35:36.529077487 +0200 @@ -1,0 +2,104 @@ +Wed Apr 28 16:39:54 UTC 2021 - Matej Cepl <mc...@suse.com> + +- Update to 3.9.4: + - bpo#43710: Reverted the fix for https://bugs.python.org/issue42500 + as it changed the PyThreadState struct size and broke the 3.9.x ABI + in the 3.9.3 release (visible on 32-bit platforms using binaries + compiled using an earlier version of Python 3.9.x headers). + - bpo#26053: Fixed bug where the pdb interactive run command echoed + the args from the shell command line, even if those have been + overridden at the pdb prompt. + - bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile + feature of the pydoc module which could be abused to read + arbitrary files on the disk (directory traversal + vulnerability). Moreover, even source code of Python modules + can contain sensitive data like passwords. Vulnerability + reported by David Schw??rer. + - bpo#43285: ftplib no longer trusts the IP address value + returned from the server in response to the PASV command by + default. This prevents a malicious FTP server from using the + response to probe IPv4 address and port combinations on the + client network. Code that requires the former vulnerable + behavior may set a trust_server_pasv_ipv4_address attribute + on their ftplib.FTP instances to True to re-enable it. + - bpo#43439: Add audit hooks for gc.get_objects(), + gc.get_referrers() and gc.get_referents(). Patch by Pablo + Galindo. + - bpo#43660: Fix crash that happens when replacing sys.stderr + with a callable that can remove the object while an exception + is being printed. Patch by Pablo Galindo. + - bpo#43555: Report the column offset for SyntaxError for + invalid line continuation characters. Patch by Pablo Galindo. + - bpo#43517: Fix misdetection of circular imports when using + from pkg.mod import attr, which caused false positives in + non-trivial multi-threaded code. + - bpo#35883: Python no longer fails at startup with a fatal + error if a command line argument contains an invalid Unicode + character. The Py_DecodeLocale() function now escapes byte + sequences which would be decoded as Unicode characters + outside the [U+0000; U+10ffff] range. + - bpo#43406: Fix a possible race condition where + PyErr_CheckSignals tries to execute a non-Python signal + handler. + - bpo#42500: Improve handling of exceptions near recursion + limit. Converts a number of Fatal Errors in RecursionErrors. + - bpo#43433: xmlrpc.client.ServerProxy no longer ignores query + and fragment in the URL of the server. + - bpo#35930: Raising an exception raised in a ???future??? instance + will create reference cycles. + - bpo#43577: Fix deadlock when using ssl.SSLContext debug + callback with ssl.SSLContext.sni_callback(). + - bpo#43521: ast.unparse can now render NaNs and empty sets. + - bpo#43423: subprocess.communicate() no longer raises an + IndexError when there is an empty stdout or stderr IO buffer + during a timeout on Windows. + - bpo#27820: Fixed long-standing bug of smtplib.SMTP where + doing AUTH LOGIN with initial_response_ok=False will fail. + The cause is that SMTP.auth_login _always_ returns a password + if provided with a challenge string, thus non-compliant with + the standard for AUTH LOGIN. Also fixes bug with the test for + smtpd. + - bpo#43332: Improves the networking efficiency of http.client + when using a proxy via set_tunnel(). Fewer small send calls + are made during connection setup. + - bpo#43399: Fix ElementTree.extend not working on iterators + when using the Python implementation + - bpo#43316: The python -m gzip command line application now + properly fails when detecting an unsupported extension. It + exits with a non-zero exit code and prints an error message + to stderr. + - bpo#43260: Fix TextIOWrapper can not flush internal buffer + forever after very large text is written. + - bpo#42782: Fail fast in shutil.move() to avoid creating + destination directories on failure. + - bpo#37193: Fixed memory leak in socketserver.ThreadingMixIn + introduced in Python 3.7. + - bpo#43199: Answer ???Why is there no goto???? in the Design and + History FAQ. + - bpo#43407: Clarified that a result from time.monotonic(), + time.perf_counter(), time.process_time(), or + time.thread_time() can be compared with the result from any + following call to the same function - not just the next + immediate call. + - bpo#27646: Clarify that ???yield from <expr>??? works with any + iterable, not just iterators. + - bpo#36346: Update some deprecated unicode APIs which are + documented as ???will be removed in 4.0??? to ???3.12???. See PEP 623 + for detail. + - bpo#37945: Fix test_getsetlocale_issue1813() of test_locale: + skip the test if setlocale() fails. Patch by Victor Stinner. + - bpo#41561: Add workaround for Ubuntu???s custom OpenSSL + security level policy. + - bpo#43288: Fix test_importlib to correctly skip Unicode file + tests if the fileystem does not support them. + - bpo#43617: Improve configure.ac: Check for presence of + autoconf-archive package and remove our copies of M4 macros. + - bpo#42225: Document that IDLE can fail on Unix either from + misconfigured IP masquerage rules or failure displaying + complex colored (non-ascii) characters. + - bpo#43283: Document why printing to IDLE???s Shell is often + slower than printing to a system terminal and that it can be + made faster by pre-formatting a single string before + printing. + +------------------------------------------------------------------- Old: ---- Python-3.9.2.tar.xz Python-3.9.2.tar.xz.asc New: ---- Python-3.9.4.tar.xz Python-3.9.4.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python39.spec ++++++ --- /var/tmp/diff_new_pack.Sm9UJe/_old 2021-05-02 18:35:37.181074709 +0200 +++ /var/tmp/diff_new_pack.Sm9UJe/_new 2021-05-02 18:35:37.181074709 +0200 @@ -53,7 +53,7 @@ # Will do the /usr/bin/python3 and all the core links %define primary_interpreter 0 # We don't process beta signs well -%define folderversion 3.9.2 +%define folderversion 3.9.4 %define tarname Python-%{tarversion} %define sitedir %{_libdir}/python%{python_version} # three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 @@ -88,7 +88,7 @@ %bcond_without profileopt %endif Name: %{python_pkg_name}%{psuffix} -Version: 3.9.2 +Version: 3.9.4 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -136,6 +136,7 @@ # PATCH-FIX-SLE no-skipif-doctests.patch jsc#SLE-13738 mc...@suse.com # SLE-15 version of Sphinx doesn't know about skipif directive in doctests. Patch33: no-skipif-doctests.patch +BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes BuildRequires: gmp-devel @@ -378,9 +379,9 @@ %patch25 -p1 %patch29 -p1 %patch32 -p1 -# %%if 0%%{?suse_version} <= 1500 +%if 0%{?suse_version} <= 1500 %patch33 -p1 -# %%endif +%endif # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac ++++++ Python-3.9.2.tar.xz -> Python-3.9.4.tar.xz ++++++ /work/SRC/openSUSE:Factory/python39/Python-3.9.2.tar.xz /work/SRC/openSUSE:Factory/.python39.new.1947/Python-3.9.4.tar.xz differ: char 27, line 1 ++++++ sphinx-update-removed-function.patch ++++++ --- /var/tmp/diff_new_pack.Sm9UJe/_old 2021-05-02 18:35:37.341074027 +0200 +++ /var/tmp/diff_new_pack.Sm9UJe/_new 2021-05-02 18:35:37.345074010 +0200 @@ -1,10 +1,10 @@ --- - Doc/tools/extensions/pyspecific.py | 6 ++++++ - 1 file changed, 6 insertions(+) + Doc/tools/extensions/pyspecific.py | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) --- a/Doc/tools/extensions/pyspecific.py +++ b/Doc/tools/extensions/pyspecific.py -@@ -361,7 +361,12 @@ class DeprecatedRemoved(Directive): +@@ -362,7 +362,12 @@ class DeprecatedRemoved(Directive): translatable=False) node.append(para) env = self.state.document.settings.env
