Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python39 for openSUSE:Factory checked in at 2021-05-12 19:31:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python39 (Old) and /work/SRC/openSUSE:Factory/.python39.new.2988 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python39" Wed May 12 19:31:06 2021 rev:16 rq:890781 version:3.9.5 Changes: -------- --- /work/SRC/openSUSE:Factory/python39/python39.changes 2021-05-02 18:35:36.529077487 +0200 +++ /work/SRC/openSUSE:Factory/.python39.new.2988/python39.changes 2021-05-12 19:31:09.647306387 +0200 @@ -1,0 +2,135 @@ +Wed May 5 15:16:58 UTC 2021 - Matej Cepl <[email protected]> + +- Update to 3.9.5: + * Security + - bpo-43434: Creating a sqlite3.Connection object now also + produces a sqlite3.connect auditing event. Previously this + event was only produced by sqlite3.connect() calls. Patch + by Erlend E. Aasland. + - bpo-43882: The presence of newline or tab characters in + parts of a URL could allow some forms of attacks. + - Following the controlling specification for URLs defined by + WHATWG urllib.parse() now removes ASCII newlines and tabs + from URLs, preventing such attacks. + - bpo-43472: Ensures interpreter-level audit hooks receive + the cpython.PyInterpreterState_New event when called + through the _xxsubinterpreters module. + - bpo-36384: ipaddress module no longer accepts any leading + zeros in IPv4 address strings. Leading zeros are ambiguous + and interpreted as octal notation by some libraries. For + example the legacy function socket.inet_aton() treats + leading zeros as octal notatation. glibc implementation of + modern inet_pton() does not accept any leading zeros. For + a while the ipaddress module used to accept ambiguous + leading zeros. + - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) + vulnerability in urllib.request.AbstractBasicAuthHandler. + The ReDoS-vulnerable regex has quadratic worst-case + complexity and it allows cause a denial of service when + identifying crafted invalid RFCs. This ReDoS issue is on + the client side and needs remote attackers to control the + HTTP server. + - bpo-42800: Audit hooks are now fired for frame.f_code, + traceback.tb_frame, and generator code/frame attribute + access. + * Core and Builtins + - bpo-43105: Importlib now resolves relative paths when + creating module spec objects from file locations. + - bpo-42924: Fix bytearray repetition incorrectly copying + data from the start of the buffer, even if the data is + offset within the buffer (e.g. after reassigning a slice at + the start of the bytearray to a shorter byte string). + * Library + - bpo-43993: Update bundled pip to 21.1.1. + - bpo-43937: Fixed the turtle module working with non-default + root window. + - bpo-43930: Update bundled pip to 21.1 and setuptools to + 56.0.0 + - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now + returns a consistent error message when cadata contains no + valid certificate. + - bpo-43607: urllib can now convert Windows paths with \\?\ + prefixes into URL paths. + - bpo-43284: platform.win32_ver derives the windows version + from sys.getwindowsversion().platform_version which in turn + derives the version from kernel32.dll (which can be of + a different version than Windows itself). Therefore change + the platform.win32_ver to determine the version using the + platform module???s _syscmd_ver private function to return an + accurate version. + - bpo-42248: [Enum] ensure exceptions raised in _missing__ + are released + - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 + to suppress deprecation warnings. Python requires OpenSSL + 1.1.1 APIs. + - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants + (OpenSSL 3.0.0) + - bpo-43789: OpenSSL 3.0.0: Don???t call the password callback + function a second time when first call has signaled an + error condition. + - bpo-43788: The header files for ssl error codes are now + OpenSSL version-specific. Exceptions will now show correct + reason and library codes. The make_ssl_data.py script has + been rewritten to use OpenSSL???s text file with error codes. + - bpo-43655: tkinter dialog windows are now recognized as + dialogs by window managers on macOS and X Window. + - bpo-43534: turtle.textinput() and turtle.numinput() create + now a transient window working on behalf of the canvas + window. + - bpo-43522: Fix problem with hostname_checks_common_name. + OpenSSL does not copy hostflags from struct SSL_CTX to + struct SSL. + - bpo-42967: Allow bytes separator argument in + urllib.parse.parse_qs and urllib.parse.parse_qsl when + parsing str query strings. Previously, this raised + a TypeError. + - bpo-43176: Fixed processing of a dataclass that inherits + from a frozen dataclass with no fields. It is now correctly + detected as an error. + - bpo-41735: Fix thread locks in zlib module may go wrong in + rare case. Patch by Ma Lin. + - bpo-36470: Fix dataclasses with InitVars and replace(). + Patch by Claudiu Popa. + - bpo-32745: Fix a regression in the handling of ctypes??? + ctypes.c_wchar_p type: embedded null characters would cause + a ValueError to be raised. Patch by Zackery Spytz. + * Documentation + - bpo-43959: The documentation on the PyContextVar C-API was + clarified. + - bpo-43938: Update dataclasses documentation to express that + FrozenInstanceError is derived from AttributeError. + - bpo-43755: Update documentation to reflect that + unparenthesized lambda expressions can no longer be the + expression part in an if clause in comprehensions and + generator expressions since Python 3.9. + - bpo-43739: Fixing the example code in + Doc/extending/extending.rst to declare and initialize the + pmodule variable to be of the right type. + * Tests + - bpo-43961: Fix + test_logging.test_namer_rotator_inheritance() on Windows: + use os.replace() rather than os.rename(). Patch by Victor + Stinner. + - bpo-43842: Fix a race condition in the SMTP test of + test_logging. Don???t close a file descriptor (socket) from + a different thread while asyncore.loop() is polling the + file descriptor. Patch by Victor Stinner. + - bpo-43811: Tests multiple OpenSSL versions on GitHub + Actions. Use ccache to speed up testing. + - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy + protocols TLS 1.0 and 1.1. Tests are failing with + TLSV1_ALERT_INTERNAL_ERROR. +- Refreshed patches: + - bpo-31046_ensurepip_honours_prefix.patch + - python-3.3.0b1-fix_date_time_compiler.patch +- Add vendorized files from bluez-devel to enable building support for + Bluetooth. + +------------------------------------------------------------------- +Sun May 2 09:20:06 UTC 2021 - Ben Greiner <[email protected]> + +- Make sure to close the import_failed.map file after the exception + has been raised in order to avoid ResourceWarnings when the + failing import is part of a try...except block. + +------------------------------------------------------------------- Old: ---- Python-3.9.4.tar.xz Python-3.9.4.tar.xz.asc New: ---- Python-3.9.5.tar.xz Python-3.9.5.tar.xz.asc bluez-devel-vendor.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python39.spec ++++++ --- /var/tmp/diff_new_pack.HjcBgo/_old 2021-05-12 19:31:10.603302141 +0200 +++ /var/tmp/diff_new_pack.HjcBgo/_new 2021-05-12 19:31:10.611302105 +0200 @@ -53,7 +53,7 @@ # Will do the /usr/bin/python3 and all the core links %define primary_interpreter 0 # We don't process beta signs well -%define folderversion 3.9.4 +%define folderversion 3.9.5 %define tarname Python-%{tarversion} %define sitedir %{_libdir}/python%{python_version} # three possible ABI kinds: m - pymalloc, d - debug build; see PEP 3149 @@ -88,7 +88,7 @@ %bcond_without profileopt %endif Name: %{python_pkg_name}%{psuffix} -Version: 3.9.4 +Version: 3.9.5 Release: 0 Summary: Python 3 Interpreter License: Python-2.0 @@ -104,6 +104,12 @@ Source11: skipped_tests.py Source19: idle3.desktop Source20: idle3.appdata.xml +# content of bluez-devel: +# 1. sudo zypper --pkg-cache-dir /tmp install -f -d --no-recommends bluez-devel +# 2. rpm2cpio /tmp/*/*/bluez-devel-*.rpm|cpio -idu +# 3. mkdir Vendor && mv usr/include/* Vendor/ +# 4. tar cJf bluez-devel-vendor.tar.xz Vendor/ +Source21: bluez-devel-vendor.tar.xz Source99: https://www.python.org/static/files/pubkeys.txt#/python.keyring # The following files are not used in the build. # They are listed here to work around missing functionality in rpmbuild, @@ -402,6 +408,9 @@ # drop duplicate README from site-packages rm Lib/site-packages/README.txt +# Add vendored bluez-devel files +tar xvf %{SOURCE21} + %build %if %{with doc} TODAY_DATE=`date -r %{SOURCE0} "+%%B %%d, %%Y"` @@ -427,6 +436,8 @@ sed -e 's/-fprofile-correction//' -i Makefile.pre.in %endif +export CFLAGS="%{optflags} -IVendor/" + %configure \ --with-platlibdir=%{_lib} \ --docdir=%{_docdir}/python \ @@ -488,9 +499,6 @@ # done have any such interface breaking the uuid module. EXCLUDE="$EXCLUDE test_uuid" -# TEMPORARILY EXCLUDE test_capi bpo#37169 -EXCLUDE="$EXCLUDE test_capi" - # Limit virtual memory to avoid spurious failures if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then ulimit -v 10000000 || : ++++++ Python-3.9.4.tar.xz -> Python-3.9.5.tar.xz ++++++ /work/SRC/openSUSE:Factory/python39/Python-3.9.4.tar.xz /work/SRC/openSUSE:Factory/.python39.new.2988/Python-3.9.5.tar.xz differ: char 27, line 1 ++++++ bpo-31046_ensurepip_honours_prefix.patch ++++++ --- /var/tmp/diff_new_pack.HjcBgo/_old 2021-05-12 19:31:10.743301519 +0200 +++ /var/tmp/diff_new_pack.HjcBgo/_new 2021-05-12 19:31:10.743301519 +0200 @@ -5,11 +5,11 @@ Co-Authored-By: Xavier de Gaye <[email protected]> --- - Doc/library/ensurepip.rst | 9 +++++++-- - Lib/ensurepip/__init__.py | 18 +++++++++++++----- - Lib/test/test_ensurepip.py | 11 +++++++++++ - Makefile.pre.in | 4 ++-- - .../2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst | 1 + + Doc/library/ensurepip.rst | 9 +++-- + Lib/ensurepip/__init__.py | 18 +++++++--- + Lib/test/test_ensurepip.py | 11 ++++++ + Makefile.pre.in | 4 +- + Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst | 1 5 files changed, 34 insertions(+), 9 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst @@ -139,7 +139,7 @@ --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -1253,7 +1253,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni +@@ -1263,7 +1263,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -148,7 +148,7 @@ fi altinstall: commoninstall -@@ -1263,7 +1263,7 @@ altinstall: commoninstall +@@ -1273,7 +1273,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ ++++++ import_failed.py ++++++ --- /var/tmp/diff_new_pack.HjcBgo/_old 2021-05-12 19:31:10.795301288 +0200 +++ /var/tmp/diff_new_pack.HjcBgo/_new 2021-05-12 19:31:10.795301288 +0200 @@ -8,11 +8,12 @@ else: failed_name = __name__ -for line in open(failed_map_path): - package = line.split(':')[0] - imports = line.split(':')[1] - if failed_name in imports: - raise ImportError(f"""Module '{failed_name}' is not installed. +with open(failed_map_path) as fd: + for line in fd: + package = line.split(':')[0] + imports = line.split(':')[1] + if failed_name in imports: + raise ImportError(f"""Module '{failed_name}' is not installed. Use: sudo zypper install {package} to install it.""") ++++++ python-3.3.0b1-fix_date_time_compiler.patch ++++++ --- /var/tmp/diff_new_pack.HjcBgo/_old 2021-05-12 19:31:10.831301128 +0200 +++ /var/tmp/diff_new_pack.HjcBgo/_new 2021-05-12 19:31:10.831301128 +0200 @@ -1,6 +1,10 @@ +--- + Makefile.pre.in | 7 +++++++ + 1 file changed, 7 insertions(+) + --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -772,11 +772,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ +@@ -782,11 +782,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ $(DTRACE_OBJS) \ $(srcdir)/Modules/getbuildinfo.c $(CC) -c $(PY_CORE_CFLAGS) \
