Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python for openSUSE:Factory checked
in at 2022-11-24 12:22:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python (Old)
and /work/SRC/openSUSE:Factory/.python.new.1597 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python"
Thu Nov 24 12:22:05 2022 rev:175 rq:1037419 version:2.7.18
Changes:
--------
--- /work/SRC/openSUSE:Factory/python/python-base.changes 2022-11-12
17:40:04.597777750 +0100
+++ /work/SRC/openSUSE:Factory/.python.new.1597/python-base.changes
2022-11-24 12:22:07.312875330 +0100
@@ -1,0 +2,6 @@
+Tue Nov 22 20:55:13 UTC 2022 - Matej Cepl <mc...@suse.com>
+
+- Restore python-2.7.9-sles-disable-verification-by-default.patch
+ for SLE-12.
+
+-------------------------------------------------------------------
python-doc.changes: same change
python.changes: same change
New:
----
python-2.7.9-sles-disable-verification-by-default.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-base.spec ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.024886210 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.028886235 +0100
@@ -58,6 +58,8 @@
Patch24: python-bsddb6.patch
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
Patch33: python-2.7.9-ssl_ca_path.patch
+# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
+Patch34: python-2.7.9-sles-disable-verification-by-default.patch
# PATCH-FIX-UPSTREAM do not use non-ASCII filename in test_ssl.py
Patch35: do-not-use-non-ascii-in-test_ssl.patch
# PATCH-FIX-UPSTREAM bmwiedem...@suse.de -- allow python packages to build
reproducibly
@@ -243,6 +245,9 @@
%patch22 -p1
%patch24 -p1
%patch33 -p1
+%if %{suse_version} < 1500 && !0%{?is_opensuse}
+%patch34 -p1
+%endif
%patch35 -p1
%patch38 -p1
%ifarch ppc ppc64 ppc64le
python-doc.spec: same change
++++++ python.spec ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.092886642 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.096886667 +0100
@@ -57,6 +57,8 @@
Patch24: python-bsddb6.patch
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
Patch33: python-2.7.9-ssl_ca_path.patch
+# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
+Patch34: python-2.7.9-sles-disable-verification-by-default.patch
# PATCH-FIX-UPSTREAM do not use non-ASCII filename in test_ssl.py
Patch35: do-not-use-non-ascii-in-test_ssl.patch
# PATCH-FIX-UPSTREAM bmwiedem...@suse.de -- allow python packages to build
reproducibly
@@ -296,6 +298,9 @@
%patch22 -p1
%patch24 -p1
%patch33 -p1
+%if %{suse_version} < 1500 && !0%{?is_opensuse}
+%patch34 -p1
+%endif
%patch35 -p1
%patch38 -p1
%ifarch ppc ppc64 ppc64le
++++++ CVE-2019-5010-null-defer-x509-cert-DOS.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.128886871 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.132886896 +0100
@@ -14,17 +14,15 @@
Co-authored-by: Christian Heimes <christ...@python.org>
---
- Lib/test/talos-2019-0758.pem | 22 +++++++++++++++++++
- Lib/test/test_ssl.py | 22 +++++++++++++++++++
- .../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +++
- Modules/_ssl.c | 4 ++++
- 4 files changed, 51 insertions(+)
+ Lib/test/test_ssl.py | 21
++++++++++
+ Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +
+ 2 files changed, 24 insertions(+)
create mode 100644 Lib/test/talos-2019-0758.pem
create mode 100644
Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
-@@ -256,6 +256,27 @@ class BasicSocketTests(unittest.TestCase
+@@ -287,6 +287,27 @@ class BasicSocketTests(unittest.TestCase
}
)
++++++ do-not-use-non-ascii-in-test_ssl.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.232887532 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.236887557 +0100
@@ -1,6 +1,10 @@
+---
+ Lib/test/test_ssl.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
-@@ -1021,7 +1021,7 @@ class ContextTests(unittest.TestCase):
+@@ -1052,7 +1052,7 @@ class ContextTests(unittest.TestCase):
def test_load_dh_params(self):
++++++ openssl-111-middlebox-compat.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.284887862 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.292887913 +0100
@@ -8,12 +8,12 @@
https://bugs.python.org/issue34834
---
- Lib/test/test_ssl.py | 5 +++++
- 1 file changed, 5 insertions(+)
+ Lib/test/test_ssl.py | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
-@@ -807,8 +807,12 @@ class ContextTests(unittest.TestCase):
+@@ -838,8 +838,12 @@ class ContextTests(unittest.TestCase):
default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
# SSLContext also enables these by default
default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
++++++ openssl-111-ssl_options.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.304887989 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.308888015 +0100
@@ -1,6 +1,10 @@
+---
+ Lib/test/test_ssl.py | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
-@@ -807,12 +807,8 @@ class ContextTests(unittest.TestCase):
+@@ -838,12 +838,8 @@ class ContextTests(unittest.TestCase):
default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
# SSLContext also enables these by default
default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
++++++ python-2.7.4-canonicalize2.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.364888371 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.368888396 +0100
@@ -1,3 +1,9 @@
+---
+ Python/sysmodule.c | 26 +++++++++++++++++++-------
+ configure.ac | 2 +-
+ pyconfig.h.in | 3 +++
+ 3 files changed, 23 insertions(+), 8 deletions(-)
+
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c
@@ -1638,7 +1638,20 @@ PySys_SetArgvEx(int argc, char **argv, i
@@ -28,7 +34,7 @@
}
-#endif /* HAVE_READLINK */
+#endif /* resolve method selection */
-+
++
#if SEP == '\\' /* Special case for MS filename syntax */
if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
char *q;
@@ -54,6 +60,17 @@
if (PyList_Insert(path, 0, a) < 0)
Py_FatalError("sys.path.insert(0) failed");
Py_DECREF(a);
+--- a/configure.ac
++++ b/configure.ac
+@@ -3165,7 +3165,7 @@ AC_CHECK_FUNCS(alarm setitimer getitimer
+ getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
+ initgroups kill killpg lchown lstat mkfifo mknod mktime mmap \
+ mremap nice pathconf pause plock poll pthread_init \
+- putenv readlink realpath \
++ putenv readlink realpath canonicalize_file_name \
+ select sem_open sem_timedwait sem_getvalue sem_unlink setegid seteuid \
+ setgid \
+ setlocale setregid setreuid setsid setpgid setpgrp setuid setvbuf snprintf \
--- a/pyconfig.h.in
+++ b/pyconfig.h.in
@@ -109,6 +109,9 @@
@@ -66,15 +83,4 @@
/* Define to 1 if you have the `chown' function. */
#undef HAVE_CHOWN
---- a/configure.ac
-+++ b/configure.ac
-@@ -3159,7 +3159,7 @@ AC_CHECK_FUNCS(alarm setitimer getitimer
- getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
- initgroups kill killpg lchown lstat mkfifo mknod mktime mmap \
- mremap nice pathconf pause plock poll pthread_init \
-- putenv readlink realpath \
-+ putenv readlink realpath canonicalize_file_name \
- select sem_open sem_timedwait sem_getvalue sem_unlink setegid seteuid \
- setgid \
- setlocale setregid setreuid setsid setpgid setpgrp setuid setvbuf snprintf \
++++++ python-2.7.5-multilib.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.376888447 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.380888472 +0100
@@ -1,47 +1,21 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -773,6 +773,41 @@ SunOS*)
- ;;
- esac
-
-+AC_SUBST(ARCH)
-+AC_MSG_CHECKING(ARCH)
-+ARCH=`uname -m`
-+case $ARCH in
-+i?86) ARCH=i386;;
-+esac
-+AC_MSG_RESULT($ARCH)
-+
-+AC_SUBST(LIB)
-+AC_MSG_CHECKING(LIB)
-+case $ac_sys_system in
-+Linux*)
-+ # Test if the compiler is 64bit
-+ echo 'int i;' > conftest.$ac_ext
-+ python_cv_cc_64bit_output=no
-+ if AC_TRY_EVAL(ac_compile); then
-+ case `/usr/bin/file conftest.$ac_objext` in
-+ *"ELF 64"*)
-+ python_cv_cc_64bit_output=yes
-+ ;;
-+ esac
-+ fi
-+ rm -rf conftest*
-+ ;;
-+esac
-+
-+case $ARCH:$python_cv_cc_64bit_output in
-+aarch64:yes | ppc64:yes | ppc64le:yes | powerpc64:yes | s390x:yes |
sparc64:yes | x86_64:yes)
-+ LIB="lib64"
-+ ;;
-+*:*)
-+ LIB="lib"
-+ ;;
-+esac
-+AC_MSG_RESULT($LIB)
-
- AC_SUBST(LIBRARY)
- AC_MSG_CHECKING(LIBRARY)
+---
+ Include/pythonrun.h | 2 +
+ Lib/distutils/command/install.py | 4 ++-
+ Lib/distutils/sysconfig.py | 7 ++++--
+ Lib/pydoc.py | 2 -
+ Lib/site.py | 40
+++++++++++++++++++++++++++------------
+ Lib/sysconfig.py | 12 +++++------
+ Lib/test/test_dl.py | 5 ++--
+ Lib/test/test_site.py | 16 +++++++++++----
+ Lib/trace.py | 4 +--
+ Makefile.pre.in | 5 +++-
+ Modules/getpath.c | 4 ++-
+ Python/getplatform.c | 20 +++++++++++++++++++
+ Python/sysmodule.c | 4 +++
+ configure.ac | 35 ++++++++++++++++++++++++++++++++++
+ setup.py | 15 ++++++--------
+ 15 files changed, 135 insertions(+), 40 deletions(-)
+
--- a/Include/pythonrun.h
+++ b/Include/pythonrun.h
@@ -108,6 +108,8 @@ PyAPI_FUNC(char *) Py_GetPath(void);
@@ -75,7 +49,7 @@
'data' : '$base',
--- a/Lib/distutils/sysconfig.py
+++ b/Lib/distutils/sysconfig.py
-@@ -119,8 +119,11 @@ def get_python_lib(plat_specific=0, stan
+@@ -129,8 +129,11 @@ def get_python_lib(plat_specific=0, stan
prefix = plat_specific and EXEC_PREFIX or PREFIX
if os.name == "posix":
@@ -368,9 +342,53 @@
SET_SYS_FROM_STRING("executable",
PyString_FromString(Py_GetProgramFullPath()));
SET_SYS_FROM_STRING("prefix",
+--- a/configure.ac
++++ b/configure.ac
+@@ -773,6 +773,41 @@ SunOS*)
+ ;;
+ esac
+
++AC_SUBST(ARCH)
++AC_MSG_CHECKING(ARCH)
++ARCH=`uname -m`
++case $ARCH in
++i?86) ARCH=i386;;
++esac
++AC_MSG_RESULT($ARCH)
++
++AC_SUBST(LIB)
++AC_MSG_CHECKING(LIB)
++case $ac_sys_system in
++Linux*)
++ # Test if the compiler is 64bit
++ echo 'int i;' > conftest.$ac_ext
++ python_cv_cc_64bit_output=no
++ if AC_TRY_EVAL(ac_compile); then
++ case `/usr/bin/file conftest.$ac_objext` in
++ *"ELF 64"*)
++ python_cv_cc_64bit_output=yes
++ ;;
++ esac
++ fi
++ rm -rf conftest*
++ ;;
++esac
++
++case $ARCH:$python_cv_cc_64bit_output in
++aarch64:yes | ppc64:yes | ppc64le:yes | powerpc64:yes | s390x:yes |
sparc64:yes | x86_64:yes)
++ LIB="lib64"
++ ;;
++*:*)
++ LIB="lib"
++ ;;
++esac
++AC_MSG_RESULT($LIB)
+
+ AC_SUBST(LIBRARY)
+ AC_MSG_CHECKING(LIBRARY)
--- a/setup.py
+++ b/setup.py
-@@ -456,7 +456,7 @@ class PyBuildExt(build_ext):
+@@ -502,7 +502,7 @@ class PyBuildExt(build_ext):
def detect_modules(self):
# Ensure that /usr/local is always used
if not cross_compiling:
@@ -379,7 +397,7 @@
add_dir_to_list(self.compiler.include_dirs, '/usr/local/include')
if cross_compiling:
self.add_gcc_paths()
-@@ -782,11 +782,11 @@ class PyBuildExt(build_ext):
+@@ -828,11 +828,11 @@ class PyBuildExt(build_ext):
elif curses_library:
readline_libs.append(curses_library)
elif self.compiler.find_library_file(lib_dirs +
@@ -393,7 +411,7 @@
extra_link_args=readline_extra_link_args,
libraries=readline_libs) )
else:
-@@ -1933,18 +1933,17 @@ class PyBuildExt(build_ext):
+@@ -1979,18 +1979,17 @@ class PyBuildExt(build_ext):
# Check for various platform-specific directories
if host_platform == 'sunos5':
include_dirs.append('/usr/openwin/include')
++++++ python-2.7.9-sles-disable-verification-by-default.patch ++++++
---
Lib/ssl.py | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -497,7 +497,17 @@ def _get_https_context_factory():
return _create_unverified_context
return create_default_context
-_create_default_https_context = _get_https_context_factory()
+try:
+ # load the TLS checks policy from separate package
+ import sle_tls_checks_policy as policy
+ if policy.get_policy:
+ _create_default_https_context = policy.get_policy()
+ else:
+ # empty policy file means simply enable strict verification
+ _create_default_https_context = _get_https_context_factory()
+except ImportError:
+ # policy not present, disable verification for backwards compatibility
+ _create_default_https_context = _create_unverified_context
# PEP 493: "private" API to configure HTTPS defaults without monkeypatching
def _https_verify_certificates(enable=True):
++++++ python-bsddb6.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.416888701 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.420888726 +0100
@@ -13,8 +13,8 @@
Lib/bsddb/test/test_replication.py | 25 +-------
Modules/_bsddb.c | 108
+++++++++++++++++++++++++++++++++----
Modules/bsddb.h | 2
- setup.py | 6 +-
- 6 files changed, 120 insertions(+), 41 deletions(-)
+ setup.py | 4 +
+ 6 files changed, 118 insertions(+), 41 deletions(-)
--- a/Lib/bsddb/test/test_all.py
+++ b/Lib/bsddb/test/test_all.py
@@ -368,7 +368,7 @@
--- a/setup.py
+++ b/setup.py
-@@ -905,7 +905,7 @@ class PyBuildExt(build_ext):
+@@ -951,7 +951,7 @@ class PyBuildExt(build_ext):
# a release. Most open source OSes come with one or more
# versions of BerkeleyDB already installed.
@@ -377,7 +377,7 @@
min_db_ver = (4, 3)
db_setup_debug = False # verbose debug prints from this script?
-@@ -945,6 +945,7 @@ class PyBuildExt(build_ext):
+@@ -991,6 +991,7 @@ class PyBuildExt(build_ext):
# construct a list of paths to look for the header file in on
# top of the normal inc_dirs.
db_inc_paths = [
@@ -385,7 +385,7 @@
'/usr/include/db4',
'/usr/local/include/db4',
'/opt/sfw/include/db4',
-@@ -984,6 +985,7 @@ class PyBuildExt(build_ext):
+@@ -1030,6 +1031,7 @@ class PyBuildExt(build_ext):
for dn in inc_dirs:
std_variants.append(os.path.join(dn, 'db3'))
std_variants.append(os.path.join(dn, 'db4'))
++++++ remove-static-libpython.patch ++++++
--- /var/tmp/diff_new_pack.VWkEUx/_old 2022-11-24 12:22:09.456888955 +0100
+++ /var/tmp/diff_new_pack.VWkEUx/_new 2022-11-24 12:22:09.460888980 +0100
@@ -1,3 +1,7 @@
+---
+ Makefile.pre.in | 26 +-------------------------
+ 1 file changed, 1 insertion(+), 25 deletions(-)
+
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -488,7 +488,7 @@ coverage-report: regen-grammar
@@ -28,7 +32,7 @@
libpython$(VERSION).so: $(LIBRARY_OBJS)
if test $(INSTSONAME) != $(LDLIBRARY); then \
$(BLDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME)
$(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM) $(LDLAST); \
-@@ -1220,18 +1208,6 @@ libainstall: @DEF_MAKE_RULE@ python-conf
+@@ -1226,18 +1214,6 @@ libainstall: @DEF_MAKE_RULE@ python-conf
else true; \
fi; \
done
