Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python310 for openSUSE:Factory checked in at 2023-08-06 16:29:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python310 (Old) and /work/SRC/openSUSE:Factory/.python310.new.22712 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python310" Sun Aug 6 16:29:12 2023 rev:35 rq:1102193 version:3.10.12 Changes: -------- --- /work/SRC/openSUSE:Factory/python310/python310.changes 2023-07-24 18:13:10.589638655 +0200 +++ /work/SRC/openSUSE:Factory/.python310.new.22712/python310.changes 2023-08-06 16:29:13.831570412 +0200 @@ -1,0 +2,7 @@ +Thu Aug 3 14:13:30 UTC 2023 - Matej Cepl <mc...@suse.com> + +- Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941) + partially reverting CVE-2023-27043-email-parsing-errors.patch, + because of the regression in gh#python/cpython#106669. + +------------------------------------------------------------------- New: ---- CVE-2023-27043-email-parsing-errors.patch Revert-gh105127-left-tests.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python310.spec ++++++ --- /var/tmp/diff_new_pack.5JFBm2/_old 2023-08-06 16:29:15.767582812 +0200 +++ /var/tmp/diff_new_pack.5JFBm2/_new 2023-08-06 16:29:15.775582863 +0200 @@ -172,10 +172,14 @@ # PATCH-FIX-UPSTREAM gh-78214-marshal_stabilize_FLAG_REF.patch bsc#1213463 mc...@suse.com # marshal: Stabilize FLAG_REF usage Patch39: gh-78214-marshal_stabilize_FLAG_REF.patch -# # PATCH-FIX-UPSTREAM CVE-2023-27043-email-parsing-errors.patch bsc#1210638 mc...@suse.com -# # Detect email address parsing errors and return empty tuple to -# # indicate the parsing error (old API) -# Patch40: CVE-2023-27043-email-parsing-errors.patch +# PATCH-FIX-UPSTREAM CVE-2023-27043-email-parsing-errors.patch bsc#1210638 mc...@suse.com +# Detect email address parsing errors and return empty tuple to +# indicate the parsing error (old API), from gh#python/cpython!105127 +# Patch carries a REGRESSION (gh#python/cpython#106669), so it has been also partially REVERTED +Patch40: CVE-2023-27043-email-parsing-errors.patch +# PATCH-FIX-UPSTREAM Revert-gh105127-left-tests.patch bsc#1210638 mc...@suse.com +# Partially revert previous patch +Patch41: Revert-gh105127-left-tests.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes @@ -449,6 +453,8 @@ %patch36 -p1 %patch38 -p1 %patch39 -p1 +%patch40 -p1 +%patch41 -p1 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac ++++++ CVE-2023-27043-email-parsing-errors.patch ++++++ --- Doc/library/email.utils.rst | 26 +++ Lib/email/utils.py | 63 +++++++ Lib/test/test_email/test_email.py | 81 +++++++++- Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst | 4 4 files changed, 164 insertions(+), 10 deletions(-) Index: Python-3.10.12/Doc/library/email.utils.rst =================================================================== --- Python-3.10.12.orig/Doc/library/email.utils.rst +++ Python-3.10.12/Doc/library/email.utils.rst @@ -67,6 +67,11 @@ of the new API. *email address* parts. Returns a tuple of that information, unless the parse fails, in which case a 2-tuple of ``('', '')`` is returned. + .. versionchanged:: 3.12 + For security reasons, addresses that were ambiguous and could parse into + multiple different addresses now cause ``('', '')`` to be returned + instead of only one of the *potential* addresses. + .. function:: formataddr(pair, charset='utf-8') @@ -89,7 +94,7 @@ of the new API. This method returns a list of 2-tuples of the form returned by ``parseaddr()``. *fieldvalues* is a sequence of header field values as might be returned by :meth:`Message.get_all <email.message.Message.get_all>`. Here's a simple - example that gets all the recipients of a message:: + example that gets all the recipients of a message: from email.utils import getaddresses @@ -99,6 +104,25 @@ of the new API. resent_ccs = msg.get_all('resent-cc', []) all_recipients = getaddresses(tos + ccs + resent_tos + resent_ccs) + When parsing fails for a single fieldvalue, a 2-tuple of ``('', '')`` + is returned in its place. Other errors in parsing the list of + addresses such as a fieldvalue seemingly parsing into multiple + addresses may result in a list containing a single empty 2-tuple + ``[('', '')]`` being returned rather than returning potentially + invalid output. + + Example malformed input parsing: + + .. doctest:: + + >>> from email.utils import getaddresses + >>> getaddresses(['al...@example.com <b...@example.com>', 'm...@example.com']) + [('', '')] + + .. versionchanged:: 3.12 + The 2-tuple of ``('', '')`` in the returned values when parsing + fails were added as to address a security issue. + .. function:: parsedate(date) Index: Python-3.10.12/Lib/email/utils.py =================================================================== --- Python-3.10.12.orig/Lib/email/utils.py +++ Python-3.10.12/Lib/email/utils.py @@ -106,12 +106,54 @@ def formataddr(pair, charset='utf-8'): return address +def _pre_parse_validation(email_header_fields): + accepted_values = [] + for v in email_header_fields: + s = v.replace('\\(', '').replace('\\)', '') + if s.count('(') != s.count(')'): + v = "('', '')" + accepted_values.append(v) + + return accepted_values + + +def _post_parse_validation(parsed_email_header_tuples): + accepted_values = [] + # The parser would have parsed a correctly formatted domain-literal + # The existence of an [ after parsing indicates a parsing failure + for v in parsed_email_header_tuples: + if '[' in v[1]: + v = ('', '') + accepted_values.append(v) + + return accepted_values + def getaddresses(fieldvalues): - """Return a list of (REALNAME, EMAIL) for each fieldvalue.""" - all = COMMASPACE.join(str(v) for v in fieldvalues) + """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue. + + When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in + its place. + + If the resulting list of parsed address is not the same as the number of + fieldvalues in the input list a parsing error has occurred. A list + containing a single empty 2-tuple [('', '')] is returned in its place. + This is done to avoid invalid output. + """ + fieldvalues = [str(v) for v in fieldvalues] + fieldvalues = _pre_parse_validation(fieldvalues) + all = COMMASPACE.join(v for v in fieldvalues) a = _AddressList(all) - return a.addresslist + result = _post_parse_validation(a.addresslist) + + n = 0 + for v in fieldvalues: + n += v.count(',') + 1 + + if len(result) != n: + return [('', '')] + + return result def _format_timetuple_and_zone(timetuple, zone): @@ -212,9 +254,18 @@ def parseaddr(addr): Return a tuple of realname and email address, unless the parse fails, in which case return a 2-tuple of ('', ''). """ - addrs = _AddressList(addr).addresslist - if not addrs: - return '', '' + if isinstance(addr, list): + addr = addr[0] + + if not isinstance(addr, str): + return ('', '') + + addr = _pre_parse_validation([addr])[0] + addrs = _post_parse_validation(_AddressList(addr).addresslist) + + if not addrs or len(addrs) > 1: + return ('', '') + return addrs[0] Index: Python-3.10.12/Lib/test/test_email/test_email.py =================================================================== --- Python-3.10.12.orig/Lib/test/test_email/test_email.py +++ Python-3.10.12/Lib/test/test_email/test_email.py @@ -3288,15 +3288,90 @@ Foo [('Al Person', 'aper...@dom.ain'), ('Bud Person', 'bper...@dom.ain')]) + def test_getaddresses_parsing_errors(self): + """Test for parsing errors from CVE-2023-27043""" + eq = self.assertEqual + eq(utils.getaddresses(['al...@example.org(<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org)<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org<<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org><b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org@<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org,<b...@example.com>']), + [('', 'al...@example.org'), ('', 'b...@example.com')]) + eq(utils.getaddresses(['al...@example.org;<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org:<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org.<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org"<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org[<b...@example.com>']), + [('', '')]) + eq(utils.getaddresses(['al...@example.org]<b...@example.com>']), + [('', '')]) + + def test_parseaddr_parsing_errors(self): + """Test for parsing errors from CVE-2023-27043""" + eq = self.assertEqual + eq(utils.parseaddr(['al...@example.org(<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org)<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org<<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org><b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org@<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org,<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org;<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org:<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org.<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org"<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org[<b...@example.com>']), + ('', '')) + eq(utils.parseaddr(['al...@example.org]<b...@example.com>']), + ('', '')) + def test_getaddresses_nasty(self): eq = self.assertEqual eq(utils.getaddresses(['foo: ;']), [('', '')]) - eq(utils.getaddresses( - ['[]*-- =~$']), - [('', ''), ('', ''), ('', '*--')]) + eq(utils.getaddresses(['[]*-- =~$']), [('', '')]) eq(utils.getaddresses( ['foo: ;', '"Jason R. Mastaler" <ja...@dom.ain>']), [('', ''), ('Jason R. Mastaler', 'ja...@dom.ain')]) + eq(utils.getaddresses( + [r'Pete(A nice \) chap) <pete(his account)@silly.test(his host)>']), + [('Pete (A nice ) chap his account his host)', 'p...@silly.test')]) + eq(utils.getaddresses( + ['(Empty list)(start)Undisclosed recipients :(nobody(I know))']), + [('', '')]) + eq(utils.getaddresses( + ['Mary <@machine.tld:m...@example.net>, , jdoe@test . example']), + [('Mary', 'm...@example.net'), ('', ''), ('', 'jdoe@test.example')]) + eq(utils.getaddresses( + ['John Doe <jdoe@machine(comment). example>']), + [('John Doe (comment)', 'jdoe@machine.example')]) + eq(utils.getaddresses( + ['"Mary Smith: Personal Account" <smith@home.example>']), + [('Mary Smith: Personal Account', 'smith@home.example')]) + eq(utils.getaddresses( + ['Undisclosed recipients:;']), + [('', '')]) + eq(utils.getaddresses( + [r'<b...@nil.test>, "Giant; \"Big\" Box" <b...@example.net>']), + [('', 'b...@nil.test'), ('Giant; "Big" Box', 'b...@example.net')]) def test_getaddresses_embedded_comment(self): """Test proper handling of a nested comment""" Index: Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst =================================================================== --- /dev/null +++ Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst @@ -0,0 +1,4 @@ +CVE-2023-27043: Prevent :func:`email.utils.parseaddr` +and :func:`email.utils.getaddresses` from returning the realname portion of an +invalid RFC2822 email header in the email address portion of the 2-tuple +returned after being parsed by :class:`email._parseaddr.AddressList`. ++++++ Revert-gh105127-left-tests.patch ++++++ >From 4288c623d62cf90d8e4444facb3379fb06d01140 Mon Sep 17 00:00:00 2001 From: "Gregory P. Smith" <g...@krypto.org> Date: Thu, 20 Jul 2023 20:30:52 -0700 Subject: [PATCH] [3.12] gh-106669: Revert "gh-102988: Detect email address parsing errors ... (GH-105127)" (GH-106733) This reverts commit 18dfbd035775c15533d13a98e56b1d2bf5c65f00. Adds a regression test from the issue. See https://github.com/python/cpython/issues/106669.. (cherry picked from commit a31dea1feb61793e48fa9aa5014f358352205c1d) Co-authored-by: Gregory P. Smith <g...@krypto.org> --- Doc/library/email.utils.rst | 26 -- Lib/email/utils.py | 63 ------ Lib/test/test_email/test_email.py | 96 +--------- Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst | 5 4 files changed, 31 insertions(+), 159 deletions(-) create mode 100644 Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst Index: Python-3.10.12/Doc/library/email.utils.rst =================================================================== --- Python-3.10.12.orig/Doc/library/email.utils.rst +++ Python-3.10.12/Doc/library/email.utils.rst @@ -67,11 +67,6 @@ of the new API. *email address* parts. Returns a tuple of that information, unless the parse fails, in which case a 2-tuple of ``('', '')`` is returned. - .. versionchanged:: 3.12 - For security reasons, addresses that were ambiguous and could parse into - multiple different addresses now cause ``('', '')`` to be returned - instead of only one of the *potential* addresses. - .. function:: formataddr(pair, charset='utf-8') @@ -94,7 +89,7 @@ of the new API. This method returns a list of 2-tuples of the form returned by ``parseaddr()``. *fieldvalues* is a sequence of header field values as might be returned by :meth:`Message.get_all <email.message.Message.get_all>`. Here's a simple - example that gets all the recipients of a message: + example that gets all the recipients of a message:: from email.utils import getaddresses @@ -104,25 +99,6 @@ of the new API. resent_ccs = msg.get_all('resent-cc', []) all_recipients = getaddresses(tos + ccs + resent_tos + resent_ccs) - When parsing fails for a single fieldvalue, a 2-tuple of ``('', '')`` - is returned in its place. Other errors in parsing the list of - addresses such as a fieldvalue seemingly parsing into multiple - addresses may result in a list containing a single empty 2-tuple - ``[('', '')]`` being returned rather than returning potentially - invalid output. - - Example malformed input parsing: - - .. doctest:: - - >>> from email.utils import getaddresses - >>> getaddresses(['al...@example.com <b...@example.com>', 'm...@example.com']) - [('', '')] - - .. versionchanged:: 3.12 - The 2-tuple of ``('', '')`` in the returned values when parsing - fails were added as to address a security issue. - .. function:: parsedate(date) Index: Python-3.10.12/Lib/email/utils.py =================================================================== --- Python-3.10.12.orig/Lib/email/utils.py +++ Python-3.10.12/Lib/email/utils.py @@ -106,54 +106,12 @@ def formataddr(pair, charset='utf-8'): return address -def _pre_parse_validation(email_header_fields): - accepted_values = [] - for v in email_header_fields: - s = v.replace('\\(', '').replace('\\)', '') - if s.count('(') != s.count(')'): - v = "('', '')" - accepted_values.append(v) - - return accepted_values - - -def _post_parse_validation(parsed_email_header_tuples): - accepted_values = [] - # The parser would have parsed a correctly formatted domain-literal - # The existence of an [ after parsing indicates a parsing failure - for v in parsed_email_header_tuples: - if '[' in v[1]: - v = ('', '') - accepted_values.append(v) - - return accepted_values - def getaddresses(fieldvalues): - """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue. - - When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in - its place. - - If the resulting list of parsed address is not the same as the number of - fieldvalues in the input list a parsing error has occurred. A list - containing a single empty 2-tuple [('', '')] is returned in its place. - This is done to avoid invalid output. - """ - fieldvalues = [str(v) for v in fieldvalues] - fieldvalues = _pre_parse_validation(fieldvalues) - all = COMMASPACE.join(v for v in fieldvalues) + """Return a list of (REALNAME, EMAIL) for each fieldvalue.""" + all = COMMASPACE.join(str(v) for v in fieldvalues) a = _AddressList(all) - result = _post_parse_validation(a.addresslist) - - n = 0 - for v in fieldvalues: - n += v.count(',') + 1 - - if len(result) != n: - return [('', '')] - - return result + return a.addresslist def _format_timetuple_and_zone(timetuple, zone): @@ -254,18 +212,9 @@ def parseaddr(addr): Return a tuple of realname and email address, unless the parse fails, in which case return a 2-tuple of ('', ''). """ - if isinstance(addr, list): - addr = addr[0] - - if not isinstance(addr, str): - return ('', '') - - addr = _pre_parse_validation([addr])[0] - addrs = _post_parse_validation(_AddressList(addr).addresslist) - - if not addrs or len(addrs) > 1: - return ('', '') - + addrs = _AddressList(addr).addresslist + if not addrs: + return '', '' return addrs[0] Index: Python-3.10.12/Lib/test/test_email/test_email.py =================================================================== --- Python-3.10.12.orig/Lib/test/test_email/test_email.py +++ Python-3.10.12/Lib/test/test_email/test_email.py @@ -3288,90 +3288,32 @@ Foo [('Al Person', 'aper...@dom.ain'), ('Bud Person', 'bper...@dom.ain')]) - def test_getaddresses_parsing_errors(self): - """Test for parsing errors from CVE-2023-27043""" - eq = self.assertEqual - eq(utils.getaddresses(['al...@example.org(<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org)<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org<<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org><b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org@<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org,<b...@example.com>']), - [('', 'al...@example.org'), ('', 'b...@example.com')]) - eq(utils.getaddresses(['al...@example.org;<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org:<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org.<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org"<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org[<b...@example.com>']), - [('', '')]) - eq(utils.getaddresses(['al...@example.org]<b...@example.com>']), - [('', '')]) - - def test_parseaddr_parsing_errors(self): - """Test for parsing errors from CVE-2023-27043""" - eq = self.assertEqual - eq(utils.parseaddr(['al...@example.org(<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org)<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org<<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org><b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org@<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org,<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org;<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org:<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org.<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org"<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org[<b...@example.com>']), - ('', '')) - eq(utils.parseaddr(['al...@example.org]<b...@example.com>']), - ('', '')) + def test_getaddresses_comma_in_name(self): + """GH-106669 regression test.""" + self.assertEqual( + utils.getaddresses( + [ + '"Bud, Person" <bper...@dom.ain>', + 'aper...@dom.ain (Al Person)', + '"Mariusz Felisiak" <t...@example.com>', + ] + ), + [ + ('Bud, Person', 'bper...@dom.ain'), + ('Al Person', 'aper...@dom.ain'), + ('Mariusz Felisiak', 't...@example.com'), + ], + ) def test_getaddresses_nasty(self): eq = self.assertEqual eq(utils.getaddresses(['foo: ;']), [('', '')]) - eq(utils.getaddresses(['[]*-- =~$']), [('', '')]) + eq(utils.getaddresses( + ['[]*-- =~$']), + [('', ''), ('', ''), ('', '*--')]) eq(utils.getaddresses( ['foo: ;', '"Jason R. Mastaler" <ja...@dom.ain>']), [('', ''), ('Jason R. Mastaler', 'ja...@dom.ain')]) - eq(utils.getaddresses( - [r'Pete(A nice \) chap) <pete(his account)@silly.test(his host)>']), - [('Pete (A nice ) chap his account his host)', 'p...@silly.test')]) - eq(utils.getaddresses( - ['(Empty list)(start)Undisclosed recipients :(nobody(I know))']), - [('', '')]) - eq(utils.getaddresses( - ['Mary <@machine.tld:m...@example.net>, , jdoe@test . example']), - [('Mary', 'm...@example.net'), ('', ''), ('', 'jdoe@test.example')]) - eq(utils.getaddresses( - ['John Doe <jdoe@machine(comment). example>']), - [('John Doe (comment)', 'jdoe@machine.example')]) - eq(utils.getaddresses( - ['"Mary Smith: Personal Account" <smith@home.example>']), - [('Mary Smith: Personal Account', 'smith@home.example')]) - eq(utils.getaddresses( - ['Undisclosed recipients:;']), - [('', '')]) - eq(utils.getaddresses( - [r'<b...@nil.test>, "Giant; \"Big\" Box" <b...@example.net>']), - [('', 'b...@nil.test'), ('Giant; "Big" Box', 'b...@example.net')]) def test_getaddresses_embedded_comment(self): """Test proper handling of a nested comment""" Index: Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst =================================================================== --- Python-3.10.12.orig/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst +++ Python-3.10.12/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst @@ -1,3 +1,8 @@ +Reverted the :mod:`email.utils` security improvement change released in +3.12beta4 that unintentionally caused :mod:`email.utils.getaddresses` to fail +to parse email addresses with a comma in the quoted name field. +See :gh:`106669`. + CVE-2023-27043: Prevent :func:`email.utils.parseaddr` and :func:`email.utils.getaddresses` from returning the realname portion of an invalid RFC2822 email header in the email address portion of the 2-tuple ++++++ fix_configure_rst.patch ++++++ --- /var/tmp/diff_new_pack.5JFBm2/_old 2023-08-06 16:29:15.899583657 +0200 +++ /var/tmp/diff_new_pack.5JFBm2/_new 2023-08-06 16:29:15.903583683 +0200 @@ -3,8 +3,10 @@ Misc/NEWS | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) ---- a/Doc/using/configure.rst -+++ b/Doc/using/configure.rst +Index: Python-3.10.12/Doc/using/configure.rst +=================================================================== +--- Python-3.10.12.orig/Doc/using/configure.rst ++++ Python-3.10.12/Doc/using/configure.rst @@ -42,7 +42,6 @@ General Options See :data:`sys.int_info.bits_per_digit <sys.int_info>`. @@ -13,7 +15,7 @@ .. cmdoption:: --with-cxx-main=COMPILER Compile the Python ``main()`` function and link Python executable with C++ -@@ -457,13 +456,11 @@ macOS Options +@@ -473,13 +472,11 @@ macOS Options See ``Mac/README.rst``. @@ -27,9 +29,11 @@ .. cmdoption:: --enable-framework=INSTALLDIR Create a Python.framework rather than a traditional Unix install. Optional ---- a/Misc/NEWS -+++ b/Misc/NEWS -@@ -3422,7 +3422,7 @@ C API +Index: Python-3.10.12/Misc/NEWS +=================================================================== +--- Python-3.10.12.orig/Misc/NEWS ++++ Python-3.10.12/Misc/NEWS +@@ -3618,7 +3618,7 @@ C API ----- - bpo-43795: The list in :ref:`stable-abi-list` now shows the public name ++++++ gh-78214-marshal_stabilize_FLAG_REF.patch ++++++ --- /var/tmp/diff_new_pack.5JFBm2/_old 2023-08-06 16:29:15.915583760 +0200 +++ /var/tmp/diff_new_pack.5JFBm2/_new 2023-08-06 16:29:15.919583785 +0200 @@ -7,8 +7,10 @@ Python/marshal.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) ---- a/Python/marshal.c -+++ b/Python/marshal.c +Index: Python-3.10.12/Python/marshal.c +=================================================================== +--- Python-3.10.12.orig/Python/marshal.c ++++ Python-3.10.12/Python/marshal.c @@ -298,9 +298,14 @@ w_ref(PyObject *v, char *flag, WFILE *p) if (p->version < 3 || p->hashtable == NULL) return 0; /* not writing object references */ ++++++ subprocess-raise-timeout.patch ++++++ --- /var/tmp/diff_new_pack.5JFBm2/_old 2023-08-06 16:29:16.011584374 +0200 +++ /var/tmp/diff_new_pack.5JFBm2/_new 2023-08-06 16:29:16.015584400 +0200 @@ -2,9 +2,11 @@ Lib/test/test_subprocess.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---- a/Lib/test/test_subprocess.py -+++ b/Lib/test/test_subprocess.py -@@ -267,7 +267,8 @@ class ProcessTestCase(BaseTestCase): +Index: Python-3.10.12/Lib/test/test_subprocess.py +=================================================================== +--- Python-3.10.12.orig/Lib/test/test_subprocess.py ++++ Python-3.10.12/Lib/test/test_subprocess.py +@@ -268,7 +268,8 @@ class ProcessTestCase(BaseTestCase): "time.sleep(3600)"], # Some heavily loaded buildbots (sparc Debian 3.x) require # this much time to start and print.