commit python3 for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package python3 for openSUSE:Leap:15.2:Update checked in at 2020-08-26 20:22:30 Comparing /work/SRC/openSUSE:Leap:15.2:Update/python3 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.python3.new.3399 (New) Package is "python3" Wed Aug 26 20:22:30 2020 rev:2 rq:828805 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.F1itYK/_old 2020-08-26 20:22:41.121804179 +0200 +++ /var/tmp/diff_new_pack.F1itYK/_new 2020-08-26 20:22:41.121804179 +0200 @@ -1 +1 @@ - +
commit python3 for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package python3 for openSUSE:Leap:15.2 checked in at 2020-05-21 12:58:52 Comparing /work/SRC/openSUSE:Leap:15.2/python3 (Old) and /work/SRC/openSUSE:Leap:15.2/.python3.new.2738 (New) Package is "python3" Thu May 21 12:58:52 2020 rev:58 rq:807795 version:3.6.10 Changes: --- /work/SRC/openSUSE:Leap:15.2/python3/python3-base.changes 2020-03-20 05:14:56.754549644 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.python3.new.2738/python3-base.changes 2020-05-21 12:58:52.894735232 +0200 @@ -1,0 +2,6 @@ +Tue Mar 10 09:56:57 UTC 2020 - Matej Cepl + +- Change name of idle3 icons to idle3.png + to avoid collision with Python 2 version (bsc#1165894). + +--- @@ -113 +119 @@ - CVE-2019-16056] + bnc#1149955, CVE-2019-16056] python3-doc.changes: same change python3.changes: same change Other differences: -- python3-doc.spec: same change python3.spec: same change
commit python3 for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package python3 for openSUSE:Leap:15.2
checked in at 2020-03-20 05:14:55
Comparing /work/SRC/openSUSE:Leap:15.2/python3 (Old)
and /work/SRC/openSUSE:Leap:15.2/.python3.new.3160 (New)
Package is "python3"
Fri Mar 20 05:14:55 2020 rev:57 rq:786344 version:3.6.10
Changes:
--- /work/SRC/openSUSE:Leap:15.2/python3/python3-base.changes 2020-03-09
17:59:28.416642020 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.python3.new.3160/python3-base.changes
2020-03-20 05:14:56.754549644 +0100
@@ -18,0 +19,8 @@
+Mon Feb 3 19:54:25 UTC 2020 - Tomáš Chvátal
+
+- Reame idle icons to idle3 in order to not conflict with python2
+ variant of the package bsc#1165894
+ * renamed the icons
+ * renamed icon load in desktop file
+
+---
python3-doc.changes: same change
python3.changes: same change
Other differences:
--
python3-doc.spec: same change
++ python3.spec ++
--- /var/tmp/diff_new_pack.gtgSFZ/_old 2020-03-20 05:14:57.814550355 +0100
+++ /var/tmp/diff_new_pack.gtgSFZ/_new 2020-03-20 05:14:57.818550358 +0100
@@ -379,7 +379,7 @@
# install idle icons
for size in 16 32 48 ; do
install -m 644 -D Lib/idlelib/Icons/idle_${size}.png \
-%{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle.png
+%{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle3.png
done
# install idle desktop file
@@ -431,7 +431,7 @@
%{_bindir}/idle3
%{_datadir}/applications/idle3.desktop
%{_datadir}/metainfo/idle3.appdata.xml
-%{_datadir}/icons/hicolor/*/apps/idle.png
+%{_datadir}/icons/hicolor/*/apps/idle3.png
%dir %{_datadir}/icons/hicolor
%dir %{_datadir}/icons/hicolor/16x16
%dir %{_datadir}/icons/hicolor/32x32
++ idle3.desktop ++
--- /var/tmp/diff_new_pack.gtgSFZ/_old 2020-03-20 05:14:57.894550409 +0100
+++ /var/tmp/diff_new_pack.gtgSFZ/_new 2020-03-20 05:14:57.894550409 +0100
@@ -7,6 +7,6 @@
TryExec=idle3
Terminal=false
Type=Application
-Icon=idle
+Icon=idle3
Categories=Development;IDE;
MimeType=text/x-python;
commit python3 for openSUSE:Leap:15.2:SLE-workarounds
Hello community,
here is the log from the commit of package python3 for
openSUSE:Leap:15.2:SLE-workarounds checked in at 2020-03-19 09:30:54
Comparing /work/SRC/openSUSE:Leap:15.2:SLE-workarounds/python3 (Old)
and /work/SRC/openSUSE:Leap:15.2:SLE-workarounds/.python3.new.3160 (New)
Package is "python3"
Thu Mar 19 09:30:54 2020 rev:3 rq: version:3.6.10
Changes:
--- /work/SRC/openSUSE:Leap:15.2:SLE-workarounds/python3/python3-base.changes
2020-01-16 12:04:35.084701449 +0100
+++
/work/SRC/openSUSE:Leap:15.2:SLE-workarounds/.python3.new.3160/python3-base.changes
2020-03-19 09:30:56.259557027 +0100
@@ -2 +2 @@
-Mon Dec 2 11:48:00 CET 2019 - Matej Cepl
+Sat Feb 8 23:29:28 CET 2020 - Matej Cepl
@@ -4,3 +4,87 @@
-- Stop building qthelp documentation. Recent qhelpgenerator-qt5
- is not compatible with the generated source files.
- Fixes bsc#1158158
+- Add CVE-2019-9674-zip-bomb.patch to improve documentation
+ warning about dangers of zip-bombs and other security problems
+ with zipfile library. (bsc#1162825 CVE-2019-9674)
+- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug
+ "Python urrlib allowed an HTTP server to conduct Regular
+ Expression Denial of Service (ReDoS)" (bsc#1162367)
+
+---
+Sat Feb 8 22:21:10 CET 2020 - Matej Cepl
+
+- Add Requires: libpython%{so_version} == %{version}-%{release}
+ to python3-base to keep both packages always synchronized
+ (bsc#1162224).
+
+---
+Mon Feb 3 19:54:25 UTC 2020 - Tomáš Chvátal
+
+- Reame idle icons to idle3 in order to not conflict with python2
+ variant of the package bsc#1165894
+ * renamed the icons
+ * renamed icon load in desktop file
+
+---
+Tue Jan 28 17:54:50 CET 2020 - Matej Cepl
+
+- Add pep538_coerce_legacy_c_locale.patch to coerce locale to
+ C.UTF-8 always (bsc#1162423).
+
+---
+Thu Dec 19 16:42:56 CET 2019 - Matej Cepl
+
+- Update to 3.6.10 (still in line with jsc#SLE-9426,
+ jsc#SLE-9427, bsc#1159035):
+ - Security:
+- bpo-38945: Newline characters have been escaped when
+ performing uu encoding to prevent them from overflowing
+ into to content section of the encoded file. This prevents
+ malicious or accidental modification of data during the
+ decoding process.
+- bpo-37228: Due to significant security concerns, the
+ reuse_address parameter of
+ asyncio.loop.create_datagram_endpoint() is no longer
+ supported. This is because of the behavior of SO_REUSEADDR
+ in UDP. For more details, see the documentation for
+ loop.create_datagram_endpoint(). (Contributed by Kyle
+ Stanley, Antoine Pitrou, and Yury Selivanov in bpo-37228.)
+- bpo-38804: Fixes a ReDoS vulnerability in http.cookiejar.
+ Patch by Ben Caller.
+- bpo-38243: Escape the server title of
+ xmlrpc.server.DocXMLRPCServer when rendering the document
+ page as HTML. (Contributed by Dong-hee Na in bpo-38243.)
+- bpo-38174: Update vendorized expat library version to
+ 2.2.8, which resolves CVE-2019-15903.
+- bpo-37461: Fix an infinite loop when parsing specially
+ crafted email headers. Patch by Abhilash Raj.
+- bpo-34155: Fix parsing of invalid email addresses with more
+ than one @ (e.g. a@b...@c.com.) to not return the part before
+ 2nd @ as valid email address. Patch by maxking & jpic.
+ - Library:
+- bpo-38216: Allow the rare code that wants to send invalid
+ http requests from the http.client library a way to do so.
+ The fixes for bpo-30458 led to breakage for some projects
+ that were relying on this ability to test their own
+ behavior in the face of bad requests.
+- bpo-36564: Fix infinite loop in email header folding logic
+ that would be triggered when an email policy’s
+ max_line_length is not long enough to include the required
+ markup and any values in the message. Patch by Paul Ganssle
+- Remove patches included in the upstream tarball:
+ - CVE-2019-16935-xmlrpc-doc-server_title.patch
+ - CVE-2019-16056-email-parse-addr.patch
+- Move idle subpackage build from python3-base to python3 (bsc#1159622).
+ appstream-glib required for packaging introduces considerable
+ extra dependencies and a build loop via rust/librsvg.
+- Correct installation of idle IDE icons:
+ + idle.png is not the target directory
+ + non-GNOME-specific icons belong into icons/hicolor
+- Add required Name key to idle3 desktop file
+
+---
+Thu Dec 12 14:17:45 CET 2019 - Matej Cepl
+
+- Unify all Python 3.6* SLE packages into one
commit python3 for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package python3 for openSUSE:Leap:15.2
checked in at 2020-03-09 17:59:26
Comparing /work/SRC/openSUSE:Leap:15.2/python3 (Old)
and /work/SRC/openSUSE:Leap:15.2/.python3.new.26092 (New)
Package is "python3"
Mon Mar 9 17:59:26 2020 rev:56 rq:781318 version:3.6.10
Changes:
--- /work/SRC/openSUSE:Leap:15.2/python3/python3-base.changes 2020-01-15
15:54:49.835645612 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.python3.new.26092/python3-base.changes
2020-03-09 17:59:28.416642020 +0100
@@ -2 +2 @@
-Mon Dec 2 11:48:00 CET 2019 - Matej Cepl
+Sat Feb 8 23:29:28 CET 2020 - Matej Cepl
@@ -4,3 +4,79 @@
-- Stop building qthelp documentation. Recent qhelpgenerator-qt5
- is not compatible with the generated source files.
- Fixes bsc#1158158
+- Add CVE-2019-9674-zip-bomb.patch to improve documentation
+ warning about dangers of zip-bombs and other security problems
+ with zipfile library. (bsc#1162825 CVE-2019-9674)
+- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug
+ "Python urrlib allowed an HTTP server to conduct Regular
+ Expression Denial of Service (ReDoS)" (bsc#1162367)
+
+---
+Sat Feb 8 22:21:10 CET 2020 - Matej Cepl
+
+- Add Requires: libpython%{so_version} == %{version}-%{release}
+ to python3-base to keep both packages always synchronized
+ (bsc#1162224).
+
+---
+Tue Jan 28 17:54:50 CET 2020 - Matej Cepl
+
+- Add pep538_coerce_legacy_c_locale.patch to coerce locale to
+ C.UTF-8 always (bsc#1162423).
+
+---
+Thu Dec 19 16:42:56 CET 2019 - Matej Cepl
+
+- Update to 3.6.10 (still in line with jsc#SLE-9426,
+ jsc#SLE-9427, bsc#1159035):
+ - Security:
+- bpo-38945: Newline characters have been escaped when
+ performing uu encoding to prevent them from overflowing
+ into to content section of the encoded file. This prevents
+ malicious or accidental modification of data during the
+ decoding process.
+- bpo-37228: Due to significant security concerns, the
+ reuse_address parameter of
+ asyncio.loop.create_datagram_endpoint() is no longer
+ supported. This is because of the behavior of SO_REUSEADDR
+ in UDP. For more details, see the documentation for
+ loop.create_datagram_endpoint(). (Contributed by Kyle
+ Stanley, Antoine Pitrou, and Yury Selivanov in bpo-37228.)
+- bpo-38804: Fixes a ReDoS vulnerability in http.cookiejar.
+ Patch by Ben Caller.
+- bpo-38243: Escape the server title of
+ xmlrpc.server.DocXMLRPCServer when rendering the document
+ page as HTML. (Contributed by Dong-hee Na in bpo-38243.)
+- bpo-38174: Update vendorized expat library version to
+ 2.2.8, which resolves CVE-2019-15903.
+- bpo-37461: Fix an infinite loop when parsing specially
+ crafted email headers. Patch by Abhilash Raj.
+- bpo-34155: Fix parsing of invalid email addresses with more
+ than one @ (e.g. a@b...@c.com.) to not return the part before
+ 2nd @ as valid email address. Patch by maxking & jpic.
+ - Library:
+- bpo-38216: Allow the rare code that wants to send invalid
+ http requests from the http.client library a way to do so.
+ The fixes for bpo-30458 led to breakage for some projects
+ that were relying on this ability to test their own
+ behavior in the face of bad requests.
+- bpo-36564: Fix infinite loop in email header folding logic
+ that would be triggered when an email policy’s
+ max_line_length is not long enough to include the required
+ markup and any values in the message. Patch by Paul Ganssle
+- Remove patches included in the upstream tarball:
+ - CVE-2019-16935-xmlrpc-doc-server_title.patch
+ - CVE-2019-16056-email-parse-addr.patch
+- Move idle subpackage build from python3-base to python3 (bsc#1159622).
+ appstream-glib required for packaging introduces considerable
+ extra dependencies and a build loop via rust/librsvg.
+- Correct installation of idle IDE icons:
+ + idle.png is not the target directory
+ + non-GNOME-specific icons belong into icons/hicolor
+- Add required Name key to idle3 desktop file
+
+---
+Thu Dec 12 14:17:45 CET 2019 - Matej Cepl
+
+- Unify all Python 3.6* SLE packages into one (jsc#SLE-9426,
+ jsc#SLE-9427, bsc#1159035)
+ - Patches which were already included upstream:
+- CVE-2018-1061-DOS-via-regexp-difflib.patch
+- CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
@@ -50,0 +127,14 @@
+Wed Jul 24 17:19:58 CEST 2019 - Matej Cepl
+
+- FAKE RECORD FROM SLE-12 CHANNEL Apply
+
