|
|
|
|
Changelog for libpython2_7-1_0-32bit-2.7.15-8.6.x86_64.rpm :
Wed Dec 19 13:00:00 2018 Todd R - Use upstream-recommended %{_rpmconfigdir}/macros.d directory for the rpm macros.
Fri Oct 26 14:00:00 2018 Tomáš Chvátal - Add patch openssl-111.patch to work with openssl-1.1.1
Tue Sep 25 14:00:00 2018 Matěj Cepl - Apply \"CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch\" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802]
Mon May 21 14:00:00 2018 michaelAATTstroeder.com - update to 2.7.15 * dozens of bugfixes, see NEWS for details - removed obsolete patches: * python-ncurses-6.0-accessors.patch * python-fix-shebang.patch * gcc8-miscompilation-fix.patch - add patch from upstream: * do-not-use-non-ascii-in-test_ssl.patch
Fri Apr 6 14:00:00 2018 mliskaAATTsuse.cz - Add gcc8-miscompilation-fix.patch (boo#1084650).
Tue Feb 20 13:00:00 2018 bwiedemannAATTsuse.com - Add python-sorted_tar.patch (boo#1081750)
Mon Feb 5 13:00:00 2018 normandAATTlinux.vnet.ibm.com - exclude test_socket & test_subprocess for PowerPC boo#1078485 (same ref as previous change)
Fri Feb 2 13:00:00 2018 normandAATTlinux.vnet.ibm.com - Add python-skip_random_failing_tests.patch bypass boo#1078485 and exclude many tests for PowerPC
Tue Jan 30 13:00:00 2018 tchvatalAATTsuse.com - Add patch python-fix-shebang.patch to fix bsc#1078326
Fri Dec 22 13:00:00 2017 jmatejekAATTsuse.com - exclude test_regrtest for s390, where it does not segfault as it should (fixes bsc#1073269) - fix segfault while creating weakref - bsc#1073748, bpo#29347 (this is actually fixed by the 2.7.14 update; mentioning this for purposes of bugfix tracking)
Mon Nov 20 13:00:00 2017 jmatejekAATTsuse.com - update to 2.7.14 * dozens of bugfixes, see NEWS for details * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664) * fixed segfaults with dict mutated during search * fixed possible free-after-use problems with buffer objects with custom indexing * fixed urllib.splithost to correctly parse fragments (bpo-30500) - drop upstreamed python-2.7.13-overflow_check.patch - drop unneeded python-2.7.12-makeopcode.patch - drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch
Thu Nov 2 13:00:00 2017 mpluskalAATTsuse.com - Call python2 instead of python in macros
Thu Aug 17 14:00:00 2017 kukukAATTsuse.de - Add libnsl-devel build requires for glibc obsoleting libnsl
Mon May 15 14:00:00 2017 jmatejekAATTsuse.com - obsolete/provide python-argparse and provide python2-argparse, because the argparse module is available from python 2.7 up
Fri Feb 24 13:00:00 2017 bwiedemannAATTsuse.com - Add reproducible.patch to allow reproducible builds of various python packages like python-amqp Upstream: https://github.com/python/cpython/pull/296
Tue Jan 3 13:00:00 2017 jmatejekAATTsuse.com - update to 2.7.13 * dozens of bugfixes, see NEWS for details * updated cipher lists for openssl wrapper, support openssl >= 1.1.0 * properly fix HTTPoxy (CVE-2016-1000110) * profile-opt build now applies PGO to modules as well - update python-2.7.10-overflow_check.patch with python-2.7.13-overflow_check.patch, incorporating upstream changes - add \"-fwrapv\" to optflags explicitly because upstream code still relies on it in many places
Fri Dec 2 13:00:00 2016 jmatejekAATTsuse.com - provide python2- * symbols, for support of new packages built as python2-foo - rename macros.python to macros.python2 accordingly - require python-rpm-macros package, drop macro definitions from macros.python2
Thu Jun 30 14:00:00 2016 jmatejekAATTsuse.com - update to 2.7.12 * dozens of bugfixes, see NEWS for details * fixes multiple security issues: CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751) CVE-2016-5636 zipimporter heap overflow (bsc#985177) CVE-2016-5699 httplib header injection (bsc#985348) (this one is actually fixed since 2.7.10) - removed upstreamed python-2.7.7-mhlib-linkcount.patch - refreshed multilib patch - python-2.7.12-makeopcode.patch - run newly-built python interpreter to make opcodes, in order not to require pre-built python - update LD_LIBRARY_PATH to use $PWD instead of \".\" because the test process escapes to its own directory - modify shebang-fixing scriptlet to ignore makeopcodetargets.py
Fri Jan 29 13:00:00 2016 rguentherAATTsuse.com - Add python-2.7.10-overflow_check.patch to fix broken overflow checks. [bnc#964182]
Mon Sep 14 14:00:00 2015 jmatejekAATTsuse.com - copy strict-tls-checks subpackage from SLE to retain future compatibility (not built in openSUSE) - do this properly to fix bnc#945401
Wed Sep 9 14:00:00 2015 dimstarAATTopensuse.org - Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1.
Wed Jun 10 14:00:00 2015 dmuellerAATTsuse.com - add __python2 compatibility macro (used by Fedora)
Sun May 24 14:00:00 2015 michaelAATTstroeder.com - update to 2.7.10 - removed obsolete python-2.7-urllib2-localnet-ssl.patch
Tue May 19 14:00:00 2015 schwabAATTsuse.de - Reenable test_posix on aarch64
Sun Dec 21 13:00:00 2014 schwabAATTsuse.de - python-2.7.4-aarch64.patch: Remove obsolete patch - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64
Fri Dec 12 13:00:00 2014 jmatejekAATTsuse.com - update to 2.7.9 * contains full backport of ssl module from Python 3.4 (PEP466) * HTTPS certificate validation enabled by default (PEP476) * SSLv3 disabled by default (bnc#901715) * backported ensurepip module (PEP477) * fixes several missing CVEs from last release: CVE-2013-1752, CVE-2013-1753 * dozens of minor bugfixes - dropped upstreamed patches: python-2.7.6-poplib.patch, smtplib_maxline-2.7.patch, xmlrpc_gzip_27.patch - dropped patch python-2.7.3-ssl_ca_path.patch because we don\'t need it with ssl module from Python 3 - libffi was upgraded upstream, seems to contain our changes, so dropping libffi-ppc64le.diff as well - python-2.7-urllib2-localnet-ssl.patch - properly remove unconditional \"import ssl\" from test_urllib2_localnet that caused it to fail without ssl
Wed Oct 22 14:00:00 2014 dmuellerAATTsuse.com - skip test_thread in qemu_linux_user mode
Tue Sep 30 14:00:00 2014 jmatejekAATTsuse.com - update to 2.7.8 * bugfix-only release, dozens of bugs fixed * fixes CVE-2014-4650 directory traversal in CGIHTTPServer * fixes CVE-2014-7185 (bnc#898572) potential buffer overflow in buffer() - dropped upstreamed CVE-2014-4650-CGIHTTPserver-traversal.patch
Wed Jul 23 14:00:00 2014 jmatejekAATTsuse.com - CVE-2014-4650-CGIHTTPServer-traversal.patch: CGIHTTPServer file disclosure and directory traversal through URL-encoded characters (CVE-2014-4650, bnc#885882) - python-2.7.7-mhlib-linkcount.patch: remove link count optimizations that are incorrect on btrfs (and possibly other filesystems)
Fri Jun 20 14:00:00 2014 jmatejekAATTsuse.com - update to 2.7.7 * bugfix-only release, over a hundred bugs fixed * backported hmac.compare_digest from python3, first step of PEP 466 - drop upstreamed patches: * CVE-2014-1912-recvfrom_into.patch * python-2.7.4-no-REUSEPORT.patch * python-2.7.6-bdist-rpm.patch * python-2.7.6-imaplib.patch * python-2.7.6-sqlite-3.8.4-tests.patch - refresh patches: * python-2.7.3-ssl_ca_path.patch * python-2.7.4-canonicalize2.patch * xmlrpc_gzip_27.patch - added python keyring and signature for the main tarball
Sat Mar 15 13:00:00 2014 schwabAATTsuse.de - Use profile-opt only when profiling is enabled - python-2.7.2-disable-tests-in-test_io.patch: removed, no longer needed - update testsuite exclusion list: * test_signal and test_posix fail due to qemu bugs
Fri Mar 14 13:00:00 2014 andreas.stiegerAATTgmx.de - Fix build with SQLite 3.8.4 [bnc#867887], fixing SQLite tests, adding python-2.7.6-sqlite-3.8.4-tests.patch
Mon Feb 10 13:00:00 2014 jmatejekAATTsuse.com - added patches for CVE-2013-1752 (bnc#856836) issues that are missing in 2.7.6: python-2.7.6-imaplib.patch python-2.7.6-poplib.patch smtplib_maxline-2.7.patch - CVE-2013-1753 (bnc#856835) gzip decompression bomb in xmlrpc client: xmlrpc_gzip_27.patch - python-2.7.6-bdist-rpm.patch: fix broken \"setup.py bdist_rpm\" command (bnc#857470, issue18045) - multilib patch: add \"~/.local/lib64\" paths to search path (bnc#637176) - CVE-2014-1912-recvfrom_into.patch: fix potential buffer overflow in socket.recvfrom_into (CVE-2014-1912, bnc#863741)
Tue Dec 10 13:00:00 2013 uweigandAATTde.ibm.com - Add Obsoletes/Provides for python-ctypes.
Sat Dec 7 13:00:00 2013 matzAATTsuse.de - Ignore uuid testcase in the testsuite, it relies on unreliable ifconfig output.
Tue Dec 3 13:00:00 2013 mlsAATTsuse.de - adapt python-2.7.5-multilib.patch for ppc64le
Tue Dec 3 13:00:00 2013 dvaleevAATTsuse.com - adjust %files for ppc64le
Tue Dec 3 13:00:00 2013 matzAATTsuse.de - Support for ppc64le in _ctypes libffi copy. - added patches: * libffi-ppc64le.diff
Tue Dec 3 13:00:00 2013 adrianAATTsuse.de - add ppc64le rules - avoid errors from source-validator
Thu Nov 21 13:00:00 2013 jmatejekAATTsuse.com - update to 2.7.6 * bugfix-only release * SSL-related fixes * upstream fix for CVE-2013-4238 * upstream fixes for CVE-2013-1752 - removed upstreamed patch CVE-2013-4238_py27.patch - reintroduce audioop.so as the problems with it seem to be fixed (bnc#831442)
Thu Oct 10 14:00:00 2013 dmuellerAATTsuse.com - exclude test_mmap under qemu_linux_user - emulation fails here as the tests mmap address conflicts with qemu
Tue Jul 9 14:00:00 2013 jengelhAATTinai.de - Add python-bsddb6.diff to support building against libdb-6.0
Sat Jul 6 14:00:00 2013 cooloAATTsuse.com - have python-devel require python: http://lists.opensuse.org/opensuse-factory/2013-06/msg00622.html
Sun Jun 30 14:00:00 2013 schwabAATTsuse.de - Disable test_multiprocessing in QEmu build
Wed Jun 5 14:00:00 2013 schwabAATTsuse.de - Disable test_asyncore in QEmu build - Reenable testsuite on arm
Thu May 30 14:00:00 2013 jmatejekAATTsuse.com - python-2.7.4-aarch64.patch: add missing bits of aarch64 support - python-2.7.4-no-REUSEPORT.patch: disable test of missing kernel functionality - drop unnecessary patch: python-2.7.1-distutils_test_path.patch - switch to xz archive
Tue May 28 14:00:00 2013 speilickeAATTsuse.com - Update to version 2.7.5: + bugfix-only release + fixes several important regressions introduced in 2.7.4 + Issue #15535: Fixed regression in the pickling of named tuples by removing the __dict__ property introduced in 2.7.4. + Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3, such as was shipped with Centos 5 and Mac OS X 10.4. + Issue #17703: Fix a regression where an illegal use of Py_DECREF() after interpreter finalization can cause a crash. + Issue #16447: Fixed potential segmentation fault when setting __name__ on a class. + Issue #17610: Don\'t rely on non-standard behavior of the C qsort() function. 12 See http://hg.python.org/cpython/file/ab05e7dd2788/Misc/NEWS for more - Drop upstreamed patches: + python-2.7.3-fix-dbm-64bit-bigendian.patch + python-test_structmembers.patch - Rebased other patches
Mon May 13 14:00:00 2013 dmuellerAATTsuse.com - add aarch64 to the list of 64-bit platforms
Thu May 9 14:00:00 2013 jmatejekAATTsuse.com - update to 2.7.4 * bugfix-only release - drop upstreamed patches: pypirc-secure.diff python-2.7.3-multiprocessing-join.patch ctypes-libffi-aarch64.patch - drop python-2.7rc2-configure.patch as it doesn\'t seem necessary anymore
Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com - Add Source URL, see https://en.opensuse.org/SourceUrls
Wed Feb 27 13:00:00 2013 schwabAATTsuse.de - Add aarch64 to the list of lib64 platforms
Sat Feb 9 13:00:00 2013 schwabAATTsuse.de - Add ctypes-libffi-aarch64.patch: import aarch64 support for libffi in _ctypes module
Fri Feb 8 13:00:00 2013 jmatejekAATTsuse.com - multiprocessing: thread joining itself (bnc#747794) - gettext: fix cases where no bundle is found (bnc#794139)
Thu Oct 25 14:00:00 2012 cooloAATTsuse.com - add explicit buildrequire on libbz2-devel
Mon Oct 15 14:00:00 2012 cooloAATTsuse.com - buildrequire explicitly netcfg for the test suite
Mon Oct 8 14:00:00 2012 jmatejekAATTsuse.com - remove distutils.cfg (bnc#658604) * this changes default prefix for distutils to /usr * see ML for details: http://lists.opensuse.org/opensuse-packaging/2012-09/msg00254.html
Fri Aug 3 14:00:00 2012 dimstarAATTopensuse.org - Add python-bundle-lang.patch: gettext: If bindtextdomain is instructed to look in the default location of translations, we check additionally in locale-bundle. Fixes issues like bnc#617751
Tue Jul 31 14:00:00 2012 jmatejekAATTsuse.com - all subpackages require python-base=%{version}-%{release} explicitly (fixes bnc#766778 bug and similar that might arise in the future)
Tue Jun 26 14:00:00 2012 dvaleevAATTsuse.com - Fix failing test_dbm on ppc64
Thu May 17 14:00:00 2012 jfunkAATTfunktronics.ca - Support directory-based certificate stores with the ca_certs parameter of SSL functions [bnc#761501]
Sat Apr 14 14:00:00 2012 dmuellerAATTsuse.com - update to 2.7.3: * no change - remove static libpython.a from build to avoid packages linking it statically
Wed Mar 28 14:00:00 2012 jmatejekAATTsuse.com - update to 2.7.3rc2 * fixes several security issues: * CVE-2012-0845, bnc#747125 * CVE-2012-1150, bnc#751718 * CVE-2011-4944, bnc#754447 * CVE-2011-3389 - fix for insecure .pypirc (CVE-2011-4944, bnc#754447) !!important!! - disabled test_unicode which segfaults on 64bits. this should not happen, revisit in next RC! !!important!!
Thu Feb 16 13:00:00 2012 dvaleevAATTsuse.com - skip broken test_io test on ppc
Mon Dec 12 13:00:00 2011 toddrme2178AATTgmail.com - Exclude /usr/bin/2to3 to prevent conflicts with python3-2to3
Thu Dec 8 13:00:00 2011 jmatejekAATTsuse.com - %python_version now correctly refers to %tarversion
Mon Nov 28 13:00:00 2011 saschpeAATTsuse.de - Spec file cleanup: * Run spec-cleaner * Remove outdated %clean section, AutoReqProv and authors from descr. - Fix license to Python-2.0 (also SPDX style)
Fri Sep 30 14:00:00 2011 adrianAATTsuse.de - fix build for arm by removing an old hack for arm, bz2.so is built now
Fri Aug 19 14:00:00 2011 dmuellerAATTsuse.de - update to 2.7.2: * Bug fix only release, see http://hg.python.org/cpython/raw-file/eb3c9b74884c/Misc/NEWS for details - introduce a pre_checkin.sh file that synchronizes patches between python and python-base - rediff patches for 2.7.2 - replace kernel3 patch with the upstream solution
Fri Jul 22 14:00:00 2011 idonmezAATTnovell.com - Copy Lib/plat-linux2 to Lix/plat-linux3 so that DLFCN module is also available for linux3 systems bnc#707667
Sun Jul 10 14:00:00 2011 roAATTsuse.de - fix build on factory: setup reports linux3 not linux2 now, adapt checks
Tue May 31 14:00:00 2011 jmatejekAATTnovell.com - added explicit requires to libpython-%version-%release to prevent bugs like bnc#697251 reappearing
Tue May 24 14:00:00 2011 jmatejekAATTnovell.com - update to 2.7.1 * bugfix-only release, see NEWS for details - refreshed patches, dropped the upstreamed ones - dropped acrequire patch, replacing it with build-time sed - improved fix to bnc#673071 by defining the constants only for files that require it (as is done in python3)
Mon May 2 14:00:00 2011 jmatejekAATTnovell.com - fixed a security flaw where malicious sites could redirect Python application from http to a local file (CVE-2011-1521, bnc#682554) - fixed race condition in Makefile which randomly failed parallel builds ( http://bugs.python.org/issue10013 )
Thu Feb 17 13:00:00 2011 pthAATTsuse.de - Prefix DATE and TIME with PY_BUILD_ and COMPILER with PYTHON_ as to not break external code (bnc#673071).
Mon Jan 17 13:00:00 2011 cooloAATTnovell.com - provide pyxml to avoid touching tons of packages
Thu Nov 18 13:00:00 2010 cooloAATTnovell.com - add patch from http://psf.upfronthosting.co.za/roundup/tracker/issue9960 to fix build on ppc64
Fri Oct 1 14:00:00 2010 jmatejekAATTnovell.com - moved unittest to python-base (it is a testing framework, not a testsuite, so it clearly belongs into stdlib) - fixed smtpd.py DoS (bnc#638233, CVE probably not assigned)
Tue Sep 21 14:00:00 2010 cooloAATTnovell.com - fix baselibs.conf
Thu Aug 26 14:00:00 2010 suse-tuxAATTgmx.de - fix for urllib2 (http://bugs.python.org/issue9639)
Thu Aug 26 14:00:00 2010 jmatejekAATTnovell.com - fixed distutils test - dropped autoconf version requirement (it builds just fine with other versions)
Thu Aug 26 14:00:00 2010 jmatejekAATTnovell.com - update to version 2.7 * improved handling of numeric types * deprecation warnings are now silent by default * new argparse module for command line arguments * many new features, see http://docs.python.org/dev/whatsnew/2.7.html for complete list * * * 2.7 is supposed to be the last version from the 2.x series, so its (upstream) maintenance period will probably be longer than usual. However, upstream development now focuses on 3.x series. - cleaned up spec and patches
Fri Jul 2 14:00:00 2010 jengelhAATTmedozas.de - add patch from http://bugs.python.org/issue6029 - use %_smp_mflags
Mon May 17 14:00:00 2010 matejcikAATTsuse.cz - dropped audioop.so because of security vulnerabilities (bnc#603255)
Wed Apr 7 14:00:00 2010 matejcikAATTsuse.cz - update to 2.6.5 (rpm version 2.6.5) - patched test_distutils to work
Thu Mar 11 13:00:00 2010 matejcikAATTsuse.cz - update to 2.6.5rc2 (rpm version is 2.6.4.92) * bugfix-only release - removed fwrapv patch - no longer needed - removed expat patches (this version also fixes expat vulnerabilities from bnc#581765 ) - removed readline spacing patch - no longer needed - removed https_proxy patch - no longer needed - removed test_distutils patch - no longer needed - disabled test_distutils because of spurious failure, * TODO reenable at release
Thu Feb 4 13:00:00 2010 matejcikAATTsuse.cz - removed precompiled exe files (as noted in bnc#577032)
Fri Jan 29 13:00:00 2010 matejcikAATTsuse.cz - enabled ipv6 in configure (bnc#572673)
Wed Dec 23 13:00:00 2009 ajAATTsuse.de - Apply patches with fuzz=0
Mon Dec 14 13:00:00 2009 jengelhAATTmedozas.de - add baselibs.conf as source
Wed Oct 28 13:00:00 2009 crrodriguezAATTopensuse.org - python-devel Requires glibc-devel
Fri Sep 4 14:00:00 2009 matejcikAATTsuse.cz - fixed potential DoS in python\'s copy of expat (bnc#534721)
Sun Aug 2 14:00:00 2009 jansimon.moellerAATTopensuse.org - fix files section for ARM, as bz2.so isn\'t built on ARM.
Fri Jul 31 14:00:00 2009 matejcikAATTsuse.cz - added /usr/lib/python2.6{,/site-packages} to the package even if it is on lib64 arch - added %python_sitelib and %python_sitearch for fedora compatibility
Thu Jul 30 14:00:00 2009 matejcikAATTsuse.cz - fixed test in test_distutils suite that would generate a warning when the log threshold was set too low by preceding tests
Wed Jul 29 14:00:00 2009 matejcikAATTsuse.cz - support noarch python packages (modified multilib patch to differentiate between purelib and platlib, added /usr/lib to search path in all cases
Thu Jul 16 14:00:00 2009 cooloAATTnovell.com - disable as-needed to fix build
Mon Apr 27 14:00:00 2009 matejcikAATTsuse.cz - update to 2.6.2 * bugfix-only release for 2.6 series
|
|
|