SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python-32bit-2.7.13-27.15.3.x86_64.rpm :
Tue Sep 25 14:00:00 2018 Matěj Cepl
- Apply \"CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch\" which
converts shutil._call_external_zip to use subprocess rather than
distutils.spawn. [bsc#1109663, CVE-2018-1000802]

Thu Jun 7 14:00:00 2018 psimonsAATTsuse.com
- Apply \"CVE-2017-18207.patch\" to add a check to Lib/wave.py that
verifies that at least one channel is provided. Prior to this
check, attackers could cause a denial of service (divide-by-zero
error and application crash) via a crafted wav format audio file.
[bsc#1083507, CVE-2017-18207]

Tue Mar 13 13:00:00 2018 psimonsAATTsuse.com
- Apply \"python-2.7.14-CVE-2017-1000158.patch\" to prevent integer
overflows in PyString_DecodeEscape that could have resulted in
heap-based buffer overflow attacks and possible arbitrary code
execution. [bsc#1068664, CVE-2017-1000158]
- Apply \"python-2.7.14-CVE-2018-1000030-1.patch\" and
\"python-2.7.14-CVE-2018-1000030-2.patch\" to remedy a bug that
would crash the Python interpreter when multiple threads used the
same I/O stream concurrently. This issue is not classified as a
security vulnerability due to the fact that an attacker must be
able to run code, however in some situations -- such as function
as a service -- this vulnerability can potentially be used by an
attacker to violate a trust boundary. [bsc#1079300,
CVE-2018-1000030]

Wed Mar 1 13:00:00 2017 jmatejekAATTsuse.com
- update for SLE (bsc#1027282)
- removed obsolete python-2.7-urllib2-localnet-ssl.patch
- refreshed python-2.7.9-sles-disable-verification-by-default.patch
to work with PEP493-compatibe config.
Variable \"PYTHONHTTPSVERIFY\" is now recognized and setting it
to 1 will enable strict TLS checking, while setting to 0 will disable
checking. The default behavior depends on whether a policy file
(typically from python-strict-tls-check package) is present: if it is,
the policy decides what happens, empty policy file means upstream policy.
If not present, checking is disabled by default.

Tue Jan 3 13:00:00 2017 jmatejekAATTsuse.com
- update to 2.7.13

* dozens of bugfixes, see NEWS for details

* updated cipher lists for openssl wrapper, support openssl >= 1.1.0

* properly fix HTTPoxy (CVE-2016-1000110)

* profile-opt build now applies PGO to modules as well
- update python-2.7.10-overflow_check.patch
with python-2.7.13-overflow_check.patch, incorporating upstream changes
- add \"-fwrapv\" to optflags explicitly because upstream code still
relies on it in many places

Fri Dec 2 13:00:00 2016 jmatejekAATTsuse.com
- provide python2-
* symbols, for support of new packages built as
python2-foo

Thu Jun 30 14:00:00 2016 jmatejekAATTsuse.com
- update to 2.7.12

* dozens of bugfixes, see NEWS for details

* fixes multiple security issues:
CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751)
CVE-2016-5636 zipimporter heap overflow (bsc#985177)
CVE-2016-5699 httplib header injection (bsc#985348)
(this one is actually fixed since 2.7.10)

Thu Aug 13 14:00:00 2015 jmatejekAATTsuse.com
- add missing ssl.pyc and ssl.pyo to package
- implement python-strict-tls-checks subpackage

* when present, Python will perform TLS certificate checking by default.
it is possible to remove the package to turn off the checks
for compatibility with legacy scripts.

* as discussed in fate#318300

Thu May 14 14:00:00 2015 jmatejekAATTsuse.com
- for SLE 12 SP1, disable SSL verification-by-default for backwards
compatibility (python-2.7.9-sles-disable-verification-by-default.patch)

Wed Feb 25 13:00:00 2015 jmatejekAATTsuse.com
- python-2.7.9-ssl_ca_path.patch - reintroduce support for CA directory path

Fri Dec 12 13:00:00 2014 jmatejekAATTsuse.com
- update to 2.7.9

Sat Oct 18 14:00:00 2014 crrodriguezAATTopensuse.org
- Only pkgconfig(x11) is required for build,not xorg-x11-devel.

Tue Sep 30 14:00:00 2014 jmatejekAATTsuse.com
- update to 2.7.8

* bugfix-only release, dozens of bugs fixed

Fri Jun 20 14:00:00 2014 jmatejekAATTsuse.com
- update to 2.7.7

* bugfix-only release, over a hundred bugs fixed

Fri Mar 14 13:00:00 2014 andreas.stiegerAATTgmx.de
- Fix build with SQLite 3.8.4 [bnc#867887], fixing SQLite tests,
adding python-2.7.6-sqlite-3.8.4-tests.patch

Thu Nov 21 13:00:00 2013 jmatejekAATTsuse.com
- update to 2.7.6

Thu Sep 19 14:00:00 2013 crrodriguezAATTopensuse.org
- build with -DOPENSSL_LOAD_CONF so python honours
the system\'s openSSL configuration if any, allowing it to
benefit from openssl ENGINE functionality.

Mon Aug 26 14:00:00 2013 lnusselAATTsuse.de
- update python-2.7.3-ssl_ca_path.patch patch to load default verify locations
if no ca_certs file is specified (bnc#827982, bnc#836739)

Fri Aug 16 14:00:00 2013 jmatejekAATTsuse.com
- handle NULL bytes in certain fields of SSL certificates
(CVE-2013-4238, bnc#834601)

Tue Jul 9 14:00:00 2013 jengelhAATTinai.de
- Add python-bsddb6.diff to support building against libdb-6.0

Wed Jun 5 14:00:00 2013 schwabAATTsuse.de
- Reenable testsuite on arm

Thu May 30 14:00:00 2013 jmatejekAATTsuse.com
- switch to xz archive

Tue May 28 14:00:00 2013 speilickeAATTsuse.com
- Update to version 2.7.5:
+ bugfix-only release
+ fixes several important regressions introduced in 2.7.4
+ Issue #15535: Fixed regression in the pickling of named tuples by
removing the __dict__ property introduced in 2.7.4.
+ Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3,
such as was shipped with Centos 5 and Mac OS X 10.4.
+ Issue #17703: Fix a regression where an illegal use of Py_DECREF() after
interpreter finalization can cause a crash.
+ Issue #16447: Fixed potential segmentation fault when setting __name__ on a
class.
+ Issue #17610: Don\'t rely on non-standard behavior of the C qsort() function. 12
See http://hg.python.org/cpython/file/ab05e7dd2788/Misc/NEWS for more

Thu May 9 14:00:00 2013 jmatejekAATTsuse.com
- update to 2.7.4

* bugfix-only release

Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com
- Add Source URL, see https://en.opensuse.org/SourceUrls

Mon Feb 25 13:00:00 2013 jmatejekAATTsuse.com
- fix pythonstart failing on $HOME-less users (bnc#804978)

Sun Aug 12 14:00:00 2012 idonmezAATTsuse.com
- python & python-base Release numbers can differ, take that into
account. See bnc#766778 comment 12.

Tue Jun 26 14:00:00 2012 dvaleevAATTsuse.com
- Fix failing test_dbm on ppc64

Thu May 17 14:00:00 2012 jfunkAATTfunktronics.ca
- Support directory-based certificate stores with the ca_certs parameter of SSL
functions [bnc#761501]

Tue May 15 14:00:00 2012 jmatejekAATTsuse.com
- enabled some tests

Thu Dec 8 13:00:00 2011 jmatejekAATTsuse.com
- %python_version now correctly refers to %tarversion

Thu Dec 1 13:00:00 2011 saschpeAATTsuse.de
- Spec file cleanup:

* Run spec-cleaner

* Remove outdated %clean section, AutoReqProv and authors from descr.
- Fix license to Python-2.0 (also SPDX style)

Wed Nov 30 13:00:00 2011 cooloAATTsuse.com
- add automake as buildrequire to avoid implicit dependency

Fri Sep 16 14:00:00 2011 jmatejekAATTsuse.com
- dropped newslist.py from demos because of bad license
(bnc#718009)

Sun Jul 10 14:00:00 2011 roAATTsuse.de
- update to 2.7.2:

* Bug fix only release, see
http://hg.python.org/cpython/raw-file/eb3c9b74884c/Misc/NEWS
for details
- introduce a pre_checkin.sh file that synchronizes
patches between python and python-base
- rediff patches for 2.7.2
- replace kernel3 patch with the upstream solution

Tue May 24 14:00:00 2011 jmatejekAATTnovell.com
- updated to 2.7.1

* bugfix-only release

Wed May 4 14:00:00 2011 jmatejekAATTnovell.com
- added \"fix-parallel-make\" patch to python main package as well,
because build process is the same

Thu Feb 17 13:00:00 2011 pthAATTsuse.de
- Prefix DATE and TIME with PY_BUILD_ and COMPILER with PYTHON_ as
to not break external code (bnc#673071).

Tue Aug 31 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- Provide \"fake\" build enviroment information

* build date replaced by source tarball modify date

* compiler string replaced by \"GCC\"

* This is intended to avoid republishing the packages
over and over again.

Thu Aug 26 14:00:00 2010 jmatejekAATTnovell.com
- update to 2.7

* see changes in python-base.changes
- cleaned up the spec and patches

Fri Jul 2 14:00:00 2010 jengelhAATTmedozas.de
- add patch from http://bugs.python.org/issue6029
- use %_smp_mflags

Wed Apr 7 14:00:00 2010 matejcikAATTsuse.cz
- update to 2.6.5

Wed Feb 3 13:00:00 2010 jengelhAATTmedozas.de
- exclude dl.so from SPARC64 (not built like on x86_64)

Fri Jan 29 13:00:00 2010 matejcikAATTsuse.cz
- enabled ipv6 in configure (bnc#572673)

Wed Dec 23 13:00:00 2009 ajAATTsuse.de
- Apply patches with fuzz=0

Wed Dec 2 13:00:00 2009 cooloAATTnovell.com
- update patch again

Wed Nov 4 13:00:00 2009 matejcikAATTsuse.cz
- readline shouldn\'t append space after completion (bnc#551715,
python bug 5833)

Tue Nov 3 13:00:00 2009 cooloAATTnovell.com
- updated patches to apply with fuzz=0

Tue Sep 8 14:00:00 2009 maxAATTsuse.de
- removed blt from BuildRequires so that it can be dropped.

Fri Sep 4 14:00:00 2009 matejcikAATTsuse.cz
- added patch for potential SSL hangup during handshake (bnc#525295)

Wed Jul 29 14:00:00 2009 matejcikAATTsuse.cz
- renamed multilib patch to reflect the changes

Thu Jul 16 14:00:00 2009 cooloAATTnovell.com
- disable as-needed to fix build

Mon Apr 27 14:00:00 2009 matejcikAATTsuse.cz
- update to 2.6.2

* bugfix-only release for 2.6 series


 
ICM