SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python3-base-3.4.6-1.3.x86_64.rpm :
Mon Sep 3 14:00:00 2018 mceplAATTsuse.com
- Add -fwrapv to OPTS, which is default for python3 anyway
See for example https://github.com/zopefoundation/persistent/issues/86
for bugs which are caused by avoiding it. (bsc#1107030)

Fri Jun 29 14:00:00 2018 mceplAATTsuse.com
- Apply \"CVE-2018-1061-DOS-via-regexp-difflib.patch\" to prevent
low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS
(CVE-2018-1061). Prior to this patch mail server\'s timestamp was
susceptible to catastrophic backtracking on long evil response from
the server. Also, it was susceptible to catastrophic backtracking,
which was a potential DOS vector.
[bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]

Fri Jun 29 14:00:00 2018 mceplAATTsuse.com
- Apply \"python-sorted_tar.patch\" (bsc#1086001)
sort tarfile output directory listing

Tue Mar 13 13:00:00 2018 psimonsAATTsuse.com
- Apply \"python-3.6-CVE-2017-18207.patch\" to add a check to
Lib/wave.py that verifies that at least one channel is provided.
Prior to this check, attackers could cause a denial of service
(divide-by-zero error and application crash) via a crafted wav
format audio file. [bsc#1083507, CVE-2017-18207]

Wed Mar 1 13:00:00 2017 jmatejekAATTsuse.com
- update to 3.4.6 (bsc#1027282):

* fixed potential crash in PyUnicode_AsDecodedObject() in debug build

* fixed possible DoS and arbitrary execution in gettext plurals

* fix possible use of uninitialized memory in operator.methodcaller

* fix possible Py_DECREF on unowned object in _sre

* fix possible integer overflow in _csv module

* prevent HTTPoxy attack (CVE-2016-1000110)

* fix selectors incorrectly retaining invalid fds
- drop upstreamed python-3.4-CVE-2016-1000110-fix.patch

Mon Aug 8 14:00:00 2016 jmatejekAATTsuse.com
- rename rpmlintrc to python3-rpmlintrc (applied change from 13.2)
- drop python-fix-short-dh.patch and dh2048.pem, this is now fixed
upstream
- drop disabled libffi-ppc64le.diff completely
- reverse order of lowercase-proxies and HTTPoxy patches in order
to fix documented behavior
- drop upstreamed werror-declaration-after-statement.patch

Sun Aug 7 14:00:00 2016 hpjAATTurpla.net
- fix python3-urllib-prefer-lowercase-proxies.patch

Sat Aug 6 14:00:00 2016 hpjAATTurpla.net
- apply fix for CVE-2016-1000110 - CGIHandler: sets environmental
variable based on user supplied Proxy request header:
python-3.4-CVE-2016-1000110-fix.patch
(fixes bsc#989523, CVE-2016-1000110)
- refresh python3-urllib-prefer-lowercase-proxies.patch

Sun Jul 3 14:00:00 2016 hpjAATTurpla.net
- update to 3.4.5
check: https://docs.python.org/3.4/whatsnew/changelog.html
(fixes bsc#984751, CVE-2016-0772)
(fixes bsc#985177, CVE-2016-5636)
(fixes bsc#985348, CVE-2016-5699)

Wed Jun 15 14:00:00 2016 hpjAATTurpla.net
- apply upstream patch python3-urllib-prefer-lowercase-proxies.patch
in order to make urllib proxy var handling behave as usual on POSIX

Tue Jun 14 14:00:00 2016 hpjAATTurpla.net
- Due to being fixed upstream (differently), removed outdated patch
CVE-2014-4650-CGIHTTPServer-traversal.patch (bsc#983582)

Sat May 7 14:00:00 2016 hpjAATTurpla.net
- update to 3.4.4
check: https://docs.python.org/3.4/whatsnew/changelog.html
- all necessary patches refreshed
- adjusted Python-3.3.0b2-multilib.patch
- disabled libffi-ppc64le.diff: horribly deviated
- fix a new multilib issue in configure.ac with $LIBPL
(target of python3 config)
- disabled more tests, that require ssl

Fri Oct 23 14:00:00 2015 jmatejekAATTsuse.com
- Issue #21121: Don\'t force 3rd party C extensions to be built with
- Werror=declaration-after-statement.
(werror-declaration-after-statement.patch, bsc#951166)

Tue Sep 22 14:00:00 2015 dmuellerAATTsuse.com
- add python-2.7-libffi-aarch64.patch to fix incorrect FFI on aarch64

Thu Sep 17 14:00:00 2015 meissnerAATTsuse.com
- python-fix-short-dh.patch,dh2048.pem:
Bump DH parameters to 2048 bit to fix logjam security issue. bsc#935856

Wed Jul 23 14:00:00 2014 jmatejekAATTsuse.com
- CVE-2014-4650-CGIHTTPServer-traversal.patch: CGIHTTPServer file
disclosure and directory traversal through URL-encoded characters
(CVE-2014-4650, bnc#885882)

Tue Jul 22 14:00:00 2014 jmatejekAATTsuse.com
- drop python-3.4.1-SUSE-ensurepip.patch for compatibility reasons,
reinstate bundled copies of pip and setuptools
(fixes bnc#885662)
- add more files as sources to silence the validator

Wed May 21 14:00:00 2014 jmatejekAATTsuse.com
- update to 3.4.1

* bugfix-only release, over 300 bugs fixed
- drop upstreamed python-3.4.0rc2-sqlite-3.8.4-tests.patch
- drop upstreamed CVE-2014-2667-mkdir.patch
- include Python release manager keyring and signature file
for the source archive (thus renumbering of source files)
(see https://www.python.org/download/#openpgp-public-keys )
- move ensurepip to python3, because it transitively requires ssl

Fri Apr 4 14:00:00 2014 jmatejekAATTsuse.com
- CVE-2014-2667-mkdir.patch: race condition with reseting umask
in os.makedirs
(CVE-2014-2667, bnc#871152)
- updated multilib patch to include ~/.local/lib64 (bnc#637176)

Wed Mar 26 13:00:00 2014 jmatejekAATTsuse.com
- raise timeout value for test_subprocess to 10s (might fix
intermittent build failures in OBS)

Mon Mar 24 13:00:00 2014 dmuellerAATTsuse.com
- remove blacklisting of test_posix on aarch64: qemu bug is fixed

Mon Mar 17 13:00:00 2014 jmatejekAATTsuse.com
- update to 3.4.0 final
- drop upstreamed python-3.4rc2-importlib.patch

Sun Mar 16 13:00:00 2014 schwabAATTsuse.de
- Only build with profile-opt if profiling is enabled
- Update test exclusion lists:

* test_ctypes no longer fails on arm

* test_io no longer fails on ppc
*

* test_multiprocessing has been split in multiple tests

* test_posix and test_signal fail due to qemu bugs

Fri Mar 14 13:00:00 2014 andreas.stiegerAATTgmx.de
- Fix build with SQLite 3.8.4 [bnc#867887], fixing SQLite tests,
adding python-2.7.6-sqlite-3.8.4-tests.patch

Thu Feb 27 13:00:00 2014 jmatejekAATTsuse.com
- update to 3.4.0 rc2

* pre-release bugfixes

* improvements to asyncio library
- drop upstreamed tracemalloc_gcov.patch
- python-3.4rc2-importlib.patch fixes backwards-incompatibility
in the reworked importlib module that blocks build of vim

Fri Jan 17 13:00:00 2014 jmatejekAATTsuse.com
- initial commit of 3.4.0 beta 3

* new stdlib modules: pathlib, enum, statistics, tracemalloc

* asynchronous IO with new asyncio module

* introspection data for builtins

* subprocesses no longer inherit open file descriptors

* standardized metadata for packages

* internal hashing changed to SipHash

* new pickle protocol

* improved handling of codecs

* TLS 1.2 support

* major speed improvements for internal unicode handling

* many bugfixes and optimizations
- see porting guide at:
http://docs.python.org/3.4/whatsnew/3.4.html#porting-to-python-3-4
- moved several modules to -testsuite subpackage
- updated list of binary extensions, refreshed patches
- tracemalloc_gcov.patch fixes profile-based optimization build
- updated packages and pre_checkin.sh to use ~-version notation
for prereleases
- fix-shebangs part of build process moved to common %prep
- drop python-3.3.2-no-REUSEPORT.patch (upstreamed)
- update baselibs for new soname
- TODOs:

* require python-pip, make ensurepip work with zypper

Wed Dec 4 13:00:00 2013 matzAATTsuse.de
- add ppc64le (ELFv2) support for libffi copy for ctypes module
- Adjust Python-3.3.0b2-multilib.patch for ppc64le (make sys.lib be
\"lib64\").
- added patches:

* libffi-ppc64le.diff

Tue Dec 3 13:00:00 2013 adrianAATTsuse.de
- add ppc64le rules

Fri Nov 22 13:00:00 2013 speilickeAATTsuse.com
- Add python-3.3.3-skip-distutils-test_sysconfig_module.patch:
+ Disable global and distutils sysconfig comparison test, we deviate
from the default depending on optflags

Tue Nov 19 13:00:00 2013 jmatejekAATTsuse.com
- update to 3.3.3

* bugfix-only release

* many SSL-related fixes

* upstream fix for CVE-2013-4238

* upstream fixes for CVE-2013-1752
- move example module xxlimited to python3-testsuite
- remove --with-wide-unicode config option, it is now the default
(and only) choice
- don\'t touch anything between make and makeinstall
- drop python-3.2b2-buildtime-generate.patch - the issue was caused
by touching things between make and makeinstall
- link pycache entries for import_failed hooks properly

Thu Aug 8 14:00:00 2013 dvaleevAATTsuse.com
- Exclue test_faulthandler from tests on powerpc due to bnc#831629

Thu Jun 13 14:00:00 2013 jmatejekAATTsuse.com
- update to 3.3.2

* bugfix-only release

* fixes several regressions introduced in 3.3.1
- switch to xz compression
- move _lzma module to python3-base
- python-3.3.2-no-REUSEPORT.patch to fix build on kernels without SO_REUSEPORT

Mon Apr 29 14:00:00 2013 schwabAATTsuse.de
- Readd missing bits from ctypes-libffi-aarch64.patch

Sat Apr 13 14:00:00 2013 idonmezAATTsuse.com
- Update to version 3.3.1

* Fix the –enable-profiling configure switch.

* In IDLE, close the replace dialog after it is used.
- Too many bugfixes to list here,
see See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS
- Refresh Python-3.3.0b2-multilib.patch
- Refresh python-3.2b2-buildtime-generate.patch
- Drop upstream patches: ctypes-libffi-aarch64.patch,
python-3.2.3rc2-pypirc-secure.patch, python-3.3.0-getdents64.patch

Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com
- Add Source URL, see https://en.opensuse.org/title=SourceUrls

Wed Apr 3 14:00:00 2013 jmatejekAATTsuse.com
- remove spurious modification of python-3.3.0b1-localpath.patch
that would force installation into /usr/local.
this fixes bnc#809831

Thu Mar 28 13:00:00 2013 jmatejekAATTsuse.com
- replace broken movetogetdents64.diff patch with a correct one
from upstream repo (python-3.3.0-getdents64.patch)

Fri Mar 1 13:00:00 2013 dmuellerAATTsuse.com
- add ctypes-libffi-aarch64.patch:

* import aarch64 support for libffi in _ctypes module
- add aarch64 to the list of lib64 based archs
- add movetogetdents64.diff:

* port to getdents64, as SYS_getdents is not implemented everywhere

Tue Feb 26 13:00:00 2013 saschpeAATTsuse.de
- /etc/rpm/macros.python3 is no %config, it is not meant to be changed
by users.
- Add rpmlintrc with some obvious filters

Mon Jan 28 13:00:00 2013 jmatejekAATTsuse.com
- update baselibs for new version of libpython3

Thu Nov 29 13:00:00 2012 jmatejekAATTsuse.com
- fix include path in macros (bnc#787526)
- implement failed import handlers for modules that live in
subpackages - e.g. \"import ssl\" will now throw a sensible error
message telling you to install \"python3\"

Wed Nov 28 13:00:00 2012 jmatejekAATTsuse.com
- merge python3-xml into python3
- merge python3-2to3 library into python3-base
and the 2to3 binary into python3-devel
(python3-devel is now in conflict with python-2to3, which
will be dropped)
- enable --with-system-expat for python3, making the xml modules
(and thus python3) depend on expat
- reconfigure tests to disable network and GUI resources, which
the upstream apparently thought is a good idea to enable by default.
this fixes build failures in Factory
- add lzma-devel to build the _lzma module
- moved %dynlib macro definition to common section

Mon Nov 5 13:00:00 2012 cooloAATTsuse.com
- buildrequire timezone for the test suite

Mon Oct 29 13:00:00 2012 dmuellerAATTsuse.com
- disable more checks for qemu builds as they use syscalls not
implemented yet

Thu Oct 25 14:00:00 2012 Rene.vanPaassenAATTgmail.com
- exclude test_math for SLE 11; math library fails on negative
gamma function values close to integers and 0, probably
due to imprecision in -lm on SLE_11_SP2.

Tue Oct 16 14:00:00 2012 cooloAATTsuse.com
- buildrequire libbz2-devel explicitly

Mon Oct 8 14:00:00 2012 jmatejekAATTsuse.com
- remove distutils.cfg (bnc#658604)

* this changes default prefix for distutils to /usr

* see ML for details:
http://lists.opensuse.org/opensuse-packaging/2012-09/msg00254.html

Mon Oct 1 14:00:00 2012 idonmezAATTsuse.com
- Update to final 3.3.0 release

* See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS

Thu Sep 27 14:00:00 2012 idonmezAATTsuse.com
- Correct dependency for python3-testsuite,
python3-tkinter -> python3-tk

Thu Aug 23 14:00:00 2012 jmatejekAATTsuse.com
- update to 3.3.0 RC1

Fri Aug 3 14:00:00 2012 jmatejekAATTsuse.com
- update to 3.3.0 beta 1

* flexible string representation, no longer distinguishing
between wide and narrow Unicode builds

* importlib-based import system

* virtualenv support in core

* namespace packages

* explicit Unicode literals for easier porting

* key-sharing dict implementation reduces memory footprint
of OO code

* hash randomization on by default

* many other new bugfixes and features, check NEWS for details
- pre_checkin.sh now autofills various version strings in specs
- ship hashlib\'s fallback modules - those uselessly take up space
when real _hashlib.so from python3 is present, but the space wasted
is only 114kB and it provides python3-base with a working hashlib
module.
(also, this fixes bnc#743787)

Fri Jul 27 14:00:00 2012 dvaleevAATTsuse.com
- skip test_io on ppc
- drop test_io ppc patch

Thu Jun 28 14:00:00 2012 saschpeAATTsuse.de
- Satisfy source_validator by uncommenting an otherwise unused \"Patch\"
line

Fri May 18 14:00:00 2012 idonmezAATTsuse.com
- update to 3.2.3

* No changes since rc2

Thu Mar 29 14:00:00 2012 jmatejekAATTsuse.com
- update to 3.2.3rc2

* fixes several security issues:

* CVE-2012-0845, bnc#747125

* CVE-2012-1150, bnc#751718

* CVE-2011-4944, bnc#754447

* CVE-2011-3389, bnc#754677
- fix for insecure .pypirc (CVE-2011-4944, bnc#754447)
- disable test_gdb because it is broken by our gdb

Thu Feb 16 13:00:00 2012 dvaleevAATTsuse.com
- skip broken test_io test on ppc

Wed Jan 18 13:00:00 2012 jmatejekAATTsuse.com
- update to 3.2.2

* bugfix-only release

* reports \"linux2\" as sys.platform regardless of Linux kernel
- added pre_checkin.sh to copy common spec sections to python3.spec
- added PACKAGING-NOTES with some helpful info for packagers

Sun Dec 25 13:00:00 2011 idonmezAATTsuse.com
- Use system ffi, included one is broken see
http://bugs.python.org/issue11729 and
http://bugs.python.org/issue12081

Fri Dec 9 13:00:00 2011 jmatejekAATTsuse.com
- license.opensuse.org-compatible license headers

Fri Dec 2 13:00:00 2011 cooloAATTsuse.com
- add automake as buildrequire to avoid implicit dependency

Thu Nov 24 13:00:00 2011 agrafAATTsuse.com
- fix ARM build (exclude some test cases which break for us)

Tue Aug 16 14:00:00 2011 termimAATTgmail.com
- use sysconfig module to get py3_incdir, py3_abiflags,
py3_soflags, python3_sitelib and python3_sitearch

Mon Jul 18 14:00:00 2011 jmatejekAATTnovell.com
- update to 3.2.1

* bugfix-only release, no major changes
- fix build on linux3 platform
- remove upstreamed pybench patch
- install /usr/lib directories in all cases to prevent spurious
\"directory not owned\" in dependent packages

Wed Jun 15 14:00:00 2011 jmatejekAATTnovell.com
- replaced dynamic so version with manual so version, because
autobuild does not support autogeneration

Tue May 24 14:00:00 2011 jmatejekAATTnovell.com
- generate macros.python3 at compile-time with fixed values
- don\'t include bogus values in pyconfig.h, as they can break
third-party packages (bnc#673071)

Tue May 17 14:00:00 2011 jmatejekAATTnovell.com
- added Obsoletes: python3 < 3.1 so that the transition from
non-split to split packages goes smoothly

Fri May 13 14:00:00 2011 jmatejekAATTnovell.com
- fixed RPM macros to use python3 instead of python
- updated to build --with-wide-unicode (for compatibility with
fedora and our own python 2.x series)

Thu Apr 21 14:00:00 2011 termimAATTgmail.com
- fix python3-base build failure due to pybench.py crash by
python-3.2-pybench.patch
- move pyconfig.h from python3-devel to python3-base package to
make python3-base functional again

Wed Mar 23 13:00:00 2011 termimAATTgmail.com
- update to python 3.2

* stable ABI, ABI-tagged .so files

* concurrent.futures and many other new or upgraded modules

* PYC repository directories ( __pycache__ )

* python WSGI 1.0.1

* Unicode 6.0.0 support

* a great number of bugfixes and assorted improvements

Tue Feb 8 13:00:00 2011 matejcikAATTsuse.cz
- update to python 3.2 RC2
- renamed python3-demo to python3-tools, because the demo part
became much smaller than the tools part
- added rpm macros

Tue Jan 18 13:00:00 2011 jmatejekAATTnovell.com
- update to python 3.2 beta 2, see NEWS for details
- split off -base package with less dependencies, and a shlib-policy
compliant libpython3 package
- mostly rewritten the spec file with more detailed comments
- cleaned up lists of patches


  
ICM