Changelog for
python-32bit-2.7.14-lp150.6.13.1.x86_64.rpm :
* Tue Sep 25 2018 Matěj Cepl
- Apply \"CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch\" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802]
* Mon Nov 20 2017 jmatejekAATTsuse.com- update to 2.7.14
* dozens of bugfixes, see NEWS for details
* fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664)
* fixed segfaults with dict mutated during search
* fixed possible free-after-use problems with buffer objects with custom indexing
* fixed urllib.splithost to correctly parse fragments (bpo-30500)- drop upstreamed python-2.7.13-overflow_check.patch- drop unneeded python-2.7.12-makeopcode.patch- drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch
* Thu Sep 14 2017 vcizekAATTsuse.com- Fix test broken with OpenSSL 1.1 (bsc#1042670)
* add 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch
* Mon Aug 28 2017 jmatejekAATTsuse.com- drop SUSE_ASNEEDED=0 as it is not needed anymore
* Thu Aug 17 2017 kukukAATTsuse.de- Add libnsl-devel build requires for glibc obsoleting libnsl
* Tue Jan 03 2017 jmatejekAATTsuse.com- update to 2.7.13
* dozens of bugfixes, see NEWS for details
* updated cipher lists for openssl wrapper, support openssl >= 1.1.0
* properly fix HTTPoxy (CVE-2016-1000110)
* profile-opt build now applies PGO to modules as well- update python-2.7.10-overflow_check.patch with python-2.7.13-overflow_check.patch, incorporating upstream changes- add \"-fwrapv\" to optflags explicitly because upstream code still relies on it in many places
* Fri Dec 02 2016 jmatejekAATTsuse.com- provide python2-
* symbols, for support of new packages built as python2-foo
* Thu Jun 30 2016 jmatejekAATTsuse.com- update to 2.7.12
* dozens of bugfixes, see NEWS for details
* fixes multiple security issues: CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751) CVE-2016-5636 zipimporter heap overflow (bsc#985177) CVE-2016-5699 httplib header injection (bsc#985348) (this one is actually fixed since 2.7.10)
* Mon Sep 14 2015 jmatejekAATTsuse.com- implement python-strict-tls-checks subpackage
* when present, Python will perform TLS certificate checking by default. it is possible to remove the package to turn off the checks for compatibility with legacy scripts.
* as discussed in fate#318300
* this is not built for openSUSE, but retained here in case we want to build the package for a SLE system
* Wed Sep 09 2015 dimstarAATTopensuse.org- Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1.
* Sun May 24 2015 michaelAATTstroeder.com- update to 2.7.10- removed obsolete python-2.7-urllib2-localnet-ssl.patch
* Thu May 14 2015 jmatejekAATTsuse.com- for SLE 12 SP1, disable SSL verification-by-default for backwards compatibility (python-2.7.9-sles-disable-verification-by-default.patch)
* Wed Feb 25 2015 jmatejekAATTsuse.com- python-2.7.9-ssl_ca_path.patch - reintroduce support for CA directory path
* Fri Dec 12 2014 jmatejekAATTsuse.com- update to 2.7.9
* Sat Oct 18 2014 crrodriguezAATTopensuse.org- Only pkgconfig(x11) is required for build,not xorg-x11-devel.