|
|
|
|
Changelog for python3-tools-3.4.6-12.6.1.x86_64.rpm :
Mon Sep 3 14:00:00 2018 Matěj Cepl - Add -fwrapv to OPTS, which is default for python3 anyway See for example https://github.com/zopefoundation/persistent/issues/86 for bugs which are caused by avoiding it. (bsc#1107030)
Fri Jun 29 14:00:00 2018 mceplAATTsuse.com - Apply \"CVE-2018-1061-DOS-via-regexp-difflib.patch\" to prevent low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS (CVE-2018-1061). Prior to this patch mail server\'s timestamp was susceptible to catastrophic backtracking on long evil response from the server. Also, it was susceptible to catastrophic backtracking, which was a potential DOS vector. [bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]
Fri Jun 29 14:00:00 2018 mceplAATTsuse.com - Apply \"python-sorted_tar.patch\" (bsc#1086001) sort tarfile output directory listing
Tue Mar 13 13:00:00 2018 psimonsAATTsuse.com - Apply \"python-3.6-CVE-2017-18207.patch\" to add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this check, attackers could cause a denial of service (divide-by-zero error and application crash) via a crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
Wed Mar 1 13:00:00 2017 jmatejekAATTsuse.com - update to 3.4.6 (bsc#1027282): * fixed potential crash in PyUnicode_AsDecodedObject() in debug build * fixed possible DoS and arbitrary execution in gettext plurals * fix possible use of uninitialized memory in operator.methodcaller * fix possible Py_DECREF on unowned object in _sre * fix possible integer overflow in _csv module * prevent HTTPoxy attack (CVE-2016-1000110) * fix selectors incorrectly retaining invalid fds - drop upstreamed python-3.4-CVE-2016-1000110-fix.patch
Mon Aug 8 14:00:00 2016 jmatejekAATTsuse.com - rename rpmlintrc to python3-rpmlintrc (applied change from 13.2) - drop python-fix-short-dh.patch and dh2048.pem, this is now fixed upstream - drop disabled libffi-ppc64le.diff completely - reverse order of lowercase-proxies and HTTPoxy patches in order to fix documented behavior - drop upstreamed werror-declaration-after-statement.patch
Sun Aug 7 14:00:00 2016 hpjAATTurpla.net - fix python3-urllib-prefer-lowercase-proxies.patch
Sat Aug 6 14:00:00 2016 hpjAATTurpla.net - apply fix for CVE-2016-1000110 - CGIHandler: sets environmental variable based on user supplied Proxy request header: python-3.4-CVE-2016-1000110-fix.patch (fixes bsc#989523, CVE-2016-1000110) - refresh python3-urllib-prefer-lowercase-proxies.patch
Sun Jul 3 14:00:00 2016 hpjAATTurpla.net - update to 3.4.5 check: https://docs.python.org/3.4/whatsnew/changelog.html (fixes bsc#984751, CVE-2016-0772) (fixes bsc#985177, CVE-2016-5636) (fixes bsc#985348, CVE-2016-5699)
Wed Jun 15 14:00:00 2016 hpjAATTurpla.net - apply upstream patch python3-urllib-prefer-lowercase-proxies.patch in order to make urllib proxy var handling behave as usual on POSIX
Tue Jun 14 14:00:00 2016 hpjAATTurpla.net - Due to being fixed upstream (differently), removed outdated patch CVE-2014-4650-CGIHTTPServer-traversal.patch (bsc#983582)
Sat May 7 14:00:00 2016 hpjAATTurpla.net - update to 3.4.4 check: https://docs.python.org/3.4/whatsnew/changelog.html - all necessary patches refreshed - adjusted Python-3.3.0b2-multilib.patch - disabled libffi-ppc64le.diff: horribly deviated - fix a new multilib issue in configure.ac with $LIBPL (target of python3 config) - disabled more tests, that require ssl
Fri Oct 23 14:00:00 2015 jmatejekAATTsuse.com - Issue #21121: Don\'t force 3rd party C extensions to be built with - Werror=declaration-after-statement. (werror-declaration-after-statement.patch, bsc#951166)
Tue Sep 22 14:00:00 2015 dmuellerAATTsuse.com - add python-2.7-libffi-aarch64.patch to fix incorrect FFI on aarch64
Thu Sep 17 14:00:00 2015 meissnerAATTsuse.com - python-fix-short-dh.patch,dh2048.pem: Bump DH parameters to 2048 bit to fix logjam security issue. bsc#935856
Wed Jul 23 14:00:00 2014 jmatejekAATTsuse.com - CVE-2014-4650-CGIHTTPServer-traversal.patch: CGIHTTPServer file disclosure and directory traversal through URL-encoded characters (CVE-2014-4650, bnc#885882)
Tue Jul 22 14:00:00 2014 jmatejekAATTsuse.com - drop python-3.4.1-SUSE-ensurepip.patch for compatibility reasons, reinstate bundled copies of pip and setuptools (fixes bnc#885662) - add more files as sources to silence the validator
Wed May 21 14:00:00 2014 jmatejekAATTsuse.com - update to 3.4.1 * bugfix-only release, over 300 bugs fixed - drop upstreamed python-3.4.0rc2-sqlite-3.8.4-tests.patch - drop upstreamed CVE-2014-2667-mkdir.patch - include Python release manager keyring and signature file for the source archive (thus renumbering of source files) (see https://www.python.org/download/#openpgp-public-keys ) - move ensurepip to python3, because it transitively requires ssl
Fri Apr 4 14:00:00 2014 jmatejekAATTsuse.com - CVE-2014-2667-mkdir.patch: race condition with reseting umask in os.makedirs (CVE-2014-2667, bnc#871152) - updated multilib patch to include ~/.local/lib64 (bnc#637176)
Wed Mar 26 13:00:00 2014 jmatejekAATTsuse.com - raise timeout value for test_subprocess to 10s (might fix intermittent build failures in OBS)
Mon Mar 24 13:00:00 2014 dmuellerAATTsuse.com - remove blacklisting of test_posix on aarch64: qemu bug is fixed
Mon Mar 17 13:00:00 2014 jmatejekAATTsuse.com - update to 3.4.0 final - drop upstreamed python-3.4rc2-importlib.patch
Sun Mar 16 13:00:00 2014 schwabAATTsuse.de - Only build with profile-opt if profiling is enabled - Update test exclusion lists: * test_ctypes no longer fails on arm * test_io no longer fails on ppc * * test_multiprocessing has been split in multiple tests * test_posix and test_signal fail due to qemu bugs
Fri Mar 14 13:00:00 2014 andreas.stiegerAATTgmx.de - Fix build with SQLite 3.8.4 [bnc#867887], fixing SQLite tests, adding python-2.7.6-sqlite-3.8.4-tests.patch
Thu Feb 27 13:00:00 2014 jmatejekAATTsuse.com - update to 3.4.0 rc2 * pre-release bugfixes * improvements to asyncio library - drop upstreamed tracemalloc_gcov.patch - python-3.4rc2-importlib.patch fixes backwards-incompatibility in the reworked importlib module that blocks build of vim
Fri Jan 17 13:00:00 2014 jmatejekAATTsuse.com - initial commit of 3.4.0 beta 3 * new stdlib modules: pathlib, enum, statistics, tracemalloc * asynchronous IO with new asyncio module * introspection data for builtins * subprocesses no longer inherit open file descriptors * standardized metadata for packages * internal hashing changed to SipHash * new pickle protocol * improved handling of codecs * TLS 1.2 support * major speed improvements for internal unicode handling * many bugfixes and optimizations - see porting guide at: http://docs.python.org/3.4/whatsnew/3.4.html#porting-to-python-3-4 - moved several modules to -testsuite subpackage - updated list of binary extensions, refreshed patches - tracemalloc_gcov.patch fixes profile-based optimization build - updated packages and pre_checkin.sh to use ~-version notation for prereleases - fix-shebangs part of build process moved to common %prep - drop python-3.3.2-no-REUSEPORT.patch (upstreamed) - update baselibs for new soname - TODOs: * require python-pip, make ensurepip work with zypper
Wed Dec 4 13:00:00 2013 matzAATTsuse.de - add ppc64le (ELFv2) support for libffi copy for ctypes module - Adjust Python-3.3.0b2-multilib.patch for ppc64le (make sys.lib be \"lib64\"). - added patches: * libffi-ppc64le.diff
Tue Dec 3 13:00:00 2013 adrianAATTsuse.de - add ppc64le rules
Fri Nov 22 13:00:00 2013 speilickeAATTsuse.com - Add python-3.3.3-skip-distutils-test_sysconfig_module.patch: + Disable global and distutils sysconfig comparison test, we deviate from the default depending on optflags
Tue Nov 19 13:00:00 2013 jmatejekAATTsuse.com - update to 3.3.3 * bugfix-only release * many SSL-related fixes * upstream fix for CVE-2013-4238 * upstream fixes for CVE-2013-1752 - move example module xxlimited to python3-testsuite - remove --with-wide-unicode config option, it is now the default (and only) choice - don\'t touch anything between make and makeinstall - drop python-3.2b2-buildtime-generate.patch - the issue was caused by touching things between make and makeinstall - link pycache entries for import_failed hooks properly
Thu Aug 8 14:00:00 2013 dvaleevAATTsuse.com - Exclue test_faulthandler from tests on powerpc due to bnc#831629
Thu Jun 13 14:00:00 2013 jmatejekAATTsuse.com - update to 3.3.2 * bugfix-only release * fixes several regressions introduced in 3.3.1 - switch to xz compression - move _lzma module to python3-base - python-3.3.2-no-REUSEPORT.patch to fix build on kernels without SO_REUSEPORT
Mon Apr 29 14:00:00 2013 schwabAATTsuse.de - Readd missing bits from ctypes-libffi-aarch64.patch
Sat Apr 13 14:00:00 2013 idonmezAATTsuse.com - Update to version 3.3.1 * Fix the –enable-profiling configure switch. * In IDLE, close the replace dialog after it is used. - Too many bugfixes to list here, see See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS - Refresh Python-3.3.0b2-multilib.patch - Refresh python-3.2b2-buildtime-generate.patch - Drop upstream patches: ctypes-libffi-aarch64.patch, python-3.2.3rc2-pypirc-secure.patch, python-3.3.0-getdents64.patch
Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com - Add Source URL, see https://en.opensuse.org/title=SourceUrls
Wed Apr 3 14:00:00 2013 jmatejekAATTsuse.com - remove spurious modification of python-3.3.0b1-localpath.patch that would force installation into /usr/local. this fixes bnc#809831
Thu Mar 28 13:00:00 2013 jmatejekAATTsuse.com - replace broken movetogetdents64.diff patch with a correct one from upstream repo (python-3.3.0-getdents64.patch)
Fri Mar 1 13:00:00 2013 dmuellerAATTsuse.com - add ctypes-libffi-aarch64.patch: * import aarch64 support for libffi in _ctypes module - add aarch64 to the list of lib64 based archs - add movetogetdents64.diff: * port to getdents64, as SYS_getdents is not implemented everywhere
Tue Feb 26 13:00:00 2013 saschpeAATTsuse.de - /etc/rpm/macros.python3 is no %config, it is not meant to be changed by users. - Add rpmlintrc with some obvious filters
Mon Jan 28 13:00:00 2013 jmatejekAATTsuse.com - update baselibs for new version of libpython3
Thu Nov 29 13:00:00 2012 jmatejekAATTsuse.com - fix include path in macros (bnc#787526) - implement failed import handlers for modules that live in subpackages - e.g. \"import ssl\" will now throw a sensible error message telling you to install \"python3\"
Wed Nov 28 13:00:00 2012 jmatejekAATTsuse.com - merge python3-xml into python3 - merge python3-2to3 library into python3-base and the 2to3 binary into python3-devel (python3-devel is now in conflict with python-2to3, which will be dropped) - enable --with-system-expat for python3, making the xml modules (and thus python3) depend on expat - reconfigure tests to disable network and GUI resources, which the upstream apparently thought is a good idea to enable by default. this fixes build failures in Factory - add lzma-devel to build the _lzma module - moved %dynlib macro definition to common section
Mon Nov 5 13:00:00 2012 cooloAATTsuse.com - buildrequire timezone for the test suite
Mon Oct 29 13:00:00 2012 dmuellerAATTsuse.com - disable more checks for qemu builds as they use syscalls not implemented yet
Thu Oct 25 14:00:00 2012 Rene.vanPaassenAATTgmail.com - exclude test_math for SLE 11; math library fails on negative gamma function values close to integers and 0, probably due to imprecision in -lm on SLE_11_SP2.
Tue Oct 16 14:00:00 2012 cooloAATTsuse.com - buildrequire libbz2-devel explicitly
Mon Oct 8 14:00:00 2012 jmatejekAATTsuse.com - remove distutils.cfg (bnc#658604) * this changes default prefix for distutils to /usr * see ML for details: http://lists.opensuse.org/opensuse-packaging/2012-09/msg00254.html
Mon Oct 1 14:00:00 2012 idonmezAATTsuse.com - Update to final 3.3.0 release * See http://hg.python.org/cpython/file/v3.3.0/Misc/NEWS
Thu Sep 27 14:00:00 2012 idonmezAATTsuse.com - Correct dependency for python3-testsuite, python3-tkinter -> python3-tk
Thu Aug 23 14:00:00 2012 jmatejekAATTsuse.com - update to 3.3.0 RC1
Fri Aug 3 14:00:00 2012 jmatejekAATTsuse.com - update to 3.3.0 beta 1 * flexible string representation, no longer distinguishing between wide and narrow Unicode builds * importlib-based import system * virtualenv support in core * namespace packages * explicit Unicode literals for easier porting * key-sharing dict implementation reduces memory footprint of OO code * hash randomization on by default * many other new bugfixes and features, check NEWS for details - pre_checkin.sh now autofills various version strings in specs - ship hashlib\'s fallback modules - those uselessly take up space when real _hashlib.so from python3 is present, but the space wasted is only 114kB and it provides python3-base with a working hashlib module. (also, this fixes bnc#743787)
Fri Jul 27 14:00:00 2012 dvaleevAATTsuse.com - skip test_io on ppc - drop test_io ppc patch
Thu Jun 28 14:00:00 2012 saschpeAATTsuse.de - Satisfy source_validator by uncommenting an otherwise unused \"Patch\" line
Fri May 18 14:00:00 2012 idonmezAATTsuse.com - update to 3.2.3 * No changes since rc2
Thu Mar 29 14:00:00 2012 jmatejekAATTsuse.com - update to 3.2.3rc2 * fixes several security issues: * CVE-2012-0845, bnc#747125 * CVE-2012-1150, bnc#751718 * CVE-2011-4944, bnc#754447 * CVE-2011-3389, bnc#754677 - fix for insecure .pypirc (CVE-2011-4944, bnc#754447) - disable test_gdb because it is broken by our gdb
Thu Feb 16 13:00:00 2012 dvaleevAATTsuse.com - skip broken test_io test on ppc
Wed Jan 18 13:00:00 2012 jmatejekAATTsuse.com - update to 3.2.2 * bugfix-only release * reports \"linux2\" as sys.platform regardless of Linux kernel - added pre_checkin.sh to copy common spec sections to python3.spec - added PACKAGING-NOTES with some helpful info for packagers
Sun Dec 25 13:00:00 2011 idonmezAATTsuse.com - Use system ffi, included one is broken see http://bugs.python.org/issue11729 and http://bugs.python.org/issue12081
Fri Dec 9 13:00:00 2011 jmatejekAATTsuse.com - license.opensuse.org-compatible license headers
Fri Dec 2 13:00:00 2011 cooloAATTsuse.com - add automake as buildrequire to avoid implicit dependency
Thu Nov 24 13:00:00 2011 agrafAATTsuse.com - fix ARM build (exclude some test cases which break for us)
Tue Aug 16 14:00:00 2011 termimAATTgmail.com - use sysconfig module to get py3_incdir, py3_abiflags, py3_soflags, python3_sitelib and python3_sitearch
Mon Jul 18 14:00:00 2011 jmatejekAATTnovell.com - update to 3.2.1 * bugfix-only release, no major changes - fix build on linux3 platform - remove upstreamed pybench patch - install /usr/lib directories in all cases to prevent spurious \"directory not owned\" in dependent packages
Wed Jun 15 14:00:00 2011 jmatejekAATTnovell.com - replaced dynamic so version with manual so version, because autobuild does not support autogeneration
Tue May 24 14:00:00 2011 jmatejekAATTnovell.com - generate macros.python3 at compile-time with fixed values - don\'t include bogus values in pyconfig.h, as they can break third-party packages (bnc#673071)
Tue May 17 14:00:00 2011 jmatejekAATTnovell.com - added Obsoletes: python3 < 3.1 so that the transition from non-split to split packages goes smoothly
Fri May 13 14:00:00 2011 jmatejekAATTnovell.com - fixed RPM macros to use python3 instead of python - updated to build --with-wide-unicode (for compatibility with fedora and our own python 2.x series)
Thu Apr 21 14:00:00 2011 termimAATTgmail.com - fix python3-base build failure due to pybench.py crash by python-3.2-pybench.patch - move pyconfig.h from python3-devel to python3-base package to make python3-base functional again
Wed Mar 23 13:00:00 2011 termimAATTgmail.com - update to python 3.2 * stable ABI, ABI-tagged .so files * concurrent.futures and many other new or upgraded modules * PYC repository directories ( __pycache__ ) * python WSGI 1.0.1 * Unicode 6.0.0 support * a great number of bugfixes and assorted improvements
Tue Feb 8 13:00:00 2011 matejcikAATTsuse.cz - update to python 3.2 RC2 - renamed python3-demo to python3-tools, because the demo part became much smaller than the tools part - added rpm macros
Tue Jan 18 13:00:00 2011 jmatejekAATTnovell.com - update to python 3.2 beta 2, see NEWS for details - split off -base package with less dependencies, and a shlib-policy compliant libpython3 package - mostly rewritten the spec file with more detailed comments - cleaned up lists of patches
|
|
|