openSUSE Build Service

Dominique Leuenberger (dimstar_suse) accepted request 717087 from

Matej Cepl (mcepl) over 5 years ago (revision 139)

Dominique Leuenberger (dimstar_suse) accepted request 706252 from

Tomáš Chvátal (scarabeus_iv) over 5 years ago (revision 138)

Dominique Leuenberger (dimstar_suse) accepted request 692401 from

Matej Cepl (mcepl) over 5 years ago (revision 137)

Dominique Leuenberger (dimstar_suse) accepted request 677944 from

Tomáš Chvátal (scarabeus_iv) over 5 years ago (revision 136)

- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch
  fixing bpo-35746.
  An exploitable denial-of-service vulnerability exists in the
  X509 certificate parser of Python.org Python 2.7.11 / 3.7.2.
  A specially crafted X509 certificate can cause a NULL pointer
  dereference, resulting in a denial of service. An attacker can
  initiate or accept TLS connections using crafted certificates
  to trigger this vulnerability.

Dominique Leuenberger (dimstar_suse) accepted request 660147 from

Matej Cepl (mcepl) almost 6 years ago (revision 135)

Dominique Leuenberger (dimstar_suse) accepted request 645305 from

Tomáš Chvátal (scarabeus_iv) almost 6 years ago (revision 134)

Dominique Leuenberger (dimstar_suse) accepted request 638809 from

Matej Cepl (mcepl) about 6 years ago (revision 133)

Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which
converts shutil._call_external_zip to use subprocess rather than
distutils.spawn. [bsc#1109663, CVE-2018-1000802]

Dominique Leuenberger (dimstar_suse) accepted request 611151 from

Tomáš Chvátal (scarabeus_iv) over 6 years ago (revision 132)

- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch

- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch

- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch

Dominique Leuenberger (dimstar_suse) accepted request 593955 from

Tomáš Chvátal (scarabeus_iv) over 6 years ago (revision 131)

Dominique Leuenberger (dimstar_suse) accepted request 578360 from

Tomáš Chvátal (scarabeus_iv) almost 7 years ago (revision 130)

Dominique Leuenberger (dimstar_suse) accepted request 573233 from

Tomáš Chvátal (scarabeus_iv) almost 7 years ago (revision 129)

Dominique Leuenberger (dimstar_suse) accepted request 572016 from

Tomáš Chvátal (scarabeus_iv) almost 7 years ago (revision 128)

Dominique Leuenberger (dimstar_suse) accepted request 571147 from

Tomáš Chvátal (scarabeus_iv) almost 7 years ago (revision 127)

- Add patch python-fix-shebang.patch to fix bsc#1078326

Dominique Leuenberger (dimstar_suse) accepted request 561149 from

Jan Matejek (matejcik) almost 7 years ago (revision 126)

- exclude test_regrtest for s390, where it does not segfault as it should
  (fixes bsc#1073269)
- fix segfault while creating weakref - bsc#1073748, bpo#29347
  (this is actually fixed by the 2.7.14 update; mentioning this for purposes
  of bugfix tracking)

Dominique Leuenberger (dimstar_suse) accepted request 544427 from

Jan Matejek (matejcik) almost 7 years ago (revision 125)

- update to 2.7.14
  * dozens of bugfixes, see NEWS for details
  * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664)
  * fixed segfaults with dict mutated during search
  * fixed possible free-after-use problems with buffer objects with custom indexing
  * fixed urllib.splithost to correctly parse fragments (bpo-30500)
- drop upstreamed python-2.7.13-overflow_check.patch
- drop unneeded python-2.7.12-makeopcode.patch
- drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch

Dominique Leuenberger (dimstar_suse) accepted request 538777 from

Jan Matejek (matejcik) about 7 years ago (revision 124)

Dominique Leuenberger (dimstar_suse) accepted request 527332 from

Jan Matejek (matejcik) about 7 years ago (revision 123)

Dominique Leuenberger (dimstar_suse) accepted request 517921 from

Jan Matejek (matejcik) about 7 years ago (revision 122)

Dominique Leuenberger (dimstar_suse) accepted request 482570 from

Jan Matejek (matejcik) over 7 years ago (revision 121)

Dominique Leuenberger (dimstar_suse) accepted request 448858 from

Jan Matejek (matejcik) almost 8 years ago (revision 120)

- update to 2.7.13
  * dozens of bugfixes, see NEWS for details
  * updated cipher lists for openssl wrapper, support openssl >= 1.1.0
  * properly fix HTTPoxy (CVE-2016-1000110)
  * profile-opt build now applies PGO to modules as well
- update python-2.7.10-overflow_check.patch
  with python-2.7.13-overflow_check.patch, incorporating upstream changes
- add "-fwrapv" to optflags explicitly because upstream code still
  relies on it in many places

- provide python2-* symbols, for support of new packages built as
  python2-foo
- rename macros.python to macros.python2 accordingly
- require python-rpm-macros package, drop macro definitions from
  macros.python2

Places

Revisions of python

Places