Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 677944 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 136) 
- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch
  fixing bpo-35746.
  An exploitable denial-of-service vulnerability exists in the
  X509 certificate parser of Python.org Python 2.7.11 / 3.7.2.
  A specially crafted X509 certificate can cause a NULL pointer
  dereference, resulting in a denial of service. An attacker can
  initiate or accept TLS connections using crafted certificates
  to trigger this vulnerability.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 638809 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 133) 
Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which
converts shutil._call_external_zip to use subprocess rather than
distutils.spawn. [bsc#1109663, CVE-2018-1000802]
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 611151 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 132) 
- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch

- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch

- update to 2.7.15
  * dozens of bugfixes, see NEWS for details
- removed obsolete patches:
  * python-ncurses-6.0-accessors.patch
  * python-fix-shebang.patch
  * gcc8-miscompilation-fix.patch
- add patch from upstream:
  * do-not-use-non-ascii-in-test_ssl.patch
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 571147 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 127) 
- Add patch python-fix-shebang.patch to fix bsc#1078326
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 561149 from Jan Matejek's avatar Jan Matejek (matejcik) (revision 126) 
- exclude test_regrtest for s390, where it does not segfault as it should
  (fixes bsc#1073269)
- fix segfault while creating weakref - bsc#1073748, bpo#29347
  (this is actually fixed by the 2.7.14 update; mentioning this for purposes
  of bugfix tracking)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 544427 from Jan Matejek's avatar Jan Matejek (matejcik) (revision 125) 
- update to 2.7.14
  * dozens of bugfixes, see NEWS for details
  * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664)
  * fixed segfaults with dict mutated during search
  * fixed possible free-after-use problems with buffer objects with custom indexing
  * fixed urllib.splithost to correctly parse fragments (bpo-30500)
- drop upstreamed python-2.7.13-overflow_check.patch
- drop unneeded python-2.7.12-makeopcode.patch
- drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 448858 from Jan Matejek's avatar Jan Matejek (matejcik) (revision 120) 
- update to 2.7.13
  * dozens of bugfixes, see NEWS for details
  * updated cipher lists for openssl wrapper, support openssl >= 1.1.0
  * properly fix HTTPoxy (CVE-2016-1000110)
  * profile-opt build now applies PGO to modules as well
- update python-2.7.10-overflow_check.patch
  with python-2.7.13-overflow_check.patch, incorporating upstream changes
- add "-fwrapv" to optflags explicitly because upstream code still
  relies on it in many places

- provide python2-* symbols, for support of new packages built as
  python2-foo
- rename macros.python to macros.python2 accordingly
- require python-rpm-macros package, drop macro definitions from
  macros.python2
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 405901 from Jan Matejek's avatar Jan Matejek (matejcik) (revision 119) 
- update to 2.7.12
  * dozens of bugfixes, see NEWS for details
  * fixes multiple security issues:
    CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751)
    CVE-2016-5636 zipimporter heap overflow (bsc#985177)
    CVE-2016-5699 httplib header injection (bsc#985348)
      (this one is actually fixed since 2.7.10)
- removed upstreamed python-2.7.7-mhlib-linkcount.patch
- refreshed multilib patch
- python-2.7.12-makeopcode.patch - run newly-built python interpreter
  to make opcodes, in order not to require pre-built python
- update LD_LIBRARY_PATH to use $PWD instead of "." because the test
  process escapes to its own directory
- modify shebang-fixing scriptlet to ignore makeopcodetargets.py
Displaying revisions 61 - 80 of 197
openSUSE Build Service is sponsored by
Places