File python3.spec of Package python3-doc.26005

Overview Repositories Revisions Requests Users Attributes Meta

File python3.spec of Package python3-doc.26005

#
# spec file for package python3
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

Name:           python3
BuildRequires:  automake
BuildRequires:  db-devel
BuildRequires:  fdupes
BuildRequires:  gcc-c++
BuildRequires:  gdbm-devel
BuildRequires:  gettext-tools
BuildRequires:  gmp-devel
BuildRequires:  intltool
BuildRequires:  libbz2-devel
BuildRequires:  libexpat-devel
BuildRequires:  libffi-devel
BuildRequires:  libopenssl-devel
BuildRequires:  ncurses-devel
BuildRequires:  readline-devel
BuildRequires:  sqlite-devel
BuildRequires:  tk-devel
BuildRequires:  xorg-x11-devel
BuildRequires:  xz
BuildRequires:  xz-devel
URL:            http://www.python.org/
Summary:        Python3 Interpreter
License:        Python-2.0
Group:          Development/Languages/Python
Version:        3.4.10
Release:        0
%define         tarversion %{version}
%define         tarname    Python-%{tarversion}

# required for idle3 (.desktop and .appdata.xml files)
BuildRequires:  update-desktop-files
Requires:       python3-base = %{version}
Recommends:     python3-pip
Suggests:       python3-curses
Suggests:       python3-dbm
Suggests:       python3-idlelib
Suggests:       python3-tk

Source0:        http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz
Source1:        baselibs.conf
Source2:        python3-rpmlintrc
Source20:       idle3.desktop
Source21:       idle3.appdata.xml
#Source11:       testfiles.tar.bz2
# issues with copyrighted Unicode testing files

# For Patch 34
Source34:       recursion.tar

# do not add patches here, please edit python3-base.spec instead
# and run pre_checkin.sh
#
# see PACKAGING-NOTES for details

### COMMON-PATCH-BEGIN ###

# implement "--record-rpm" option for distutils installations
Patch01:        Python-3.0b1-record-rpm.patch
# support lib-vs-lib64 distinction
Patch02:        Python-3.3.0b2-multilib.patch
# support finding packages in /usr/local, install to /usr/local by default
Patch04:        python-3.3.0b1-localpath.patch
# replace DATE, TIME and COMPILER by fixed definitions to aid reproducible builds
Patch06:        python-3.3.0b1-fix_date_time_compiler.patch
# fix wrong include path in curses-panel module
Patch07:        python-3.3.0b1-curses-panel.patch
# POSIX_FADV_WILLNEED throws EINVAL. Use a different constant in test
Patch09:        python-3.3.0b1-test-posix_fadvise.patch
# Add missing bits for aarch64 in libffi
Patch10:        ctypes-libffi-aarch64.patch
# Disable global and distutils sysconfig comparison test, we deviate from the default depending on optflags
Patch12:        python-3.3.3-skip-distutils-test_sysconfig_module.patch
# Raise timeout value for test_subprocess
Patch15:        subprocess-raise-timeout.patch
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
Patch18:        python-2.7-libffi-aarch64.patch
# PATCH-FIX-UPSTREAM Prefer lowercase proxy environment variables
Patch19:        python3-urllib-prefer-lowercase-proxies.patch
# PATCH-FIX-UPSTREAM python-3.6-CVE-2017-18207.patch psimons@suse.com -- Add check for channels of wav file in Lib/wave.py
# Suggested in https://github.com/python/cpython/pull/4437.
Patch20:        python-3.6-CVE-2017-18207.patch
# PATCH-FIX-UPSTREAM https://bugs.python.org/issue30693
Patch21:        python-sorted_tar.patch
# PATCH-FIX-UPSTREAM CVE-2019-10160-netloc-port-regression.patch bsc#1138459 mcepl@suse.com
# Fix regression introduced by fix for CVE-2019-9636
Patch26:        CVE-2019-10160-netloc-port-regression.patch
# PATCH-FIX-UPSTREAM CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch bsc#1109663 mcepl@suse.com
# Command injection in the shutil module
Patch28:        CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch
# PATCH-FIX-UPSTREAM CVE-2019-16056-email-parse-addr.patch bsc#1149955 mcepl@suse.com
# bpo#34155 The email module wrongly parses email addresses
Patch29:        CVE-2019-16056-email-parse-addr.patch
# PATCH-FIX-UPSTREAM CVE-2020-8492-urllib-ReDoS.patch bsc#1162367 mcepl@suse.com
# Fixes Python urrlib allowed an HTTP server to conduct Regular
# Expression Denial of Service (ReDoS)
Patch30:        CVE-2020-8492-urllib-ReDoS.patch
# PATCH-FIX-UPSTREAM CVE-2019-9674-zip-bomb.patch bsc#1162825 mcepl@suse.com
# Improve documentation warning against the possible zip bombs
Patch31:        CVE-2019-9674-zip-bomb.patch
# PATCH-FIX-SLE skip-failing-tests.patch mcepl@suse.com
# test_write_filtered_python_package just wants to fail, and I have no idea why.
Patch32:        skip-failing-tests.patch
# PATCH-FIX-UPSTREAM CVE-2019-9947-no-ctrl-char-http.patch bsc#1130840 bpo#30458
# avoid CRLF injenction;
Patch33:        CVE-2019-9947-no-ctrl-char-http.patch
# PATCH-FIX-UPSTREAM CVE-2019-18348-CRLF_injection_via_host_part.patch bsc#1155094 bpo#38576
# disallow control characters in hostnames in httplib
# DEPENDS on PATCH32
Patch34:        CVE-2019-18348-CRLF_injection_via_host_part.patch
# PATCH-FIX-UPSTREAM CVE-2019-20907_tarfile-inf-loop.patch bsc#1174091 mcepl@suse.com
# avoid possible infinite loop in specifically crafted tarball (CVE-2019-20907)
# REQUIRES SOURCE 34
Patch35:        CVE-2019-20907_tarfile-inf-loop.patch
# PATCH-FIX-UPSTREAM bpo37614-race_test_docxmlrpc_srv_setup.patch bpo#27614 mcepl@suse.com
# avoid race in test_docxmlrpc (REQUIRED for Patch #36)
Patch36:        bpo37614-race_test_docxmlrpc_srv_setup.patch
# PATCH-FIX-UPSTREAM CVE-2019-16935-xmlrpc-doc-server_title.patch bsc#1153238 mcepl@suse.com
# XSS vulnerability in the documentation XML-RPC server in server_title field
Patch37:        CVE-2019-16935-xmlrpc-doc-server_title.patch
# PATCH-FIX-UPSTREAM CVE-2020-14422-ipaddress-hash-collision.patch bsc#1173274 mcepl@suse.com
# oversimplicstic computation of hash values leads to conflicts and potential for DOS
Patch38:        CVE-2020-14422-ipaddress-hash-collision.patch
# PATCH-FIX-UPSTREAM CVE-2020-26116-httplib-header-injection.patch bsc#1177211 bpo#39603
# Fixes httplib to disallow control characters in method to avoid header
# injection, equivalent of Patch33 and Patch34 for method of URL (GET, POST, etc.)
Patch39:        CVE-2020-26116-httplib-header-injection.patch
# Update SSL certificates due to certificates shipped with the package expiring
Patch40:        update-ssl-certs.patch
# PATCH-FIX-UPSTREAM CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch bsc#1181126 mcepl@suse.com
# buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution
Patch41:        CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
# PATCH-FIX-UPSTREAM CVE-2021-23336-only-amp-as-query-sep.patch bsc#1182379 mcepl@suse.com
# urlparse only use '&' as a query string separator
Patch42:        CVE-2021-23336-only-amp-as-query-sep.patch
# PATCH-FIX-UPSTREAM CVE-2020-27619-no-eval-http-content.patch bsc#1182207 mcepl@suse.com
# No longer call eval() on content received via HTTP in the CJK codec tests
Patch43:        CVE-2020-27619-no-eval-http-content.patch
# PATCH-FIX-UPSTREAM CVE-2021-3737-infinite-loop-on-100-Continue.patch bsc#1189241 mcepl@suse.com
# avoid DoS via infinitely reading potential HTTP headers after a 100 Continue status response from the server
Patch44:        CVE-2021-3737-infinite-loop-on-100-Continue.patch
# PATCH-FIX-UPSTREAM CVE-2021-3733-ReDoS-urllib-AbstractBasicAuthHandler.patch bsc#1189287 mcepl@suse.com
# Fix ReDoS in urllib AbstractBasicAuthHandler (bpo#43075)
Patch45:        CVE-2021-3733-ReDoS-urllib-AbstractBasicAuthHandler.patch
# PATCH-FIX-UPSTREAM CVE-2021-4189-ftplib-trust-PASV-resp.patch bsc#1194146 mcepl@suse.com
# Make ftplib not trust the PASV response. (gh#python/cpython#24838)
Patch46:        CVE-2021-4189-ftplib-trust-PASV-resp.patch
# PATCH-FIX-UPSTREAM CVE-2022-0391-urllib_parse-newline-parsing.patch bsc#1195396 mcepl@suse.com
# whole long discussion is on bpo#43882
# fix for santization URLs containing ASCII newline and tabs in urllib.parse
Patch47:        CVE-2022-0391-urllib_parse-newline-parsing.patch
# PATCH-FIX-UPSTREAM CVE-2015-20107-mailcap-unsafe-filenames.patch bsc#1198511 mcepl@suse.com
# avoid the command injection in the mailcap module.
Patch48:        CVE-2015-20107-mailcap-unsafe-filenames.patch
# PATCH-FIX-UPSTREAM bpo-46623-skip-zlib-s390x.patch gh#python/cpython#90781 mcepl@suse.com
# skip two tests failing on s390x
Patch49:        bpo-46623-skip-zlib-s390x.patch
# PATCH-FIX-UPSTREAM CVE-2021-28861 bsc#1202624
# Coerce // to / in Lib/http/server.py
Patch50:        CVE-2021-28861-double-slash-path.patch
### COMMON-PATCH-END ###

BuildRoot:      %{_tmppath}/%{name}-%{version}-build

# do not add defs here, please edit python3-base.spec instead
# and run pre_checkin.sh
#
# see PACKAGING-NOTES for details

### COMMON-DEF-BEGIN ###

# the versions are autogenerated from pre_checkin.sh
# based on the current source tarball
%define         python_version  3.4

%define         python_version_abitag   34
%define         python_version_soname   3_4

%define         sitedir         %{_libdir}/python%{python_version}

# three possible ABI kinds: m - pymalloc, d - debug build
# see PEP 3149
%define         abi_kind m
# python ABI version - used in some file names
%define         python_abi %{python_version}%{abi_kind}
# soname ABI tag defined in PEP 3149
%define         abi_tag %{python_version_abitag}%{abi_kind}

%define         so_version %{python_version_soname}%{abi_kind}1_0

%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}.so
### COMMON-DEF-END ###

# some compatibility Provides
Provides:       python = %{python_version}
Provides:       python3 = %{python_version}

Provides:       python3-xml = %{version}
Obsoletes:      python3-xml < %{version}

%description
Python 3 is an interpreted, object-oriented programming language, and is
often compared to Tcl, Perl, Scheme, or Java.  You can find an overview
of Python in the documentation and tutorials included in the python-doc
(HTML) or python-doc-pdf (PDF) packages.

If you want to install third party modules using distutils, you need to
install python-devel package.

%package tk
Requires:       %{name} = %{version}
Summary:        TkInter - Python Tk Interface
Group:          Development/Libraries/Python

%description tk
Python interface to Tk. Tk is the GUI toolkit that comes with Tcl. The
"xrpm" package uses this Python interface.

%package curses
Requires:       %{name} = %{version}
Summary:        Python Interface to the (N)Curses Library
Group:          Development/Libraries/Python

%description curses
An easy to use interface to the (n)curses CUI library. CUI stands for
Console User Interface.

%package dbm
Requires:       %{name} = %{version}
Summary:        Python Interface to the GDBM Library
Group:          Development/Languages/Python

%description dbm
An easy to use interface for Unix DBM databases, and more specifically,
the GNU implementation GDBM.

%package idle
Summary:        An Integrated Development Environment for Python
Group:          Development/Languages/Python
Requires:       %{name} = %{version}
Requires:       python3-tk

%description idle
IDLE is a Tkinter based integrated development environment for Python.
It features a multi-window text editor with multiple undo, Python
colorizing, and many other things, as well as a Python shell window and
a debugger.

%prep
%setup -q -n %{tarname}
### COMMON-PREP-BEGIN ###

%patch01 -p1
%patch02 -p1
#%%patch03
#- canonicalize disabled, needs testing whether the exploit still works
%patch04 -p1
%patch06 -p1
%patch07 -p1
%patch09 -p1
%patch10 -p1
%patch12 -p1
%patch15 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch26 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch33 -p1
%patch34 -p1
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch38 -p1
%patch39 -p1
%patch40 -p1
%patch41 -p1
%patch42 -p1
%patch43 -p1
%patch44 -p1
%patch45 -p1
%patch46 -p1
%patch47 -p1
%patch48 -p1
%patch49 -p1
%patch50 -p1

# For patch 34
cp -v %{SOURCE34} Lib/test/recursion.tar

# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac

# fix shebangs - convert /usr/local/bin/python and /usr/bin/env/python to /usr/bin/python3
for dir in Lib Tools; do
    # find *.py, filter to files that contain bad shebangs
    find $dir -name '*.py' -type f -print0 \
        | xargs -0 grep -lE '^#! *(/usr/.*bin/(env +)?)?python' \
        | xargs sed -r -i -e '1s@^#![[:space:]]*(/usr/(local/)?bin/(env +)?)?python([0-9]+(\.[0-9]+)?)?@#!/usr/bin/python3@'
done

### COMMON-PREP-END ###

%build
export SUSE_ASNEEDED=0
export OPT="%{optflags} -fwrapv -DOPENSSL_LOAD_CONF"

autoreconf -f -i .
# prevent make from trying to rebuild asdl stuff, which requires existing
# python installation
touch Parser/asdl* Python/Python-ast.c Include/Python-ast.h Objects/typeslots.inc

./configure \
    --prefix=%{_prefix} \
    --libdir=%{_libdir} \
    --mandir=%{_mandir} \
    --docdir=%{_docdir}/python \
    --enable-ipv6 \
    --with-fpectl \
    --enable-shared \
    --with-system-ffi \
    --with-system-expat \
    --with-ensurepip=no

make %{?_smp_mflags} # DESTDIR=$RPM_BUILD_ROOT

%check
# Limit virtual memory to avoid spurious failures
if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then
  ulimit -v 10000000 || :
fi

# only test the parts skipped in python3-base
TESTS="test_dbm_gnu test_dbm_ndbm test_readline test_ssl test_tcl test_tk test_ttk_guionly test_ttk_textonly test_curses test_socketserver test_sqlite test_hashlib test_smtpnet"

# ensurepip-based tests
TESTS="$TESTS test_venv test_ensurepip test_tools"

# and the rest of the newly excluded stuff
TESTS="$TESTS test_urllib test_urllib2 test_urllib2net"

make test TESTOPTS="-u none $TESTS"

%install
make \
    OPT="%{optflags} -fPIC" \
    DESTDIR=$RPM_BUILD_ROOT \
    install

# clean out stuff that is in python-base and subpackages

find $RPM_BUILD_ROOT%{_bindir} -mindepth 1 -not -name "*idle*" -print -delete
rm $RPM_BUILD_ROOT%{_libdir}/lib*
rm -r $RPM_BUILD_ROOT%{_libdir}/pkgconfig
rm -r $RPM_BUILD_ROOT%{_mandir}/*
rm -r $RPM_BUILD_ROOT%{_includedir}/*

rm -r $RPM_BUILD_ROOT%{sitedir}/config*
find $RPM_BUILD_ROOT%{sitedir} -name "*.egg-info" -exec rm {} ";"
rm -r $RPM_BUILD_ROOT%{sitedir}/__pycache__
rm -r $RPM_BUILD_ROOT%{sitedir}/site-packages
rm $RPM_BUILD_ROOT%{sitedir}/*.*

for module in \
    asyncio ctypes collections concurrent distutils email encodings \
    html http \
    importlib json logging multiprocessing plat-* pydoc_data unittest \
    urllib venv wsgiref lib2to3 test turtledemo
do
    rm -r $RPM_BUILD_ROOT%{sitedir}/$module
done

for library in \
    array audioop binascii _bisect _bz2 cmath _codecs_* _crypt _csv \
    _ctypes _datetime _decimal fcntl grp _heapq _json _lsprof \
    _lzma math mmap _multibytecodec _multiprocessing nis _opcode ossaudiodev \
    parser _pickle _posixsubprocess _random resource select _socket spwd \
    _struct syslog termios _testbuffer _testimportmultiple time unicodedata zlib \
    _ctypes_test _testcapi xxlimited \
    _md5 _sha1 _sha256 _sha512
do
    eval rm "$RPM_BUILD_ROOT%{sitedir}/lib-dynload/$library.*"
done

# Idle is not packaged in base due to the appstream-glib dependency
# move idle config into /etc
install -d -m 755 %{buildroot}%{_sysconfdir}/idle3
(
    cd %{buildroot}/%{sitedir}/idlelib/
    for file in *.def ; do
        mv $file %{buildroot}%{_sysconfdir}/idle3/
        ln -sf %{_sysconfdir}/idle3/$file  %{buildroot}/%{sitedir}/idlelib/
    done
)

# install idle icons
for size in 16 32 48 ; do
    install -m 644 -D Lib/idlelib/Icons/idle_${size}.png \
    %{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/idle3.png
done

# install idle desktop file
install -m 644 -D -t %{buildroot}%{_datadir}/applications %{SOURCE20}
%suse_update_desktop_file idle3

install -m 644 -D -t %{buildroot}%{_datadir}/metainfo %{SOURCE21}

%fdupes $RPM_BUILD_ROOT/%{_libdir}/python%{python_version}

%files tk
%defattr(644, root, root, 755)
%{sitedir}/tkinter
%exclude %{sitedir}/tkinter/test
%{dynlib _tkinter}

%files curses
%defattr(644, root, root, 755)
%{sitedir}/curses
%{dynlib _curses}
%{dynlib _curses_panel}

%files dbm
%defattr(644, root, root, 755)
%{sitedir}/dbm
%{dynlib _dbm}
%{dynlib _gdbm}

%files
%defattr(644, root, root, 755)
%dir %{sitedir}
%dir %{sitedir}/lib-dynload
%{sitedir}/ensurepip
%{sitedir}/sqlite3
%exclude %{sitedir}/sqlite3/test
%{sitedir}/xml
%{sitedir}/xmlrpc
%{dynlib _elementtree}
%{dynlib _hashlib}
%{dynlib pyexpat}
%{dynlib readline}
%{dynlib _sqlite3}
%{dynlib _ssl}

%files idle
%defattr(644, root, root, 755)
%{sitedir}/idlelib
%dir %{_sysconfdir}/idle3
%config %{_sysconfdir}/idle3/*
%doc Lib/idlelib/NEWS.txt
%doc Lib/idlelib/README.txt
%doc Lib/idlelib/TODO.txt
%doc Lib/idlelib/extend.txt
%doc Lib/idlelib/ChangeLog
%{_bindir}/idle3
%{_datadir}/applications/idle3.desktop
%dir %{_datadir}/metainfo
%{_datadir}/metainfo/idle3.appdata.xml
%{_datadir}/icons/hicolor/*/apps/idle3.png
%dir %{_datadir}/icons/hicolor
%dir %{_datadir}/icons/hicolor/16x16
%dir %{_datadir}/icons/hicolor/32x32
%dir %{_datadir}/icons/hicolor/48x48
%dir %{_datadir}/icons/hicolor/*/apps
%attr(755, root, root) %{_bindir}/idle%{python_version}

%changelog

Places

File python3.spec of Package python3-doc.26005

Places