PR#196: Update to 3.7.9 - rpms/python3

rpms / python3

#196 Update to 3.7.9

Merged 3 years ago by churchyard. Opened 3 years ago by thrnciar.

rpms/ thrnciar/python3 f31-auto-thrnciar-update-to-3-7-9 into f31

Update to 3.7.9

Tomas Hrnciar • 3 years ago

bc74407

00102-lib64.patch

file modified

+6 -6

		`@@ -138,7 +138,7 @@`
		`'scripts': '{userbase}/bin',`
		`'data': '{userbase}',`
		`diff --git a/Lib/test/test_site.py b/Lib/test/test_site.py`
		`- index 6def4e59f4..6e427bf6e2 100644`
		`+ index 8815c83998..3b0d941f3d 100644`
		`--- a/Lib/test/test_site.py`
		`+++ b/Lib/test/test_site.py`
		`@@ -270,8 +270,8 @@ class HelperFunctionsTests(unittest.TestCase):`
		`@@ -166,7 +166,7 @@`

		`# Detailed destination directories`
		`diff --git a/Modules/getpath.c b/Modules/getpath.c`
		`- index ba8d74b4a0..198e8f086e 100644`
		`+ index 35f9e31d1e..eef7eae8ad 100644`
		`--- a/Modules/getpath.c`
		`+++ b/Modules/getpath.c`
		`@@ -535,7 +535,7 @@ calculate_exec_prefix(const _PyCoreConfig *core_config,`
		`@@ -178,7 +178,7 @@`
		`}`
		`/* If we found EXEC_PREFIX do not reduce it! (Yet.) */`
		`}`
		`- @@ -787,7 +787,7 @@ calculate_zip_path(PyCalculatePath calculate, const wchar_t prefix)`
		`+ @@ -783,7 +783,7 @@ calculate_zip_path(PyCalculatePath calculate, const wchar_t prefix)`
		`else {`
		`wcsncpy(calculate->zip_path, calculate->prefix, MAXPATHLEN);`
		`}`
		`@@ -187,7 +187,7 @@`

		`/* Replace "00" with version */`
		`size_t bufsz = wcslen(calculate->zip_path);`
		`- @@ -912,7 +912,7 @@ calculate_init(PyCalculatePath *calculate,`
		`+ @@ -908,7 +908,7 @@ calculate_init(PyCalculatePath *calculate,`
		`if (!calculate->exec_prefix) {`
		`return DECODE_LOCALE_ERR("EXEC_PREFIX define", len);`
		`}`
		`@@ -197,10 +197,10 @@`
		`return DECODE_LOCALE_ERR("EXEC_PREFIX define", len);`
		`}`
		`diff --git a/configure.ac b/configure.ac`
		`- index 805c0bba08..6f11a6df5b 100644`
		`+ index f1cc8e9bcb..4c78a515a8 100644`
		`--- a/configure.ac`
		`+++ b/configure.ac`
		`- @@ -4772,9 +4772,9 @@ AC_MSG_RESULT($LDVERSION)`
		`+ @@ -4775,9 +4775,9 @@ AC_MSG_RESULT($LDVERSION)`
		`dnl define LIBPL after ABIFLAGS and LDVERSION is defined.`
		`AC_SUBST(PY_ENABLE_SHARED)`
		`if test x$PLATFORM_TRIPLET = x; then`

00274-fix-arch-names.patch

file modified

+1 -1

		`@@ -29,7 +29,7 @@`
		`ppc64le \| powerpc64little)`
		`basic_machine=powerpc64le-unknown`
		`diff --git a/configure.ac b/configure.ac`
		`- index 6f11a6df5b..13340da7c8 100644`
		`+ index 4c78a515a8..98d0a1ef65 100644`
		`--- a/configure.ac`
		`+++ b/configure.ac`
		`@@ -765,9 +765,9 @@ cat >> conftest.c <<EOF`

00351-avoid-infinite-loop-in-the-tarfile-module.patch

file removed

-67

		`@@ -1,67 +0,0 @@`
		`- From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
		`- From: "Miss Islington (bot)"`
		`- <31488909+miss-islington@users.noreply.github.com>`
		`- Date: Wed, 15 Jul 2020 05:35:08 -0700`
		`- Subject: [PATCH] 00351: Avoid infinite loop in the tarfile module`
		`-`
		`- Avoid infinite loop when reading specially crafted TAR files using the tarfile module`
		`- (CVE-2019-20907).`
		`- Fixed upstream: https://bugs.python.org/issue39017`
		`- ---`
		`- Lib/tarfile.py \| 2 ++`
		`- Lib/test/recursion.tar \| Bin 0 -> 516 bytes`
		`- Lib/test/test_tarfile.py \| 7 +++++++`
		`- .../2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst \| 1 +`
		`- 4 files changed, 10 insertions(+)`
		`- create mode 100644 Lib/test/recursion.tar`
		`- create mode 100644 Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst`
		`-`
		`- diff --git a/Lib/tarfile.py b/Lib/tarfile.py`
		`- index 3b596cbf49..3be5188c8b 100755`
		`- --- a/Lib/tarfile.py`
		`- +++ b/Lib/tarfile.py`
		`- @@ -1233,6 +1233,8 @@ class TarInfo(object):`
		`-`
		`- length, keyword = match.groups()`
		`- length = int(length)`
		`- + if length == 0:`
		`- + raise InvalidHeaderError("invalid header")`
		`- value = buf[match.end(2) + 1:match.start(1) + length - 1]`
		`-`
		`- # Normally, we could just use "utf-8" as the encoding and "strict"`
		`- diff --git a/Lib/test/recursion.tar b/Lib/test/recursion.tar`
		`- new file mode 100644`
		`- index 0000000000000000000000000000000000000000..b8237251964983f54ed1966297e887636cd0c5f4`
		`- GIT binary patch`
		`- literal 516`
		`- zcmYdFPRz+kEn=W0Fn}74P8%Xw3X=l~85kIuo0>8xq$A1Gm}!7)KUsFc41m#O8A5+e`
		`- I1_}\|j06>QaCIA2c`
		`-`
		`- literal 0`
		`- HcmV?d00001`
		`-`
		`- diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py`
		`- index 5e4d75ecfc..9133d60e49 100644`
		`- --- a/Lib/test/test_tarfile.py`
		`- +++ b/Lib/test/test_tarfile.py`
		`- @@ -395,6 +395,13 @@ class CommonReadTest(ReadTest):`
		`- with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"):`
		`- tar.extractfile(t).read()`
		`-`
		`- + def test_length_zero_header(self):`
		`- + # bpo-39017 (CVE-2019-20907): reading a zero-length header should fail`
		`- + # with an exception`
		`- + with self.assertRaisesRegex(tarfile.ReadError, "file could not be opened successfully"):`
		`- + with tarfile.open(support.findfile('recursion.tar')) as tar:`
		`- + pass`
		`- +`
		`- class MiscReadTestBase(CommonReadTest):`
		`- def requires_name_attribute(self):`
		`- pass`
		`- diff --git a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst`
		`- new file mode 100644`
		`- index 0000000000..ad26676f8b`
		`- --- /dev/null`
		`- +++ b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst`
		`- @@ -0,0 +1 @@`
		`- +Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907).`

00352-resolve-hash-collisions-for-ipv4interface-and-ipv6interface.patch

file removed

-70

		`@@ -1,70 +0,0 @@`
		`- From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
		`- From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>`
		`- Date: Wed, 1 Jul 2020 00:50:21 +0530`
		`- Subject: [PATCH] 00352: Resolve hash collisions for IPv4Interface and`
		`- IPv6Interface`
		`-`
		`- CVE-2020-14422`
		`- The hash() methods of classes IPv4Interface and IPv6Interface had issue`
		`- of generating constant hash values of 32 and 128 respectively causing hash collisions.`
		`- The fix uses the hash() function to generate hash values for the objects`
		`- instead of XOR operation.`
		`- Fixed upstream: https://bugs.python.org/issue41004`
		`- ---`
		`- Lib/ipaddress.py \| 4 ++--`
		`- Lib/test/test_ipaddress.py \| 11 +++++++++++`
		`- .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst \| 1 +`
		`- 3 files changed, 14 insertions(+), 2 deletions(-)`
		`- create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst`
		`-`
		`- diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py`
		`- index 80249288d7..54882934c3 100644`
		`- --- a/Lib/ipaddress.py`
		`- +++ b/Lib/ipaddress.py`
		`- @@ -1442,7 +1442,7 @@ class IPv4Interface(IPv4Address):`
		`- return False`
		`-`
		`- def __hash__(self):`
		`- - return self._ip ^ self._prefixlen ^ int(self.network.network_address)`
		`- + return hash((self._ip, self._prefixlen, int(self.network.network_address)))`
		`-`
		`- __reduce__ = _IPAddressBase.__reduce__`
		`-`
		`- @@ -2088,7 +2088,7 @@ class IPv6Interface(IPv6Address):`
		`- return False`
		`-`
		`- def __hash__(self):`
		`- - return self._ip ^ self._prefixlen ^ int(self.network.network_address)`
		`- + return hash((self._ip, self._prefixlen, int(self.network.network_address)))`
		`-`
		`- __reduce__ = _IPAddressBase.__reduce__`
		`-`
		`- diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py`
		`- index 455b893fb1..1fb6a929dc 100644`
		`- --- a/Lib/test/test_ipaddress.py`
		`- +++ b/Lib/test/test_ipaddress.py`
		`- @@ -2091,6 +2091,17 @@ class IpaddrUnitTest(unittest.TestCase):`
		`- sixtofouraddr.sixtofour)`
		`- self.assertFalse(bad_addr.sixtofour)`
		`-`
		`- + # issue41004 Hash collisions in IPv4Interface and IPv6Interface`
		`- + def testV4HashIsNotConstant(self):`
		`- + ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")`
		`- + ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")`
		`- + self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())`
		`- +`
		`- + # issue41004 Hash collisions in IPv4Interface and IPv6Interface`
		`- + def testV6HashIsNotConstant(self):`
		`- + ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")`
		`- + ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")`
		`- + self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())`
		`-`
		`- if __name__ == '__main__':`
		`- unittest.main()`
		`- diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst`
		`- new file mode 100644`
		`- index 0000000000..f5a9db52ff`
		`- --- /dev/null`
		`- +++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst`
		`- @@ -0,0 +1 @@`
		`- +CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).`

00353-Original-names-for-architectures-with-different-name.patch

file modified

+4 -4

		`@@ -25,10 +25,10 @@`
		`1 file changed, 29 insertions(+), 2 deletions(-)`

		`diff --git a/Lib/importlib/_bootstrap_external.py b/Lib/importlib/_bootstrap_external.py`
		`- index 25a3f8c0e0..db4bb4d02d 100644`
		`+ index 66a16a6839..7d7a9fb25d 100644`
		`--- a/Lib/importlib/_bootstrap_external.py`
		`+++ b/Lib/importlib/_bootstrap_external.py`
		`- @@ -1566,7 +1566,7 @@ def _get_supported_file_loaders():`
		`+ @@ -1484,7 +1484,7 @@ def _get_supported_file_loaders():`

		`Each item is a tuple (loader, suffixes).`
		`"""`
		`@@ -37,7 +37,7 @@`
		`source = SourceFileLoader, SOURCE_SUFFIXES`
		`bytecode = SourcelessFileLoader, BYTECODE_SUFFIXES`
		`return [extensions, source, bytecode]`
		`- @@ -1622,7 +1622,7 @@ def _setup(_bootstrap_module):`
		`+ @@ -1547,7 +1547,7 @@ def _setup(_bootstrap_module):`

		`# Constants`
		`setattr(self_module, '_relax_case', _make_relax_case())`
		`@@ -46,7 +46,7 @@`
		`if builtin_os == 'nt':`
		`SOURCE_SUFFIXES.append('.pyw')`
		`if '_d.pyd' in EXTENSION_SUFFIXES:`
		`- @@ -1635,3 +1635,30 @@ def _install(_bootstrap_module):`
		`+ @@ -1560,3 +1560,30 @@ def _install(_bootstrap_module):`
		`supported_loaders = _get_supported_file_loaders()`
		`sys.path_hooks.extend([FileFinder.path_hook(*supported_loaders)])`
		`sys.meta_path.append(PathFinder)`

python3.spec

file modified

+5 -21

		`@@ -13,11 +13,11 @@`

		`# WARNING When rebasing to a new Python version,`
		`# remember to update the python3-docs package as well`
		`- %global general_version %{pybasever}.8`
		`+ %global general_version %{pybasever}.9`
		`#global prerel rc1`
		`%global upstream_version %{general_version}%{?prerel}`
		`Version: %{general_version}%{?prerel:~%{prerel}}`
		`- Release: 4%{?dist}`
		`+ Release: 1%{?dist}`
		`License: Python`


		`@@ -312,25 +312,6 @@`
		`# In upstream since 3.8: https://bugs.python.org/issue38347`
		`Patch335: 00335-backport-pathfix-change.patch`

		`- # 00351 # 62210578a7157342bd7cbf426f8934da31773c4d`
		`- # Avoid infinite loop in the tarfile module`
		`- #`
		`- # Avoid infinite loop when reading specially crafted TAR files using the tarfile module`
		`- # (CVE-2019-20907).`
		`- # Fixed upstream: https://bugs.python.org/issue39017`
		`- Patch351: 00351-avoid-infinite-loop-in-the-tarfile-module.patch`
		`-`
		`- # 00352 # 5253c417a23b3658fa115d2c72fa54b20293a31c`
		`- # Resolve hash collisions for IPv4Interface and IPv6Interface`
		`- #`
		`- # CVE-2020-14422`
		`- # The hash() methods of classes IPv4Interface and IPv6Interface had issue`
		`- # of generating constant hash values of 32 and 128 respectively causing hash collisions.`
		`- # The fix uses the hash() function to generate hash values for the objects`
		`- # instead of XOR operation.`
		`- # Fixed upstream: https://bugs.python.org/issue41004`
		`- Patch352: 00352-resolve-hash-collisions-for-ipv4interface-and-ipv6interface.patch`
		`-`
		`# 00353 # f3c11e227c715450b3c1e945a5004e84cce41a58`
		`# Original names for architectures with different names downstream`
		`#`
		`@@ -1599,6 +1580,9 @@`
		`# ======================================================`

		`%changelog`
		`+ * Wed Aug 19 2020 Tomas Hrnciar <thrnciar@redhat.com> - 3.7.9-1`
		`+ - Update to 3.7.9`
		`+`
		`* Wed Aug 12 2020 Petr Viktorin <pviktori@redhat.com> - 3.7.8-4`
		`- In sys.version and initial REPL message, list the source commit as "default"`

sources

file modified

+2 -2

		`@@ -1,2 +1,2 @@`
		`- SHA512 (Python-3.7.8.tar.xz) = d2ba299e3cf8ed0f8fed9317f42bcd8d9af7e0e6175939b4be1be289c1658418bed17899e2608d762ffb15575021956cf6bf2054d7863c04b3bd7642f5b8c7ea`
		`- SHA512 (Python-3.7.8.tar.xz.asc) = 83bb0f3a9543af90f932bb06a47dae1e1c08221aaaf2ff0b68ca26cee19f687239549771d6cc97c82d6e3bf9ae7f580ac42f8525596f3c2fdce3b69db578c25c`
		`+ SHA512 (Python-3.7.9.tar.xz) = e4217b25529b5336e43b63d17f3758a8177a58184564cf02bd92a312f58dba9e096485c9e3cb3544f966e847ea15b3ab30ed065d28a6ca52a6d7e0faddf7d9f9`
		`+ SHA512 (Python-3.7.9.tar.xz.asc) = 922da6056029416e1dceefb83723911d5e2cc972d88c0bf1a08c35c8fe11279eb350c44834d2cc5ba94beb9b7655ecae28d8f5b6e3479eea7fcd09f67ec1e1c0`