diff --git a/00251-change-user-install-location.patch b/00251-change-user-install-location.patch index dc9c257d193ae512746e847f124864c9f04d2361..53096ec807fccfab6459042ae18f3067bc2062c8 100644 --- a/00251-change-user-install-location.patch +++ b/00251-change-user-install-location.patch @@ -28,11 +28,11 @@ Co-authored-by: Miro Hrončok Co-authored-by: Michal Cyprian Co-authored-by: Lumír Balhar --- - Lib/distutils/command/install.py | 8 +++-- + Lib/distutils/command/install.py | 8 ++++-- Lib/site.py | 9 +++++- - Lib/sysconfig.py | 53 +++++++++++++++++++++++++++++++- - Lib/test/test_sysconfig.py | 17 ++++++++-- - 4 files changed, 81 insertions(+), 6 deletions(-) + Lib/sysconfig.py | 49 +++++++++++++++++++++++++++++++- + Lib/test/test_sysconfig.py | 17 +++++++++-- + 4 files changed, 77 insertions(+), 6 deletions(-) diff --git a/Lib/distutils/command/install.py b/Lib/distutils/command/install.py index 01d5331a63..79f70f0de4 100644 @@ -61,10 +61,10 @@ index 01d5331a63..79f70f0de4 100644 else: if self.exec_prefix is None: diff --git a/Lib/site.py b/Lib/site.py -index 939893eb5e..d1316c3355 100644 +index 69670d9d7f..104cb93899 100644 --- a/Lib/site.py +++ b/Lib/site.py -@@ -380,8 +380,15 @@ def getsitepackages(prefixes=None): +@@ -377,8 +377,15 @@ def getsitepackages(prefixes=None): return sitepackages def addsitepackages(known_paths, prefixes=None): @@ -82,27 +82,22 @@ index 939893eb5e..d1316c3355 100644 if os.path.isdir(sitedir): addsitedir(sitedir, known_paths) diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py -index daf9f00006..10368c92a7 100644 +index ebe3711827..55af57b335 100644 --- a/Lib/sysconfig.py +++ b/Lib/sysconfig.py -@@ -58,6 +58,16 @@ - }, - } +@@ -103,6 +103,11 @@ + else: + _INSTALL_SCHEMES['venv'] = _INSTALL_SCHEMES['posix_venv'] +# For a brief period of time in the Fedora 36 life cycle, +# this installation scheme existed and was documented in the release notes. +# For backwards compatibility, we keep it here (at least on 3.10 and 3.11). +_INSTALL_SCHEMES['rpm_prefix'] = _INSTALL_SCHEMES['posix_prefix'] -+# Virtualenv >= 20.10.0 favors the "venv" scheme over the defaults when creating virtual environments. -+# See: https://github.com/pypa/virtualenv/commit/8da79db86d8a5c74d03667a40e64ff832076445e -+# See: https://bugs.python.org/issue45413 -+# "venv" should be the same as the posix_prefix for us, -+# so new virtual environments aren't created with paths like venv/local/bin/python. -+_INSTALL_SCHEMES['venv'] = _INSTALL_SCHEMES['posix_prefix'] ++ # NOTE: site.py has copy of this function. # Sync it when modify this function. -@@ -117,6 +127,19 @@ def joinuser(*args): +@@ -162,6 +167,19 @@ def joinuser(*args): }, } @@ -122,7 +117,7 @@ index daf9f00006..10368c92a7 100644 _SCHEME_KEYS = ('stdlib', 'platstdlib', 'purelib', 'platlib', 'include', 'scripts', 'data') -@@ -211,11 +234,39 @@ def _extend_dict(target_dict, other_dict): +@@ -258,11 +276,40 @@ def _extend_dict(target_dict, other_dict): target_dict[key] = value @@ -160,14 +155,15 @@ index daf9f00006..10368c92a7 100644 + _extend_dict(vars, _config_vars_local()) + else: + _extend_dict(vars, get_config_vars()) - - for key, value in _INSTALL_SCHEMES[scheme].items(): - if os.name in ('posix', 'nt'): ++ + if os.name == 'nt': + # On Windows we want to substitute 'lib' for schemes rather + # than the native value (without modifying vars, in case it diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py -index 5ee9839c04..16e92ca86f 100644 +index d96371d242..72b028435f 100644 --- a/Lib/test/test_sysconfig.py +++ b/Lib/test/test_sysconfig.py -@@ -105,8 +105,19 @@ def test_get_path(self): +@@ -111,8 +111,19 @@ def test_get_path(self): for scheme in _INSTALL_SCHEMES: for name in _INSTALL_SCHEMES[scheme]: expected = _INSTALL_SCHEMES[scheme][name].format(**config_vars) @@ -188,16 +184,16 @@ index 5ee9839c04..16e92ca86f 100644 os.path.normpath(expected), ) -@@ -263,7 +274,7 @@ def test_get_config_h_filename(self): +@@ -336,7 +347,7 @@ def test_get_config_h_filename(self): self.assertTrue(os.path.isfile(config_h), config_h) def test_get_scheme_names(self): -- wanted = ['nt', 'posix_home', 'posix_prefix'] -+ wanted = ['nt', 'posix_home', 'posix_prefix', 'rpm_prefix', 'venv'] +- wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv'] ++ wanted = ['nt', 'posix_home', 'posix_prefix', 'posix_venv', 'nt_venv', 'venv', 'rpm_prefix'] if HAS_USER_BASE: wanted.extend(['nt_user', 'osx_framework_user', 'posix_user']) self.assertEqual(get_scheme_names(), tuple(sorted(wanted))) -@@ -274,6 +285,8 @@ def test_symlink(self): # Issue 7880 +@@ -348,6 +359,8 @@ def test_symlink(self): # Issue 7880 cmd = "-c", "import sysconfig; print(sysconfig.get_platform())" self.assertEqual(py.call_real(*cmd), py.call_link(*cmd)) diff --git a/Python-3.10.9.tar.xz b/Python-3.11.4.tar.xz similarity index 67% rename from Python-3.10.9.tar.xz rename to Python-3.11.4.tar.xz index 3c2c355c2f277923ea132d2341fa2b1dd07e090a..e5c5a9d9ab36c6be69a0ddd162415885604c10f0 100644 Binary files a/Python-3.10.9.tar.xz and b/Python-3.11.4.tar.xz differ diff --git a/backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch b/backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch deleted file mode 100644 index fc51a07f8ea004f82d78503a51d6a329f5254f55..0000000000000000000000000000000000000000 --- a/backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 439b9cfaf43080e91c4ad69f312f21fa098befc7 Mon Sep 17 00:00:00 2001 -From: Ben Kallus <49924171+kenballus@users.noreply.github.com> -Date: Sun, 13 Nov 2022 18:25:55 +0000 -Subject: [PATCH] gh-99418: Make urllib.parse.urlparse enforce that a scheme - must begin with an alphabetical ASCII character. (#99421) - -Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character. - -RFC 3986 defines a scheme like this: `scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )` -RFC 2234 defines an ALPHA like this: `ALPHA = %x41-5A / %x61-7A` - -The WHATWG URL spec defines a scheme like this: -`"A URL-scheme string must be one ASCII alpha, followed by zero or more of ASCII alphanumeric, U+002B (+), U+002D (-), and U+002E (.)."` ---- - Lib/test/test_urlparse.py | 18 ++++++++++++++++++ - Lib/urllib/parse.py | 2 +- - ...22-11-12-15-45-51.gh-issue-99418.FxfAXS.rst | 2 ++ - 3 files changed, 21 insertions(+), 1 deletion(-) - create mode 100644 Misc/NEWS.d/next/Library/2022-11-12-15-45-51.gh-issue-99418.FxfAXS.rst - -diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py -index 31943f3..f42ed9b 100644 ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -665,6 +665,24 @@ class UrlParseTestCase(unittest.TestCase): - with self.assertRaises(ValueError): - p.port - -+ def test_attributes_bad_scheme(self): -+ """Check handling of invalid schemes.""" -+ for bytes in (False, True): -+ for parse in (urllib.parse.urlsplit, urllib.parse.urlparse): -+ for scheme in (".", "+", "-", "0", "http&", "६http"): -+ with self.subTest(bytes=bytes, parse=parse, scheme=scheme): -+ url = scheme + "://www.example.net" -+ if bytes: -+ if url.isascii(): -+ url = url.encode("ascii") -+ else: -+ continue -+ p = parse(url) -+ if bytes: -+ self.assertEqual(p.scheme, b"") -+ else: -+ self.assertEqual(p.scheme, "") -+ - def test_attributes_without_netloc(self): - # This example is straight from RFC 3261. It looks like it - # should allow the username, hostname, and port to be filled -diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py -index b7965fe..bd59852 100644 ---- a/Lib/urllib/parse.py -+++ b/Lib/urllib/parse.py -@@ -470,7 +470,7 @@ def urlsplit(url, scheme='', allow_fragments=True): - clear_cache() - netloc = query = fragment = '' - i = url.find(':') -- if i > 0: -+ if i > 0 and url[0].isascii() and url[0].isalpha(): - for c in url[:i]: - if c not in scheme_chars: - break -diff --git a/Misc/NEWS.d/next/Library/2022-11-12-15-45-51.gh-issue-99418.FxfAXS.rst b/Misc/NEWS.d/next/Library/2022-11-12-15-45-51.gh-issue-99418.FxfAXS.rst -new file mode 100644 -index 0000000..0a06e7c ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2022-11-12-15-45-51.gh-issue-99418.FxfAXS.rst -@@ -0,0 +1,2 @@ -+Fix bug in :func:`urllib.parse.urlparse` that causes URL schemes that begin -+with a digit, a plus sign, or a minus sign to be parsed incorrectly. --- -2.33.0 - diff --git a/fix-CVE-2023-24329.patch b/fix-CVE-2023-24329.patch deleted file mode 100644 index 522a5ec6e3ee16b84f68be0b182223a6d8c0a0ad..0000000000000000000000000000000000000000 --- a/fix-CVE-2023-24329.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 1bad5b2ebc2f3cb663ce425b9979b4ec4dce27b2 Mon Sep 17 00:00:00 2001 -From: shixuantong -Date: Thu, 6 Apr 2023 03:30:44 +0000 -Subject: [PATCH] fix CVE-2023-24329 - ---- - Lib/test/test_urlparse.py | 7 +++++++ - Lib/urllib/parse.py | 2 +- - 2 files changed, 8 insertions(+), 1 deletion(-) - -diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py -index f42ed9b..b310017 100644 ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -683,6 +683,13 @@ class UrlParseTestCase(unittest.TestCase): - else: - self.assertEqual(p.scheme, "") - -+ def test_attributes_bad_scheme_CVE_2023_24329(self): -+ """Check handling of invalid schemes that starts with blank characters.""" -+ for parse in (urllib.parse.urlsplit, urllib.parse.urlparse): -+ url = " https://www.example.net" -+ p = parse(url) -+ self.assertEqual(p.scheme, "https") -+ - def test_attributes_without_netloc(self): - # This example is straight from RFC 3261. It looks like it - # should allow the username, hostname, and port to be filled -diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py -index bd59852..7eb3ad8 100644 ---- a/Lib/urllib/parse.py -+++ b/Lib/urllib/parse.py -@@ -454,7 +454,7 @@ def urlsplit(url, scheme='', allow_fragments=True): - - Note that % escapes are not expanded. - """ -- -+ url = url.lstrip() - url, scheme, _coerce_result = _coerce_args(url, scheme) - - for b in _UNSAFE_URL_BYTES_TO_REMOVE: --- -2.33.0 - diff --git a/python3.spec b/python3.spec index d1f7d4c7f8dab185e9df5173081031cd12067bc5..c008b81d9c5c279bea52344d7da9cc292a57f52a 100644 --- a/python3.spec +++ b/python3.spec @@ -2,12 +2,12 @@ Name: python3 Summary: Interpreter of the Python3 programming language URL: https://www.python.org/ -Version: 3.10.9 -Release: 4 +Version: 3.11.4 +Release: 1 License: Python-2.0 -%global branchversion 3.10 -%global pyshortver 310 +%global branchversion 3.11 +%global pyshortver 311 %ifarch %{ix86} x86_64 %bcond_with optimizations @@ -87,13 +87,12 @@ Source1: pyconfig.h Patch1: 00001-rpath.patch Patch251: 00251-change-user-install-location.patch -Patch6000: backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch Patch9000: add-the-sm3-method-for-obtaining-the-salt-value.patch -Patch9001: fix-CVE-2023-24329.patch Provides: python%{branchversion} = %{version}-%{release} Provides: python(abi) = %{branchversion} +Provides: python(abi) = 3.10 Provides: python%{pyshortver} = %{version}-%{release} Obsoletes: python%{pyshortver} @@ -184,10 +183,8 @@ rm configure pyconfig.h.in %patch1 -p1 %patch251 -p1 -%patch6000 -p1 %patch9000 -p1 -%patch9001 -p1 %build autoconf @@ -396,6 +393,8 @@ ln -s %{_bindir}/python3 %{buildroot}%{_bindir}/python mv %{buildroot}%{_bindir}/2to3-%{branchversion} %{buildroot}%{_bindir}/2to3 +cp -a %{_libdir}/libpython3.10.so.1.0 ${RPM_BUILD_ROOT}%{_libdir} + %check topdir=$(pwd) @@ -415,7 +414,8 @@ LD_LIBRARY_PATH=$(pwd)/build/debug $(pwd)/build/debug/python -m test.regrtest \ -x test_bdist_rpm \ -x test_gdb \ -x test_socket \ - -x test_asyncio + -x test_asyncio \ + -i test_freeze_simple_script export OPENSSL_CONF=/non-existing-file LD_LIBRARY_PATH=$(pwd)/build/optimized $(pwd)/build/optimized/python -m test.pythoninfo @@ -427,7 +427,8 @@ LD_LIBRARY_PATH=$(pwd)/build/optimized $(pwd)/build/optimized/python -m test.reg -x test_bdist_rpm \ -x test_gdb \ -x test_socket \ - -x test_asyncio + -x test_asyncio \ + -i test_freeze_simple_script export BEP_WHITELIST="$BEP_WHITELIST_TMP" export BEP_GTDLIST="$BEP_GTDLIST_TMP" @@ -473,6 +474,11 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %exclude %{pylibdir}/ensurepip/_bundled +%dir %{pylibdir}/__phello__/ +%dir %{pylibdir}/__phello__/__pycache__/ +%{pylibdir}/__phello__/*.py +%{pylibdir}/__phello__/__pycache__/*%{bytecode_suffixes} + %dir %{pylibdir}/test/ %dir %{pylibdir}/test/__pycache__/ %dir %{pylibdir}/test/support/ @@ -536,6 +542,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{dynload_dir}/_sqlite3.%{SOABI_optimized}.so %{dynload_dir}/_ssl.%{SOABI_optimized}.so %{dynload_dir}/_struct.%{SOABI_optimized}.so +%{dynload_dir}/_typing.%{SOABI_optimized}.so %{dynload_dir}/array.%{SOABI_optimized}.so %{dynload_dir}/audioop.%{SOABI_optimized}.so %{dynload_dir}/binascii.%{SOABI_optimized}.so @@ -564,6 +571,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{dynload_dir}/_xxsubinterpreters.%{SOABI_optimized}.so %{dynload_dir}/_zoneinfo.%{SOABI_optimized}.so %{dynload_dir}/xxlimited_35.%{SOABI_optimized}.so +%{dynload_dir}/_testclinic.%{SOABI_optimized}.so %dir %{pylibdir}/site-packages/ %dir %{pylibdir}/site-packages/__pycache__/ @@ -618,6 +626,11 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %dir %{pylibdir}/importlib/metadata/__pycache__/ %{pylibdir}/importlib/metadata/ +%dir %{pylibdir}/importlib/resources/ +%dir %{pylibdir}/importlib/resources/__pycache__/ +%{pylibdir}/importlib/resources/*.py +%{pylibdir}/importlib/resources/__pycache__/*%{bytecode_suffixes} + %dir %{pylibdir}/json/ %dir %{pylibdir}/json/__pycache__/ %{pylibdir}/json/*.py @@ -626,6 +639,16 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{pylibdir}/logging %{pylibdir}/multiprocessing +%dir %{pylibdir}/re/ +%dir %{pylibdir}/re/__pycache__/ +%{pylibdir}/re/*.py +%{pylibdir}/re/__pycache__/*%{bytecode_suffixes} + +%dir %{pylibdir}/tomllib/ +%dir %{pylibdir}/tomllib/__pycache__/ +%{pylibdir}/tomllib/*.py +%{pylibdir}/tomllib/__pycache__/*%{bytecode_suffixes} + %dir %{pylibdir}/sqlite3/ %dir %{pylibdir}/sqlite3/__pycache__/ %{pylibdir}/sqlite3/*.py @@ -649,6 +672,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{_libdir}/%{py_INSTSONAME_optimized} %{_libdir}/libpython3.so +%{_libdir}/libpython3.10.so.1.0 %files -n python3-unversioned-command %{_bindir}/python @@ -687,7 +711,6 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{pylibdir}/ctypes/test %{pylibdir}/distutils/tests -%{pylibdir}/sqlite3/test %{pylibdir}/test %exclude %{pylibdir}/test/capath %exclude %{pylibdir}/test/*.pem @@ -765,6 +788,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{dynload_dir}/_sqlite3.%{SOABI_debug}.so %{dynload_dir}/_ssl.%{SOABI_debug}.so %{dynload_dir}/_struct.%{SOABI_debug}.so +%{dynload_dir}/_typing.%{SOABI_debug}.so %{dynload_dir}/array.%{SOABI_debug}.so %{dynload_dir}/audioop.%{SOABI_debug}.so %{dynload_dir}/binascii.%{SOABI_debug}.so @@ -794,6 +818,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{dynload_dir}/_zoneinfo.%{SOABI_debug}.so %{dynload_dir}/xxlimited.%{SOABI_debug}.so %{dynload_dir}/xxlimited_35.%{SOABI_debug}.so +%{dynload_dir}/_testclinic.%{SOABI_debug}.so %{_libdir}/%{py_INSTSONAME_debug} @@ -820,6 +845,12 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP" %{_mandir}/*/* %changelog +* Fri Jun 30 2023 zhuofeng - 3.11.4-1 +- Type:enhancement +- CVE:NA +- SUG:NA +- DESC:update version to 3.11.4 + * Thu Jun 01 2023 Chenxi Mao - 3.10.9-4 - Type:enhancement - CVE:NA