|
|
|
|
@ -14,7 +14,7 @@ URL: https://www.python.org/
|
|
|
|
|
# WARNING When rebasing to a new Python version,
|
|
|
|
|
# remember to update the python3-docs package as well
|
|
|
|
|
Version: %{pybasever}.8
|
|
|
|
|
Release: 51%{?dist}.2
|
|
|
|
|
Release: 56%{?dist}
|
|
|
|
|
License: Python
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -765,6 +765,19 @@ Patch387: 00387-cve-2020-10735-prevent-dos-by-very-large-int.patch
|
|
|
|
|
# the behavior to linear.
|
|
|
|
|
Patch394: 00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch
|
|
|
|
|
|
|
|
|
|
# 00397 #
|
|
|
|
|
# Add filters for tarfile extraction (CVE-2007-4559, PEP-706)
|
|
|
|
|
# The first patches in the file backport the upstream fix:
|
|
|
|
|
# - https://github.com/python/cpython/pull/104583
|
|
|
|
|
# (see the linked issue for merged backports)
|
|
|
|
|
# Next-to-last patch fixes determination of symlink targets, which were treated
|
|
|
|
|
# as relative to the root of the archive,
|
|
|
|
|
# rather than the directory containing the symlink.
|
|
|
|
|
# Not yet upstream as of this writing.
|
|
|
|
|
# The last patch is Red Hat configuration, see KB for documentation:
|
|
|
|
|
# - https://access.redhat.com/articles/7004769
|
|
|
|
|
Patch397: 00397-tarfile-filter.patch
|
|
|
|
|
|
|
|
|
|
# 00399 #
|
|
|
|
|
# CVE-2023-24329
|
|
|
|
|
#
|
|
|
|
|
@ -1003,6 +1016,7 @@ configuration, browsers, and other dialogs.
|
|
|
|
|
%package tkinter
|
|
|
|
|
Summary: A GUI toolkit for Python
|
|
|
|
|
Requires: platform-python = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
%description tkinter
|
|
|
|
|
The Tkinter (Tk interface) library is a graphical user interface toolkit for
|
|
|
|
|
@ -1134,6 +1148,7 @@ git apply %{PATCH351}
|
|
|
|
|
%patch386 -p1
|
|
|
|
|
%patch387 -p1
|
|
|
|
|
%patch394 -p1
|
|
|
|
|
%patch397 -p1
|
|
|
|
|
%patch399 -p1
|
|
|
|
|
%patch404 -p1
|
|
|
|
|
|
|
|
|
|
@ -2067,14 +2082,26 @@ fi
|
|
|
|
|
# ======================================================
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Wed Sep 27 2023 Masahiro Matsuya <mmatsuya@redhat.com> - 3.6.8-51.2
|
|
|
|
|
* Thu Sep 07 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-56
|
|
|
|
|
- Security fix for CVE-2023-40217
|
|
|
|
|
Resolves: RHEL-2933
|
|
|
|
|
Resolves: RHEL-3041
|
|
|
|
|
|
|
|
|
|
* Wed Aug 09 2023 Petr Viktorin <pviktori@redhat.com> - 3.6.8-55
|
|
|
|
|
- Fix symlink handling in the fix for CVE-2007-4559
|
|
|
|
|
Resolves: rhbz#263261
|
|
|
|
|
|
|
|
|
|
* Wed May 31 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-51.1
|
|
|
|
|
* Fri Jul 07 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-54
|
|
|
|
|
- Bump release for rebuild
|
|
|
|
|
Resolves: rhbz#2173917
|
|
|
|
|
|
|
|
|
|
* Fri Jun 30 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-53
|
|
|
|
|
- Security fix for CVE-2023-24329
|
|
|
|
|
Resolves: rhbz#2173917
|
|
|
|
|
|
|
|
|
|
* Tue Jun 06 2023 Petr Viktorin <pviktori@redhat.com> - 3.6.8-52
|
|
|
|
|
- Add filters for tarfile extraction (CVE-2007-4559, PEP-706)
|
|
|
|
|
Resolves: rhbz#263261
|
|
|
|
|
|
|
|
|
|
* Tue Jan 24 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-51
|
|
|
|
|
- Properly strip the LTO bytecode from python.o
|
|
|
|
|
Resolves: rhbz#2137707
|
|
|
|
|
|
MSVSphere Packaging Team
1 year ago