import python3-3.6.8-56.el8_9

c8 imports/c8/python3-3.6.8-56.el8_9
MSVSphere Packaging Team 1 year ago
parent 9a0a6ab27c
commit 6ad02b3763

File diff suppressed because it is too large Load Diff

@ -14,7 +14,7 @@ URL: https://www.python.org/
# WARNING When rebasing to a new Python version, # WARNING When rebasing to a new Python version,
# remember to update the python3-docs package as well # remember to update the python3-docs package as well
Version: %{pybasever}.8 Version: %{pybasever}.8
Release: 51%{?dist}.2 Release: 56%{?dist}
License: Python License: Python
@ -765,6 +765,19 @@ Patch387: 00387-cve-2020-10735-prevent-dos-by-very-large-int.patch
# the behavior to linear. # the behavior to linear.
Patch394: 00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch Patch394: 00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch
# 00397 #
# Add filters for tarfile extraction (CVE-2007-4559, PEP-706)
# The first patches in the file backport the upstream fix:
# - https://github.com/python/cpython/pull/104583
# (see the linked issue for merged backports)
# Next-to-last patch fixes determination of symlink targets, which were treated
# as relative to the root of the archive,
# rather than the directory containing the symlink.
# Not yet upstream as of this writing.
# The last patch is Red Hat configuration, see KB for documentation:
# - https://access.redhat.com/articles/7004769
Patch397: 00397-tarfile-filter.patch
# 00399 # # 00399 #
# CVE-2023-24329 # CVE-2023-24329
# #
@ -1003,6 +1016,7 @@ configuration, browsers, and other dialogs.
%package tkinter %package tkinter
Summary: A GUI toolkit for Python Summary: A GUI toolkit for Python
Requires: platform-python = %{version}-%{release} Requires: platform-python = %{version}-%{release}
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description tkinter %description tkinter
The Tkinter (Tk interface) library is a graphical user interface toolkit for The Tkinter (Tk interface) library is a graphical user interface toolkit for
@ -1134,6 +1148,7 @@ git apply %{PATCH351}
%patch386 -p1 %patch386 -p1
%patch387 -p1 %patch387 -p1
%patch394 -p1 %patch394 -p1
%patch397 -p1
%patch399 -p1 %patch399 -p1
%patch404 -p1 %patch404 -p1
@ -2067,14 +2082,26 @@ fi
# ====================================================== # ======================================================
%changelog %changelog
* Wed Sep 27 2023 Masahiro Matsuya <mmatsuya@redhat.com> - 3.6.8-51.2 * Thu Sep 07 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-56
- Security fix for CVE-2023-40217 - Security fix for CVE-2023-40217
Resolves: RHEL-2933 Resolves: RHEL-3041
* Wed Aug 09 2023 Petr Viktorin <pviktori@redhat.com> - 3.6.8-55
- Fix symlink handling in the fix for CVE-2007-4559
Resolves: rhbz#263261
* Wed May 31 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-51.1 * Fri Jul 07 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-54
- Bump release for rebuild
Resolves: rhbz#2173917
* Fri Jun 30 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-53
- Security fix for CVE-2023-24329 - Security fix for CVE-2023-24329
Resolves: rhbz#2173917 Resolves: rhbz#2173917
* Tue Jun 06 2023 Petr Viktorin <pviktori@redhat.com> - 3.6.8-52
- Add filters for tarfile extraction (CVE-2007-4559, PEP-706)
Resolves: rhbz#263261
* Tue Jan 24 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-51 * Tue Jan 24 2023 Charalampos Stratakis <cstratak@redhat.com> - 3.6.8-51
- Properly strip the LTO bytecode from python.o - Properly strip the LTO bytecode from python.o
Resolves: rhbz#2137707 Resolves: rhbz#2137707

Loading…
Cancel
Save