Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

python3-devel-3.6.12-lp152.4.17.1 RPM for i586

From OpenSuSE Leap 15.2 updates for i586

Name: python3-devel Distribution: openSUSE Leap 15.2
Version: 3.6.12 Vendor: openSUSE
Release: lp152.4.17.1 Build date: Fri Feb 19 17:38:19 2021
Group: Unspecified Build host: cloud117
Size: 796015 Source RPM: python3-core-3.6.12-lp152.4.17.1.src.rpm
Summary: Include Files and Libraries Mandatory for Building Python Modules
The Python programming language's interpreter can be extended with
dynamically loaded extensions and can be embedded in other programs.

This package contains header files, a static library, and development
tools for building Python modules, extending the Python interpreter or
embedding Python in applications.

This also includes the Python distutils, which were in the Python
package up to version 2.2.2.






* Mon Feb 08 2021 Matej Cepl <>
  - Resync with python36 Factory package.
  - Make this %primary_interpreter
* Fri Jan 29 2021 Matej Cepl <>
  - Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
    bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
    _ctypes/callproc.c, which may lead to remote code execution.
* Wed Jan 27 2021 Matej Cepl <>
  - Provide the newest setuptools wheel (bsc#1176262,
    CVE-2019-20916) in their correct form (bsc#1180686).
* Mon Dec 28 2020 Marcus Meissner <>
  - readd --with-fpectl (bsc#1180377)
* Mon Dec 07 2020 Matej Cepl <>
  - Adjust sphinx-update-removed-function.patch
* Sat Dec 05 2020 Matej Cepl <>
  - (bsc#1179630) Update sphinx-update-removed-function.patch to
    work with all versions of Sphinx (not binding the Python
    documentation build to the latest verison of Sphinx). Updated
    version mentioned on gh#python/cpython#13236.
* Tue Dec 01 2020 Matej Cepl <>
  - Add CVE-2020-27619-no-eval-http-content.patch fixing
    CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support
    calls eval() on content retrieved via HTTP.
* Tue Dec 01 2020 Steve Kowalik <>
  - Add patch sphinx-update-removed-function.patch to no longer call
    a now removed function (gh#python/cpython#13236). As
    a consequence, no longer pin Sphinx version.
* Fri Nov 27 2020 Markéta Machová <>
  - Pin Sphinx version to fix doc subpackage
* Wed Nov 25 2020 Matej Cepl <>
  - Change setuptools and pip version numbers according to new
    wheels (bsc#1179756).
  - Add ignore_pip_deprec_warn.patch to switch of persistently
    failing test.
* Tue Nov 24 2020 Matej Cepl <>
  - Replace bundled wheels for pip and setuptools with the updated ones
    (bsc#1176262 CVE-2019-20916).
* Tue Oct 13 2020 Marketa Calabkova <>
  - Handful of changes to make python36 compatible with SLE15 and SLE12
    (jsc#ECO-2799, jsc#SLE-13738)
  - Rebase bpo23395-PyErr_SetInterrupt-signal.patch
* Fri Oct 09 2020 Dominique Leuenberger <>
  - Fix build with RPM 4.16: error: bare words are no longer
    supported, please use "...":  x86 == ppc.
* Fri Oct 09 2020 Matej Cepl <>
  - Fix installing .desktop file
* Fri Sep 25 2020 Dominique Leuenberger <>
  - Buildrequire timezone only for general flavor. It's used in this
    flavor for the test suite.
* Wed Sep 02 2020 Matej Cepl <>
  - Add faulthandler_stack_overflow_on_GCC10.patch to make build
    working even with GCC10 (bpo#38965).
* Tue Sep 01 2020 Matej Cepl <>
  - Just cleanup and reordering items to synchronize with python38
* Mon Aug 31 2020 Tomáš Chvátal <>
  - Format with spec-cleaner
* Fri Aug 21 2020 Andreas Schwab <>
  - riscv64-support.patch: bpo-33377: add triplets for mips-r6 and riscv
  - riscv64-ctypes.patch: bpo-35847: RISC-V needs CTYPES_PASS_BY_REF_HACK
  - Update list of tests to exclude under qemu linux-user
* Thu Aug 20 2020 Marketa Calabkova <>
  - Update the python keyring
  - Correct libpython name
* Thu Aug 20 2020 Marketa Calabkova <>
  - Drop patches which are not mentioned in spec:
    * CVE-2019-5010-null-defer-x509-cert-DOS.patch
    * F00102-lib64.patch
    * F00251-change-user-install-location.patch
    * OBS_dev-shm.patch
    * SUSE-FEDORA-multilib.patch
    * bpo-31046_ensurepip_honours_prefix.patch
    * bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch
    * bpo36302-sort-module-sources.patch
    * bpo40784-Fix-sqlite3-deterministic-test.patch
    * bsc1167501-invalid-alignment.patch
    * python3-imp-returntype.patch
  - Working around missing python-packaging dependency in
    python-Sphinx (bsc#1174571) is not necessary anymore.
* Wed Aug 19 2020 Marketa Calabkova <>
  - Update to 3.6.12 (bsc#1179193)
    * Ensure python3.dll is loaded from correct locations when Python is embedded
    * The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface
      incorrectly generated constant hash values of 32 and 128 respectively. This
      resulted in always causing hash collisions. The fix uses hash() to generate
      hash values for the tuple of (address, mask length, network address).
    * Prevent http header injection by rejecting control characters in
    * Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now
      UnpicklingError instead of crashing.
    * Avoid infinite loop when reading specially crafted TAR files using the tarfile
  - Drop merged fixtures:
    * CVE-2020-14422-ipaddress-hash-collision.patch
    * CVE-2019-20907_tarfile-inf-loop.patch
    * recursion.tar
  - This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091).
* Mon Jul 20 2020 Matej Cepl <>
  - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
    (CVE-2019-20907, bpo#39017) avoiding possible infinite loop
    in specifically crafted tarball.
    Add recursion.tar as a testing tarball for the patch.
* Fri Jul 17 2020 Marketa Calabkova <>
  - Make library names internally consistent
* Fri Jul 17 2020 Tomáš Chvátal <>
  - Disable profile optimalizations as they deadlock in test_faulthandler
* Fri Jul 17 2020 Tomáš Chvátal <>
  - Disable lto as it causes mess and works with 3.7 onwards only
* Fri Jul 17 2020 Tomáš Chvátal <>
  - Sync the test disablements from the python3 in sle15
* Fri Jul 17 2020 Tomáš Chvátal <>
  - Update to 3.6.11:
    - bpo-39073: Disallow CR or LF in email.headerregistry. Address
      arguments to guard against header injection attacks.
    - bpo-38576 (bsc#1155094): Disallow control characters in
      hostnames in http.client, addressing CVE-2019-18348. Such
      potentially malicious header injection URLs now cause
      a InvalidURL to be raised.
    - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class
      of the urllib.request module uses an inefficient regular
      expression which can be exploited by an attacker to cause
      a denial of service. Fix the regex to prevent the
      catastrophic backtracking. Vulnerability reported by Ben
      Caller and Matt Schwager.
    - bpo-39401: Avoid unsafe load of
      api-ms-win-core-path-l1-1-0.dll at startup on Windows 7.
  - Remove merged patch CVE-2020-8492-urllib-ReDoS.patch
* Wed Jul 15 2020 Tomáš Chvátal <>
  - Fix minor issues found in the staging.
* Wed Jul 15 2020 Tomáš Chvátal <>
  - Do not set ourselves as a primary interpreter
* Thu Jun 25 2020 Matej Cepl <>
  - Add CVE-2020-14422-ipaddress-hash-collision.patch fixing
    CVE-2020-14422 (bsc#1173274, bpo#41004), where hash collisions
    in IPv4Interface and IPv6Interface could lead to DOS.
* Tue Mar 10 2020 Matej Cepl <>
  - Change name of idle3 icons to idle3.png
    to avoid collision with Python 2 version (bsc#1165894).
* Sat Feb 08 2020 Matej Cepl <>
  - Add CVE-2019-9674-zip-bomb.patch to improve documentation
    warning about dangers of zip-bombs and other security problems
    with zipfile library. (bsc#1162825 CVE-2019-9674)
  - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug
    "Python urrlib allowed an HTTP server to conduct Regular
    Expression Denial of Service (ReDoS)" (bsc#1162367)
* Sat Feb 08 2020 Matej Cepl <>
  - Add Requires: libpython%{so_version} == %{version}-%{release}
    to python3-base to keep both packages always synchronized
* Mon Feb 03 2020 Tomáš Chvátal <>
  - Reame idle icons to idle3 in order to not conflict with python2
    variant of the package bsc#1165894
    * renamed the icons
    * renamed icon load in desktop file
* Tue Jan 28 2020 Matej Cepl <>
  - Add pep538_coerce_legacy_c_locale.patch to coerce locale to
    C.UTF-8 always (bsc#1162423).
* Thu Dec 19 2019 Matej Cepl <>
  - Update to 3.6.10 (still in line with jsc#SLE-9426,
    jsc#SLE-9427, bsc#1159035):
    - Security:
    - bpo-38945: Newline characters have been escaped when
      performing uu encoding to prevent them from overflowing
      into to content section of the encoded file. This prevents
      malicious or accidental modification of data during the
      decoding process.
    - bpo-37228: Due to significant security concerns, the
      reuse_address parameter of
      asyncio.loop.create_datagram_endpoint() is no longer
      supported. This is because of the behavior of SO_REUSEADDR
      in UDP. For more details, see the documentation for
      loop.create_datagram_endpoint(). (Contributed by Kyle
      Stanley, Antoine Pitrou, and Yury Selivanov in bpo-37228.)
    - bpo-38804: Fixes a ReDoS vulnerability in http.cookiejar.
      Patch by Ben Caller.
    - bpo-38243: Escape the server title of
      xmlrpc.server.DocXMLRPCServer when rendering the document
      page as HTML. (Contributed by Dong-hee Na in bpo-38243.)
    - bpo-38174: Update vendorized expat library version to
      2.2.8, which resolves CVE-2019-15903.
    - bpo-37461: Fix an infinite loop when parsing specially
      crafted email headers. Patch by Abhilash Raj.
    - bpo-34155: Fix parsing of invalid email addresses with more
      than one @ (e.g. to not return the part before
      2nd @ as valid email address. Patch by maxking & jpic.
    - Library:
    - bpo-38216: Allow the rare code that wants to send invalid
      http requests from the http.client library a way to do so.
      The fixes for bpo-30458 led to breakage for some projects
      that were relying on this ability to test their own
      behavior in the face of bad requests.
    - bpo-36564: Fix infinite loop in email header folding logic
      that would be triggered when an email policy’s
      max_line_length is not long enough to include the required
      markup and any values in the message. Patch by Paul Ganssle
  - Remove patches included in the upstream tarball:
    - CVE-2019-16935-xmlrpc-doc-server_title.patch (and also
      bpo37614-race_test_docxmlrpc_srv_setup.patch, which was
      resolving bsc#1174701).
    - CVE-2019-16056-email-parse-addr.patch
  - Move idle subpackage build from python3-base to python3 (bsc#1159622).
    appstream-glib required for packaging introduces considerable
    extra dependencies and a build loop via rust/librsvg.
  - Correct installation of idle IDE icons:
    + idle.png is not the target directory
    + non-GNOME-specific icons belong into icons/hicolor
  - Add required Name key to idle3 desktop file
* Thu Dec 12 2019 Matej Cepl <>
  - Unify all Python 3.6* SLE packages into one (jsc#SLE-9426,
    jsc#SLE-9427, bsc#1159035)
    - Patches which were already included upstream:
    - CVE-2018-1061-DOS-via-regexp-difflib.patch
    - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch
* Tue Oct 22 2019 Matej Cepl <>
  - Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing
    bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in
* Thu Sep 19 2019 Matej Cepl <>
  - Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from
    bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes
  - Add bpo36263-Fix_hashlib_scrypt.patch which works around
* Mon Sep 16 2019 Matej Cepl <>
  - Add CVE-2019-16056-email-parse-addr.patch fixing the email
    module wrongly parses email addresses [bsc#1149955,
    bnc#1149955, CVE-2019-16056]
* Mon Sep 09 2019 Matej Cepl <>
  - jsc#PM-1350 bsc#1149121 Update python3 to the last version of
    the 3.6 line. This is just a bugfix release with no changes in
  - The following patches were included in the upstream release as
    so they can be removed in the package:
    - CVE-2018-20852-cookie-domain-check.patch
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
    - CVE-2019-10160-netloc-port-regression.patch
    - CVE-2019-9636-urlsplit-NFKC-norm.patch
    - CVE-2019-9947-no-ctrl-char-http.patch
  - Patch bpo23395-PyErr_SetInterrupt-signal.patch has been
    reapplied on the upstream base without changing any
  - Add patch aarch64-prolong-timeout.patch to fix failing
    test_utime_current_old test.
* Wed Jul 24 2019 Matej Cepl <>
    "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which
    converts shutil._call_external_zip to use subprocess rather
    than distutils.spawn. [bsc#1109663, CVE-2018-1000802]
* Wed Jul 24 2019 Matej Cepl <>
  - FAKE RECORD FROM SLE-12 CHANNEL bsc#1109847: add
    CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo#34623.
* Fri Jul 19 2019 Matej Cepl <>
  - boo#1141853 (CVE-2018-20852) add
    CVE-2018-20852-cookie-domain-check.patch fixing
    http.cookiejar.DefaultPolicy.domain_return_ok which did not
    correctly validate the domain: it could be tricked into sending
    cookies to the wrong server.
* Wed Jul 03 2019 Matej Cepl <>
  - bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch
    which fixes regression introduced by the previous patch.
    Upstream gh#python/cpython#13812
* Wed Jun 12 2019 Matej Cepl <>
  - FAKE RECORD FROM SLE-12 CHANNEL bsc#1137942: Avoid duplicate
    files with python3* packages (
* Tue Jun 11 2019 Matej Cepl <>
  - bsc#1094814: Add bpo23395-PyErr_SetInterrupt-signal.patch to
    handle situation when the SIGINT signal is ignored or not handled
* Tue Apr 30 2019 Matej Cepl <>
  - Update to 3.6.8:
    - bugfixes only
    - removed patches (subsumed in the upstream tarball):
    - CVE-2018-20406-pickle_LONG_BINPUT.patch
    - refreshed patches:
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
    - CVE-2019-9636-urlsplit-NFKC-norm.patch
    - Python-3.0b1-record-rpm.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - python-3.3.0b1-test-posix_fadvise.patch
    - python-3.3.3-skip-distutils-test_sysconfig_module.patch
    - python-3.6.0-multilib-new.patch
    - python3-sorted_tar.patch
    - subprocess-raise-timeout.patch
    - switch off LTO and PGO optimization (bsc#1133452)
  - bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
    Address the issue by disallowing URL paths with embedded
    whitespace or control characters through into the underlying
    http client request. Such potentially malicious header
    injection URLs now cause a ValueError to be raised.
* Tue Apr 09 2019 Matej Cepl <>
  - bsc#1129346: add CVE-2019-9636-urlsplit-NFKC-norm.patch
    Characters in the netloc attribute that decompose under NFKC
    normalization (as used by the IDNA encoding) into any of ``/``,
    ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the
    URL is decomposed before parsing, or is not a Unicode string,
    no error will be raised. (CVE-2019-9636)
    Upstream gh#python/cpython#12224
* Mon Jan 21 2019 Matěj Cepl <>
  - bsc#1120644 add CVE-2018-20406-pickle_LONG_BINPUT.patch fixing bpo#34656
    Modules/_pickle.c in Python before 3.7.1 has an integer overflow via
    a large LONG_BINPUT value that is mishandled during a "resize to twice
    the size" attempt. This issue might cause memory exhaustion, but is
    only relevant if the pickle format is used for serializing tens or
    hundreds of gigabytes of data.
* Sat Jan 19 2019
  - bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch
    fixing bpo-35746.
    An exploitable denial-of-service vulnerability exists in the
    X509 certificate parser of Python 2.7.11 / 3.7.2.
    A specially crafted X509 certificate can cause a NULL pointer
    dereference, resulting in a denial of service. An attacker can
    initiate or accept TLS connections using crafted certificates
    to trigger this vulnerability.
* Mon Sep 03 2018 Matěj Cepl <>
  - Add -fwrapv to OPTS, which is default for python3 anyway
    See for example
    for bugs which are caused by avoiding it. (bsc#1107030)
* Fri Jun 29 2018
  - Apply "CVE-2018-1061-DOS-via-regexp-difflib.patch" to prevent
    low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS
    (CVE-2018-1061). Prior to this patch mail server's timestamp was
    susceptible to catastrophic backtracking on long evil response from
    the server. Also, it was susceptible to catastrophic backtracking,
    which was a potential DOS vector.
    [bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]
* Tue Apr 17 2018
  - As we run in main python package do not generate the pre_checkin
    from both now
* Mon Apr 16 2018
  - Move the tests from base to generic package wrt bsc#1088573
    * We still fail the whole distro if python3 is not build
    * The other archs than x86_64 took couple of hours to unblock
      build of other software, this way we work around the issue
  - Some tests are still run in -base for the LTO tweaking, but at
    least it is not run twice
* Sat Mar 31 2018
  - update to 3.6.5
    * bugfix release
    * see Misc/NEWS for details
  - drop ctypes-pass-by-value.patch
  - drop fix-localeconv-encoding-for-LC_NUMERIC.patch
  - refresh python-3.6.0-multilib-new.patch
* Tue Mar 13 2018
  - Apply "python-3.6-CVE-2017-18207.patch" to add a check to
    Lib/ that verifies that at least one channel is provided.
    Prior to this check, attackers could cause a denial of service
    (divide-by-zero error and application crash) via a crafted wav
    format audio file. [bsc#1083507, CVE-2017-18207]
* Wed Mar 07 2018
  - Created %so_major and %so_minor macros
  - Put Tools/gdb/ script into proper place and ship it with devel
* Tue Feb 20 2018
  - ctypes-pass-by-value.patch: Fix pass by value for structs on aarch64
* Tue Feb 20 2018
  - Add python3-sorted_tar.patch (boo#1081750, bsc#1086001)
* Wed Feb 07 2018
  - Add patch to fix glibc 2.27 fail bsc#1079761:
    * fix-localeconv-encoding-for-LC_NUMERIC.patch
* Wed Jan 24 2018
  - move XML modules and python3-xml provide to python3-base
    (fixes bsc#1077230)
  - move ensurepip to base
* Thu Jan 18 2018
  - Add skip_random_failing_tests.patch only for PowerPC
* Wed Jan 03 2018
  - update to 3.6.4
    * bugfix release, over a hundred bugs fixed
    * see Misc/NEWS for details
  - drop upstreamed python3-ncurses-6.0-accessors.patch
  - drop PYTHONSTARTUP hooks that cause spurious startup errors
    * fixes bsc#1070738
    * the relevant feature (REPL history) is now built into Python itself
* Sat Dec 02 2017
  - Install 2to3-%{python_version} executable (override defattr of
    the -tools package). 2to3 (unversioned) is a symlink and does not
    carry permissions (bsc#1070853).
* Thu Nov 16 2017
  - move 2to3 to python3-tools package
* Wed Oct 11 2017
  - update to 3.6.3
    * bugfix release, over a hundred bugs fixed
    * see Misc/NEWS for details
  - drop upstreamed 0001-3.6-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3093.patch
* Wed Sep 20 2017
  - drop python-2.7-libffi-aarch64.patch: this patches the intree
    copy of libffi which is unused/deleted in the line afterwards
  - fix build against system libffi: include flags weren't set
    so it actually used the in-tree libffi headers.
* Thu Sep 14 2017
  - Fix test broken with OpenSSL 1.1 (bsc#1042670)
    * add 0001-3.6-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3093.patch
* Thu Aug 31 2017
  - fix missing %{?armsuffix}
* Wed Aug 30 2017
  - distutils-reproducible-compile.patch: ensure distutils order files
    before compiling, which works around bsc#1049186
* Thu Aug 17 2017
  - Add libnsl-devel build requires for glibc obsoleting libnsl
* Thu Aug 03 2017
  - update to 3.6.2
    * bugfix release, over a hundred bugs fixed
    * see Misc/NEWS for details
  - drop upstreamed test-socket-aead-kernel49.patch
  - add Provides: python3-typing (fixes bsc#1050653)
  - drop duplicate Provides: python3
* Tue Jun 20 2017
  - Add missing link to python library in config dir (bsc#1040164)
* Thu Mar 23 2017
  - update to 3.6.1
    * bugfix release, over a hundred bugs fixed
    * never add import location's parent directory to sys.path
    * switch to git for version control, build changes related to that
    * fix "failed to get random numbers" on old kernels (bsc#1029902)
    * several crashes and memory leaks corrected
    * f-string are no longer accepted as docstrings
* Mon Mar 13 2017
  - prevent regenerating AST at build-time more robustly
  - add "--without profileopt" and "--without testsuite" options to python3-base
    to allow short circuiting when working on the package
* Wed Mar 01 2017
  - FAKE RECORD FROM SLE-12 CHANNEL update to 3.4.6 (bsc#1027282):
    * fixed potential crash in PyUnicode_AsDecodedObject() in debug build
    * fixed possible DoS and arbitrary execution in gettext plurals
    * fix possible use of uninitialized memory in operator.methodcaller
    * fix possible Py_DECREF on unowned object in _sre
    * fix possible integer overflow in _csv module
    * prevent HTTPoxy attack (CVE-2016-1000110)
    * fix selectors incorrectly retaining invalid fds
  - drop upstreamed python-3.4-CVE-2016-1000110-fix.patch
  - move _elementtree to python3.rpm to match its pyexpat dependency
* Sat Feb 25 2017
  - Add 0001-allow-for-reproducible-builds-of-python-packages.patch
* Wed Feb 08 2017
  - reenable test_socket with AEAD patch (test-socket-aead-kernel49.patch)
  - reintroduce %py3_soflags macro (and better named %cpython3_soabi equivalent)
* Wed Jan 11 2017
  - update to 3.6.0
    * PEP 498 Formated string literals
    * PEP 515 Underscores in numeric literals
    * PEP 526 Syntax for variable annotations
    * PEP 525 Asynchronous generators
    * PEP 530 Asynchronous comprehensions
    * PEP 506 New "secrets" module for safe key generation
    * less memory consumed by dicts
    * dtrace and systemtap support
    * improved asyncio module
    * better defaults for ssl
    * new hashing algorithms in hashlib
    * bytecode format changed to allow more optimizations
    * "async" and "await" are on track to be reserved words
    * StopIteration from generators is deprecated
    * support for openssl < 1.0.2 is deprecated
    * os.urandom now blocks when getrandom() blocks
    * huge number of new features, bugfixes and optimizations
    * see for details
  - rework multilib patch: drop Python-3.5.0-multilib.patch, implement
    upstreamable python-3.6.0-multilib-new.patch
  - refresh python-3.3.0b1-localpath.patch, subprocess-raise-timeout.patch
  - drop upstreamed Python-3.5.1-fix_lru_cache_copying.patch
  - finally drop python-2.6b1-canonicalize2.patch that was not applied in source
    and only kept around in case we needed it in the future. (which we don't, as it seems)
  - update import_failed map and baselibs
  - build ctypes against system libffi
    (buildrequire libffi-devel in python3-base)
  - add new key to keyring (signed by keys already in keyring)
  - introduced common configure section between python3 and python3-base
  - moved pyconfig.h and Makefile to devel subpackage as distutils no longer
    need it at runtime
  - added python-rpm-macros dependency, regenerated macros file, drop
    because it is not used now
  - improve summaries and descriptions (fixes bsc#917607)
  - enabled Link-Time Optimization, see what happens
  - including in run
  - run specs through spec-cleaner, rearrange sections
* Sat Aug 06 2016
  - FAKE RECORD FROM SLE-12 CHANNEL apply fix for CVE-2016-1000110
    - CGIHandler: sets environmental variable based on user
      supplied Proxy request header:
      python-3.4-CVE-2016-1000110-fix.patch (fixes bsc#989523,
  - refresh python3-urllib-prefer-lowercase-proxies.patch
* Sun Jul 03 2016
  - FAKE RECORD FROM SLE-12 CHANNEL update to 3.4.5
    (fixes bsc#984751, CVE-2016-0772)
    (fixes bsc#985177, CVE-2016-5636)
    (fixes bsc#985348, CVE-2016-5699)
  - drop upstreamed werror-declaration-after-statement.patch
* Tue Jun 14 2016
  - FAKE RECORD FROM SLE-12 CHANNEL Due to being fixed upstream
    (differently), removed outdated patch
    CVE-2014-4650-CGIHTTPServer-traversal.patch (bsc#983582)
* Fri Apr 22 2016
  - move _hashlib and _ssl modules and tests to python3-base
  - recommend python3
* Mon Mar 07 2016
  - Add  Python-3.5.1-fix_lru_cache_copying.patch
    Fix copying the lru_cache() wrapper object.
    Fixes deep-copying lru_cache regression, which worked on
    previous versions of python but fails on python 3.5.
    This fixes a bunch of packages in devel:languages:python3.
* Wed Dec 09 2015
  - update to 3.5.1
    * bugfix-only release, dozens of bugs fixed
  - Drop upstreamed Python-3.5.0-_Py_atomic_xxx-symbols.patch
  - "Python3" to "Python 3" in summary
    * This seems cleaner and fixes and rpmlint warning
* Fri Oct 23 2015
  - FAKE RECORD FROM SLE-12 CHANNEL Issue #21121: Don't force 3rd
    party C extensions to be built with -Werror=declaration-after-statement.
    (werror-declaration-after-statement.patch, bsc#951166)
* Wed Oct 14 2015
  - Add Python-3.5.0-_Py_atomic_xxx-symbols.patch
    This fixes a build error for many packages that use the Python,
    This patch is already accepted upstream and is slated to appear in
    python 3.5.1.
* Tue Sep 29 2015
  - update to 3.5.0
    * coroutines with async/await syntax
    * matrix multiplication operator `@`
    * unpacking generalizations
    * new modules `typing` and `zipapp`
    * type annotations
    * .pyo files replaced by custom suffixes for optimization levels in __pycache__
    * support for memory BIO in ssl module
    * performance improvements in several modules
    * and many more
  - removals and behavior changes
    * deprecated `__version__` is removed
    * support for .pyo files was removed
    * system calls are auto-retried on EINTR
    * bare generator expressions in function calls now cause SyntaxError
      (change "f(x for x in i)" to "f((x for x in i))" to fix)
    * removed undocumented `format` member of private `PyMemoryViewObject` struct
    * renamed `PyMemAllocator` to `PyMemAllocatorEx`
  - redefine %dynlib macro to reflect that modules now have arch+os as part of name
  - module `time` is now built-in
  - dropped upstreamed patches:
    python-fix-short-dh.patch (also dropped dh2048.pem required for this patch)
  - updated patch Python-3.3.0b2-multilib.patch to Python-3.5.0-multilib.patch
  - python-ncurses-6.0-accessors.patch taken from python 2 to fix build failure
    with new gcc + ncurses
* Wed Sep 09 2015
  - Add python3-ncurses-6.0-accessors.patch: Fix build with
    NCurses 6.0 and OPAQUE_WINDOW set to 1.
* Mon Aug 24 2015
  - improve import_failed hook to do the right thing when invoking
    missing modules with "python3 -m modulename" (boo#942751)
* Thu Jul 23 2015
  - Build with --enable-loadable-sqlite-extensions to make it works
    as geospatial database.
* Wed Jun 24 2015
  - dh2048.pem: added generated 2048 dh parameter set to fix
    ssl test (bsc#935856)
  - python-fix-short-dh.patch: replace the 512 bits dh parameter set
    by 2048 bits to fix build with new openssl 1.0.2c (bsc#935856)
* Tue May 19 2015
  - ctypes-libffi-aarch64.patch: remove upstreamed patch
  - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for
* Thu May 14 2015
  - python-3.4.3-test-conditional-ssl.patch - restore tests failing because
    test_urllib was unconditionally importing ssl (without really needing it)
  - restore functionality of multilib patch
  - drop libffi-ppc64le.diff because upstream completely changed everything
    yet again (sorry ppc64 folks :| )
* Fri May 01 2015
  - Update to version 3.4.3
  - Drop upstreamed CVE-2014-4650-CGIHTTPServer-traversal.patch
* Wed Mar 25 2015
  - Add python-3.4.1-fix-faulthandler.patch, upstream patch for bogus
    faulthandler which fails with GCC 5.
* Sun Jan 11 2015
  - asyncio has been merged in python3 main package; provide and
    obsolete it
  - Remove obsolete AUTHORS section
  - Remove redundant %clean section
* Mon Oct 13 2014
  - add %python3_version rpm macro for Fedora compatibility
  - add missing argument in import_failed, rename Novell Bugzilla
    to SUSE Bugzilla



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 11:42:48 2024