Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libpython3_8-1_0-3.8.16-3.1 RPM for armv6hl

From OpenSuSE Ports Tumbleweed for armv6hl

Name: libpython3_8-1_0 Distribution: openSUSE Tumbleweed
Version: 3.8.16 Vendor: openSUSE
Release: 3.1 Build date: Sun Jan 29 14:29:13 2023
Group: Unspecified Build host: obs-arm-11
Size: 2802136 Source RPM: python38-core-3.8.16-3.1.src.rpm
Summary: Python Interpreter shared library
Python is an interpreted, object-oriented programming language, and is
often compared to Tcl, Perl, Scheme, or Java.  You can find an overview
of Python in the documentation and tutorials included in the python-doc
(HTML) or python-doc-pdf (PDF) packages.

This package contains libpython3.2 shared library for embedding in
other applications.






* Fri Jan 27 2023 Thorsten Kukuk <>
  - Disable NIS for new products, it's deprecated and gets removed
* Fri Jan 13 2023 Martin Liška <>
  - Suppress warnings for Sphinx 6.0+.
* Thu Dec 08 2022 Matej Cepl <>
  - Update to 3.8.16:
    - python -m http.server no longer allows terminal
      control characters sent within a garbage request to be
      printed to the stderr server log.
      This is done by changing the http.server
      BaseHTTPRequestHandler .log_message method to replace control
      characters with a \xHH hex escape before printing.
    - Avoid publishing list of active per-interpreter
      audit hooks via the gc module
    - The IDNA codec decoder used on DNS hostnames by
      socket or asyncio related name resolution functions no
      longer involves a quadratic algorithm. This prevents a
      potential CPU denial of service if an out-of-spec excessive
      length hostname involving bidirectional characters were
      decoded. Some protocols such as urllib http 3xx redirects
      potentially allow for an attacker to supply such a
      name (CVE-2022-45061).
    - Update bundled libexpat to 2.5.0
    - Port XKCP’s fix for the buffer overflows in SHA-3
    - The deprecated mailcap module now refuses to inject
      unsafe text (filenames, MIME types, parameters) into shell
      commands. Instead of using such text, it will warn and act
      as if a match was not found (or for test commands, as if the
      test failed).
  - Removed upstream patches:
    - CVE-2022-37454-sha3-buffer-overflow.patch
    - CVE-2022-45061-DoS-by-IDNA-decode.patch
* Wed Nov 09 2022 Matej Cepl <>
  - Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid
    CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding
    extremely long domain names.
* Fri Oct 28 2022 Matej Cepl <>
  - Add CVE-2022-37454-sha3-buffer-overflow.patch to fix
    bsc#1204577 (CVE-2022-37454, gh#python/cpython#98517) buffer
    overflow in hashlib.sha3_* implementations (originally from the
    XKCP library).
* Fri Oct 21 2022 Matej Cepl <>
  - Add 98437-sphinx.locale._-as-gettext-in-pyspecific.patch to
    allow building of documentation with the latest Sphinx 5.3.0
* Thu Oct 20 2022 Daniel Garcia <>
  - Add platlibdir-in-sys.patch to provide sys.platlibdir attribute. This is used
    by python-setuptools in distutils.sysconfig.get_python_lib bsc#1204395
* Wed Oct 19 2022 Matej Cepl <>
  - Update to 3.8.15:
    - Fix multiplying a list by an integer (list *= int): detect
      the integer overflow when the new allocated length is close
      to the maximum size.
    - Fix a shell code injection vulnerability in the example script. The script no
      longer uses a shell to run openssl commands. (originally
      filed as CVE-2022-37460, later withdrawn)
    - Fix command line parsing: reject -X int_max_str_digits option
      with no value (invalid) when the PYTHONINTMAXSTRDIGITS
      environment variable is set to a valid limit.
    - When ValueError is raised if an integer is larger than the
      limit, mention the sys.set_int_max_str_digits() function in
      the error message.
    - Update bundled libexpat to 2.4.9
    - Fixes a potential buffer overrun in msilib.
* Sun Sep 11 2022 Matej Cepl <>
  - Update to 3.8.14:
    - (CVE-2020-10735, bsc#1203125). Converting between int
      and str in bases other than 2 (binary), 4, 8 (octal), 16
      (hexadecimal), or 32 such as base 10 (decimal) now raises a
      ValueError if the number of digits in string form is above a
      limit to avoid potential denial of service attacks due to the
      algorithmic complexity.
      This new limit can be configured or disabled by environment
      variable, command line flag, or sys APIs. See the integer
      string conversion length limitation documentation. The
      default limit is 4300 digits in string form.
    - (CVE-2021-28861, bsc#1202624) http.server: Fix an open
      redirection vulnerability in the HTTP server when an URI path
      starts with //. Vulnerability discovered, and initial fix
      proposed, by Hamza Avvan.
    - Also other bugfixes:
    - Fix contextvars HAMT implementation to handle iteration
      over deep trees. The bug was discovered and fixed by Eli
      Libman. See MagicStack/immutables#84 for more details.
    - Fix ensurepip environment isolation for subprocess running
    - Raise ProgrammingError instead of segfaulting on recursive
      usage of cursors in sqlite3 converters. Patch by Sergey
    - Add a new gh role to the documentation to link to GitHub
    - Pin Jinja to a version compatible with Sphinx version
    - test_ssl is now checking for supported TLS version and
      protocols in more tests.
    - Fix test case for OpenSSL 3.0.1 version. OpenSSL 3.0 uses
  - Removed upstreamed patches:
    - CVE-2021-28861-double-slash-path.patch
  - Readjusted patches:
    - bpo-31046_ensurepip_honours_prefix.patch
    - sphinx-update-removed-function.patch
* Sat Sep 03 2022 Matej Cepl <>
  - (bsc#1196784, CVE-2022-25236) Add patch
    support-expat-CVE-2022-25236-patched.patch to allow working
    with different versions of libexpat.
* Thu Sep 01 2022 Steve Kowalik <>
  - Add patch CVE-2021-28861-double-slash-path.patch:
    * http.server: Fix an open redirection vulnerability in the HTTP server
      when an URI path starts with //. (bsc#1202624, CVE-2021-28861)
* Wed Aug 31 2022 Matej Cepl <>
  - Add bpo34990-2038-problem-compileall.patch making
    compliant with year 2038 (bsc#1202666, gh#python/cpython#79171),
    backport of fix to Python 3.8.
  - Add conditional for requiring rpm-build-python, so we should be
    compilable on SLE/Leap.
* Thu Jul 21 2022 Matej Cepl <>
  - Switch from %primary_interpreter to prjconf-defined
    %primary_python (gh#openSUSE/python-rpm-macros#127).
* Thu May 05 2022 Matej Cepl <>
  - Switch primary_interpreter from python38 to python310
* Sat Mar 26 2022 Matej Cepl <>
  - Update to 3.8.13:
    Core and Builtins
      bpo-46794: Bump up the libexpat version into 2.4.6
      bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
      bpo-46932: Update bundled libexpat to 2.4.7
      bpo-46811: Make test suite support Expat >=2.4.5
      bpo-46784: Fix libexpat symbols collisions with user
      dynamically loaded or statically linked libexpat in embedded
      bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
      bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid
      potential REDoS by limiting ambiguity in consecutive
      bpo-44849: Fix the os.set_inheritable() function on FreeBSD
      14 for file descriptor opened with the O_PATH flag: ignore
      the EBADF error on ioctl(), fallback on the fcntl()
      bpo-41028: Language and version switchers, previously
      maintained in every cpython branches, are now handled by
      bpo-45195: Fix test_readline.test_nonascii(): sometimes, the
      newline character is not written at the end, so don’t
      expect it in the output.
      bpo-44949: Fix auto history tests of test_readline:
      sometimes, the newline character is not written at the end,
      so don’t expect it in the output.
      bpo-45405: Prevent internal configure error when running
      configure with recent versions of clang.
  - Remove upstreamed patches:
    - support-expat-245.patch
* Tue Feb 22 2022 Steve Kowalik <>
  - Add patch support-expat-245.patch:
    * Support Expat >= 2.4.5
* Mon Nov 29 2021 Matej Cepl <>
  - Remove shebangs from from python-base libraries in _libdir
  - Readjust patches:
    - bpo-31046_ensurepip_honours_prefix.patch
    - decimal.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
* Tue Oct 12 2021 Dominique Leuenberger <>
  - BuildRequire rpm-build-python: The provider to inject python(abi)
    has been moved there. rpm-build pulls rpm-build-python
    automatically in when building anything against python3-base, but
    this implies that the initial build of python3-base does not
    trigger the automatic installation.
* Tue Aug 31 2021 Fusion Future <>
  - Update to 3.8.12
    * Complete list of changes is available at
    * Security
    - bpo-42278: Replaced usage of tempfile.mktemp() with
      TemporaryDirectory to avoid a potential race condition.
    - bpo-44394: Update the vendored copy of libexpat to 2.4.1
      (from 2.2.8) to get the fix for the CVE-2013-0340 “Billion
      Laughs” vulnerability. This copy is most used on Windows and
    - bpo-43124: Made the internal putcmd function in smtplib
      sanitize input for presence of \r and \n characters to avoid
      (unlikely) command injection.
    - bpo-36384: ipaddress module no longer accepts any leading
      zeros in IPv4 address strings. Leading zeros are ambiguous
      and interpreted as octal notation by some libraries. For
      example the legacy function socket.inet_aton() treats leading
      zeros as octal notation. glibc implementation of modern
      inet_pton() does not accept any leading zeros. For a while
      the ipaddress module used to accept ambiguous leading zeros.
  - Refreshed patch:
    * decimal-3.8.patch
* Fri Aug 27 2021 Matej Cepl <>
  - Add decimal-3.8.patch to add building with --with-system-libmpdec
    option (bsc#1189356).
* Thu Aug 26 2021 Andreas Schwab <>
  - test_faulthandler is still problematic under qemu linux-user emulation,
    disable it there
  - Reenable profileopt with qemu emulation, test_faulthandler is no longer
    run during profiling
* Tue Aug 10 2021 Fusion Future <>
  - Update to 3.8.11
    * Security
    - bpo-44022 (boo#1189241): mod:http.client now avoids
      infinitely reading potential HTTP headers after a 100
      Continue status response from the server.
    - bpo-43882: The presence of newline or tab characters in parts
      of a URL could allow some forms of attacks.
      Following the controlling specification for URLs defined by
      WHATWG urllib.parse() now removes ASCII newlines and tabs
      from URLs, preventing such attacks.
    - bpo-42800: Audit hooks are now fired for frame.f_code,
      traceback.tb_frame, and generator code/frame attribute
    * Core and Builtins
    - bpo-44070: No longer eagerly makes import filenames absolute,
      except for extension modules, which was introduced in 3.8.10.
    * Library
    - bpo-44061: Fix regression in previous release when calling
      pkgutil.iter_modules() with a list of pathlib.Path objects
* Mon Aug 02 2021 Matej Cepl <>
  - Use versioned python-Sphinx to avoid dependency on other
    version of Python (bsc#1183858).
* Fri Jun 18 2021 Matej Cepl <>
  - Add bpo44426-complex-keyword-sphinx.patch allowing generating
    documentation with Sphinx 4 (bpo#44426).
* Tue Jun 08 2021 Dirk Müller <>
  - allow building against sphinx 3.x+
* Fri May 21 2021 Matej Cepl <>
  - Stop providing "python" symbol (bsc#1185588), which means
    python2 currently.
* Wed May 05 2021 Matej Cepl <>
  - Update to 3.8.10:
    - Security
    - bpo-43434: Creating a sqlite3.Connection object now also
      produces a sqlite3.connect auditing event. Previously this
      event was only produced by sqlite3.connect() calls. Patch
      by Erlend E. Aasland.
    - bpo-43472: Ensures interpreter-level audit hooks receive
      the cpython.PyInterpreterState_New event when called
      through the _xxsubinterpreters module.
    - bpo-43075: Fix Regular Expression Denial of Service (ReDoS)
      vulnerability in urllib.request.AbstractBasicAuthHandler.
      The ReDoS-vulnerable regex has quadratic worst-case
      complexity and it allows cause a denial of service when
      identifying crafted invalid RFCs. This ReDoS issue is on
      the client side and needs remote attackers to control the
      HTTP server.
    - Core and Builtins
    - bpo-43105: Importlib now resolves relative paths when
      creating module spec objects from file locations.
    - bpo-42924: Fix bytearray repetition incorrectly copying
      data from the start of the buffer, even if the data is
      offset within the buffer (e.g. after reassigning a slice at
      the start of the bytearray to a shorter byte string).
    - Library
    - bpo-43993: Update bundled pip to 21.1.1.
    - bpo-43937: Fixed the turtle module working with non-default
      root window.
    - bpo-43930: Update bundled pip to 21.1 and setuptools to
    - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now
      returns a consistent error message when cadata contains no
      valid certificate.
    - bpo-43607: urllib can now convert Windows paths with \\?\
      prefixes into URL paths.
    - bpo-43284: platform.win32_ver derives the windows version
      from sys.getwindowsversion().platform_version which in turn
      derives the version from kernel32.dll (which can be of
      a different version than Windows itself). Therefore change
      the platform.win32_ver to determine the version using the
      platform module’s _syscmd_ver private function to return an
      accurate version.
    - bpo-42248: [Enum] ensure exceptions raised in _missing__
      are released
    - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1
      to suppress deprecation warnings. Python requires OpenSSL
      1.1.1 APIs.
    - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants
      (OpenSSL 3.0.0)
    - bpo-43789: OpenSSL 3.0.0: Don’t call the password callback
      function a second time when first call has signaled an
      error condition.
    - bpo-43788: The header files for ssl error codes are now
      OpenSSL version-specific. Exceptions will now show correct
      reason and library codes. The script has
      been rewritten to use OpenSSL’s text file with error codes.
    - bpo-43655: tkinter dialog windows are now recognized as
      dialogs by window managers on macOS and X Window.
    - bpo-43534: turtle.textinput() and turtle.numinput() create
      now a transient window working on behalf of the canvas
    - bpo-43522: Fix problem with hostname_checks_common_name.
      OpenSSL does not copy hostflags from struct SSL_CTX to
      struct SSL.
    - bpo-42967: Allow bytes separator argument in
      urllib.parse.parse_qs and urllib.parse.parse_qsl when
      parsing str query strings. Previously, this raised
      a TypeError.
    - bpo-43176: Fixed processing of a dataclass that inherits
      from a frozen dataclass with no fields. It is now correctly
      detected as an error.
    - bpo-34463: Fixed discrepancy between traceback and the
      interpreter in formatting of SyntaxError with lineno not
      set (traceback was changed to match interpreter).
    - bpo-41735: Fix thread locks in zlib module may go wrong in
      rare case. Patch by Ma Lin.
    - bpo-26053: Fixed bug where the pdb interactive run command
      echoed the args from the shell command line, even if those
      have been overridden at the pdb prompt.
    - bpo-36470: Fix dataclasses with InitVars and replace().
      Patch by Claudiu Popa.
    - bpo-28577: The hosts method on 32-bit prefix length
      IPv4Networks and 128-bit prefix IPv6Networks now returns
      a list containing the single Address instead of an empty
    - bpo-32745: Fix a regression in the handling of ctypes’
      ctypes.c_wchar_p type: embedded null characters would cause
      a ValueError to be raised. Patch by Zackery Spytz.
    - Documentation
    - bpo-43959: The documentation on the PyContextVar C-API was
    - bpo-43938: Update dataclasses documentation to express that
      FrozenInstanceError is derived from AttributeError.
    - bpo-43739: Fixing the example code in
      Doc/extending/extending.rst to declare and initialize the
      pmodule variable to be of the right type.
    - Tests
    - bpo-43842: Fix a race condition in the SMTP test of
      test_logging. Don’t close a file descriptor (socket) from
      a different thread while asyncore.loop() is polling the
      file descriptor. Patch by Victor Stinner.
    - bpo-43811: Tests multiple OpenSSL versions on GitHub
      Actions. Use ccache to speed up testing.
    - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy
      protocols TLS 1.0 and 1.1. Tests are failing with
    - IDLE
    - bpo-43655: IDLE dialog windows are now recognized as
      dialogs by window managers on macOS and X Window.
    - C API
    - bpo-43962: _PyInterpreterState_IDIncref() now calls
      _PyInterpreterState_IDInitref() and always increments
      id_refcount. Previously, calling
      _xxsubinterpreters.get_current() could create an
      id_refcount inconsistency when
      a _xxsubinterpreters.InterpreterID object was deallocated.
      Patch by Victor Stinner.
  - Reapplied patches:
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
    - F00102-lib64.patch
    - SUSE-FEDORA-multilib.patch
    - bpo-31046_ensurepip_honours_prefix.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
* Sun May 02 2021 Ben Greiner <>
  - Make sure to close the file after the exception
    has been raised in order to avoid ResourceWarnings when the
    failing import is part of a try...except block.
* Wed Apr 28 2021 Matej Cepl <>
  - Update to 3.8.9:
    - bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
      feature of the pydoc module which could be abused to read
      arbitrary files on the disk (directory traversal
      vulnerability). Moreover, even source code of Python modules
      can contain sensitive data like passwords. Vulnerability
      reported by David Schwörer.
    - bpo-43285: ftplib no longer trusts the IP address value
      returned from the server in response to the PASV command by
      default. This prevents a malicious FTP server from using the
      response to probe IPv4 address and port combinations on the
      client network.
    - Code that requires the former vulnerable behavior may set
      a trust_server_pasv_ipv4_address attribute on their
      ftplib.FTP instances to True to re-enable it.
    - bpo-43439: Add audit hooks for gc.get_objects(),
      gc.get_referrers() and gc.get_referents(). Patch by Pablo
    - bpo-43660: Fix crash that happens when replacing sys.stderr
      with a callable that can remove the object while an exception
      is being printed. Patch by Pablo Galindo.
    - bpo-35883: Python no longer fails at startup with a fatal
      error if a command line argument contains an invalid Unicode
      character. The Py_DecodeLocale() function now escapes byte
      sequences which would be decoded as Unicode characters
      outside the [U+0000; U+10ffff] range.
    - bpo-43406: Fix a possible race condition where
      PyErr_CheckSignals tries to execute a non-Python signal
    - bpo-35930: Raising an exception raised in a “future” instance
      will create reference cycles.
    - bpo-43577: Fix deadlock when using ssl.SSLContext debug
      callback with ssl.SSLContext.sni_callback().
    - bpo-43423: subprocess.communicate() no longer raises an
      IndexError when there is an empty stdout or stderr IO buffer
      during a timeout on Windows.
    - bpo-27820: Fixed long-standing bug of smtplib.SMTP where
      doing AUTH LOGIN with initial_response_ok=False will fail.
      The cause is that SMTP.auth_login _always_ returns a password
      if provided with a challenge string, thus non-compliant with
      the standard for AUTH LOGIN. Also fixes bug with the test for
    - bpo-43399: Fix ElementTree.extend not working on iterators
      when using the Python implementation
    - bpo-43316: The python -m gzip command line application now
      properly fails when detecting an unsupported extension. It
      exits with a non-zero exit code and prints an error message
      to stderr.
    - bpo-43260: Fix TextIOWrapper can not flush internal buffer
      forever after very large text is written.
    - bpo-42782: Fail fast in shutil.move() to avoid creating
      destination directories on failure.
    - bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
      introduced in Python 3.7.
    - bpo-43199: Answer “Why is there no goto?” in the Design and
      History FAQ.
    - bpo-43407: Clarified that a result from time.monotonic(),
      time.perf_counter(), time.process_time(), or
      time.thread_time() can be compared with the result from any
      following call to the same function - not just the next
      immediate call.
    - bpo-27646: Clarify that ‘yield from <expr>’ works with any
      iterable, not just iterators.
    - bpo-36346: Update some deprecated unicode APIs which are
      documented as “will be removed in 4.0” to “3.12”. See PEP 623
      for detail.
    - bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
      skip the test if setlocale() fails. Patch by Victor Stinner.
    - bpo-41561: Add workaround for Ubuntu’s custom OpenSSL
      security level policy.
    - bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
    - bpo-43617: Improve Check for presence of
      autoconf-archive package and remove our copies of M4 macros.
    - bpo-41837: Update macOS installer build to use OpenSSL
    - bpo-42225: Document that IDLE can fail on Unix either from
      misconfigured IP masquerage rules or failure displaying
      complex colored (non-ascii) characters.
    - bpo-43283: Document why printing to IDLE’s Shell is often
      slower than printing to a system terminal and that it can be
      made faster by pre-formatting a single string before
* Fri Feb 19 2021 Matej Cepl <>
  - Update to 3.8.8:
    - bpo#42938 (bsc#1181126): Avoid static buffers when computing
      the repr of ctypes.c_double and ctypes.c_longdouble
      values. This issue was assigned CVE-2021-3177.
    - bpo#42967 (bsc#1182379): Fix web cache poisoning
      vulnerability by defaulting the query args separator to &,
      and allowing the user to choose a custom separator. This
      issue was assigned CVE-2021-23336.
  - Remove bsc1167501-invalid-alignment.patch and
    CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch, which were included
    into the upstream tarball.
* Tue Feb 09 2021 Steve Kowalik <>
  - Add Obsoletes for python3-base when primary interpreter is set to
    properly replace it during upgrades. (bsc#1181324)
* Fri Feb 05 2021 Ben Greiner <>
  - Provide %have_<flavor> for all python flavors
  - Add %python3_default and %default_python3 for the primary python3
* Fri Jan 29 2021 Matej Cepl <>
  - Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
    bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
    _ctypes/callproc.c, which may lead to remote code execution.
* Tue Jan 05 2021 Matej Cepl <>
  - (bsc#1180125) We really don't Require python-rpm-macros package.
    Unnecessary dependency.
* Tue Dec 22 2020 Matej Cepl <>
  - Update to 3.8.7:
    - bugfix release
    - multiple patches realigned:
    - F00102-lib64.patch
    - SUSE-FEDORA-multilib.patch
    - bpo-31046_ensurepip_honours_prefix.patch
    - skip_random_failing_tests.patch
* Thu Dec 10 2020 Benjamin Greiner <>
  - Last try before this results in an editwar:
    * remove importlib_resources and importlib-metadata
    * import importlib_resources is not the same as
      import importlib.resources, same for metadata
    * The backport packages from PyPI needed for older flavors are
      specified as such for setuptools or in pyproject.toml. If a
      package requires them they typically add them with a python
      version qualifier and the packages have their own version
* Sat Dec 05 2020 Matej Cepl <>
  - Add patch sphinx-update-removed-function.patch to no longer call
    a now removed function and to make documentation build independent of
    the Sphinx version (bsc#1179630, gh#python/cpython#13236).
* Wed Dec 02 2020 Matej Cepl <>
  - Add importlib_resources provide/obsolete as it is integral
    part of the lang since 3.7 release
* Fri Nov 20 2020 Benjamin Greiner <>
  - The Python stdlib >= does not provide importlib_metadata or
    importlib_resources but importlib.metadata and importlib.resources.
    If a package specifically asks for importlib_*, they actually
    require the dedicated package with extended API.
* Mon Nov 09 2020 Matej Cepl <>
  - Update to 3.8.6, which contains various bug fixes including security
    fix of included pip and setuptools (bpo#41490, bsc#1176262,
    CVE-2019-20916). Full list of changes is available at
  - Revert previous patch, and readd bpo-31046_ensurepip_honours_prefix.patch.
* Fri Oct 30 2020 Matej Cepl <>
  - Replace ensurepip with simple script instructing to install
    packaged pip (bsc#1176262).
  - Remove bpo-31046_ensurepip_honours_prefix.patch, which is not
    necessary anymore.
* Fri Oct 09 2020 Dominique Leuenberger <>
  - Fix build with RPM 4.16: error: bare words are no longer
    supported, please use "...":  x86 == ppc.
* Fri Sep 25 2020 Dominique Leuenberger <>
  - Buildrequire timezone only for general flavor. It's used in this
    flavor for the test suite.
* Tue Sep 01 2020 Matej Cepl <>
  - Just cleanup and reordering items to synchronize with python39
* Mon Jul 20 2020 Callum Farmer <>
  - Update to version 3.8.5:
    - bpo-39603: Prevent http header injection by rejecting control
      characters in http.client.putrequest(…).
    - bpo-41295: Resolve a regression in CPython 3.8.4 where defining
      “__setattr__” in a multi-inheritance setup and calling up the
      hierarchy chain could fail if builtins/extension types were
      involved in the base types.
    - bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the
      C implementation raises now UnpicklingError instead of
    - bpo-39017: Avoid infinite loop when reading specially crafted
      TAR files using the tarfile module (CVE-2019-20907, bsc#1174091).
    - bpo-37703: Updated Documentation to comprehensively elaborate
      on the behaviour of gather.cancel()
    - bpo-41302: Enable building Python 3.8 with libmpdec-2.5.0 to
      ease maintenance for Linux distributions. Patch by Felix Yan.
    - bpo-41300: Save files with non-ascii chars. Fix regression
      released in 3.9.0b4 and 3.8.4.
  - This release also fixes CVE-2020-26116 (bsc#1177211).
* Fri Jul 17 2020 Tomáš Chvátal <>
  - Few minor fixes for the non-primary-interpreter option found
    in py3.9
* Wed Jul 15 2020 Callum Farmer <>
  - Minor spec file fixes
* Wed Jul 15 2020 Tomáš Chvátal <>
  - Fix minor issues found in the staging.
* Tue Jul 14 2020 Matej Cepl <>
  - Update to 3.8.4:
    - Assignment expressions (PEP-572)
    - Positional-only parameters (PEP-570)
    - Parallel filesystem cache for compiled bytecode files
    - Debug build uses the same ABI as release build
    - f-strings support = for self-documenting expressions
      and debugging
    - Python Runtime Audit Hooks (PEP-578)
    - Python Initialization Configuration (PEP-587)
    - Vectorcall: a fast calling protocol for CPython (PEP-590)
    - Pickle protocol 5 with out-of-band data buffers (PEP-574)
    - Many other smaller bug fixes
  - Removed OBS_dev-shm.patch: contained in upstream
  - Removed bpo40784-Fix-sqlite3-deterministic-test.patch:
    contained in upstream
  - Changed bpo-31046_ensurepip_honours_prefix.patch: to be
    compatible with new version
* Mon Jul 13 2020 Callum Farmer <>
  - Fix %py3_compile being incorrectly defined
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Update and regenerate
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Convert few dependencies to their pkgconfig counterparts
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Remove release requirement on libpython, it is not really needed
    to be equal as the abi changes with versions
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Add provides python3-bla on all the subpkgs in case we are
    primary provider of the functionality
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Remove unversioned files from devel subpkg too
  - Remove main python3 files from -base based whether we are
    primary interpreter or not
  - Fix idle to be co-installable
  - Add condition to be primary to provide/obsolete python3-*
  - Fix doc to build in versioned folder so the pythons can be
    installed next to each other
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Revert the full versioning of calls on the macros. These
    are generic so they should really just call python3 X
* Fri Jul 10 2020 Tomáš Chvátal <>
  - For the doc package we can build with generic flavor, we don't
    need the our-interpreter based one
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Add provides for pytohn3X-typing/etc to allow BR on those still
    to work when needed
* Fri Jul 10 2020 Tomáš Chvátal <>
  - Change macros.python3 to use full versioned 3.8 instead of just 3
    for python interpreter
* Wed Jul 01 2020 Tomáš Chvátal <>
  - Reduce some now unused conditionals
* Wed Jul 01 2020 Tomáš Chvátal <>
  - Redux the -base dependencies to match up pre-merge layout
* Wed Jul 01 2020 Tomáš Chvátal <>
  - Generate baselibs in pre-checkin too
* Wed Jul 01 2020 Tomáš Chvátal <>
  - Generate the importlib-failed using pre_checking again
  - Add back the information about skipped tests on the pre_checkin
* Tue Jun 30 2020 Tomáš Chvátal <>
  - Use %python_pkg_name instead of hardcoding python3 where
  - Sort out preamble with spec-cleaner
* Mon Jun 29 2020 Matej Cepl <>
  - Calculate required variables instead of relying on their continuous manual update
* Thu Jun 25 2020 Tomáš Chvátal <>
  - Fix the -base module build again to generate only the deps
    we need
* Wed Jun 17 2020 Matej Cepl <>
  - Replace OBS_dev-shm.patch with the upstream PR#20944
* Wed Jun 10 2020 Tomáš Chvátal <>
  - Use the %{python_pkg_name} on more places to allow easier
  - Switch to _multibuild approach for easier maintenance of this
    package. All is now in one spec file with 3 conditionals:
    * bcond_with base
    * bcond_with doc
    * bcond_with general
* Mon Jun 08 2020 Matej Cepl <>
  - add requires python3-base on libpython subpackage (bsc#1167008)
* Fri Jun 05 2020 Dirk Mueller <>
  - build against Sphinx 2.x until python is compatible with
    Sphinx 3.x (see gh#python/cpython#19397, bpo#40204)
* Fri May 29 2020 Andreas Stieger <>
  - Fix build with SQLite 3.32 (bpo#40783)
    add bpo40784-Fix-sqlite3-deterministic-test.patch
* Sun May 17 2020 Callum Farmer <>
  - Update to version 3.8.3:
    - Complete list of changes is available at,
      but most of them are just bugfixes.
    - Removed patch CVE-2020-8492-urllib-ReDoS.patch: contained in upstream
* Thu Apr 16 2020 Matej Cepl <>
  - Add #!BuildIgnore: gdk-pixbuf-loader-rsvg to python3 SPEC
* Thu Mar 26 2020 Matej Cepl <>
  - Add patch bsc1167501-invalid-alignment.patch
    (bsc#1167501, bpo#40052) to fix alignment in abstract.h header file.
* Wed Mar 11 2020 Andreas Schwab <>
  - Update list of skipped tests for qemu linux-user build, test_setegid
    (test.test_os.PosixUidGidTests) is confusing it
* Thu Mar 05 2020 Matej Cepl <>
  - Update to 3.8.2:
    - Complete list of changes is available at,
      but most of them are just bugfixes.
    - Updated patches:
    - F00102-lib64.patch
    - OBS_dev-shm.patch
    - SUSE-FEDORA-multilib.patch
    - subprocess-raise-timeout.patch
* Sat Feb 08 2020 Matej Cepl <>
  - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug
    "Python urrlib allowed an HTTP server to conduct Regular
    Expression Denial of Service (ReDoS)" (bsc#1162367)
* Sat Feb 08 2020 Matej Cepl <>
  - Add Requires: libpython%{so_version} == %{version}-%{release}
    to python3-base to keep both packages always synchronized
* Mon Feb 03 2020 Tomáš Chvátal <>
  - Do not pull in bluez in base again, explain the cycle,
    it needs to be solved by bluez maintainer for us by providing
    just the headers separately
* Mon Feb 03 2020 Tomáš Chvátal <>
  - Reame idle icons to idle3 in order to not conflict with python2
    variant of the package
    * renamed the icons
    * renamed icon load in desktop file
* Thu Jan 16 2020 Tomáš Chvátal <>
  - Add importlib_resources provide/obsolete as it is integral
    part of the lang since 3.7 release
* Mon Jan 13 2020 Martin Liška <>
  - Add -fno-semantic-interposition as it brings speed up:
* Thu Dec 19 2019 Matej Cepl <>
  - Update to 3.8.1:
    - This is mainly bugfix release and no significant changes to
      API are expected. The full changelog is available on
    - Remove bpo-38688_shutil.copytree_prevent-infinite-recursion.patch,
      which is included in the upstream tarball.
* Thu Dec 19 2019 Matej Cepl <>
  - Add bpo-31046_ensurepip_honours_prefix.patch which makes
    ensurepip to honour the value of $(prefix). Proposed fix for
* Tue Dec 10 2019 Tomáš Chvátal <>
  - Move bluez-devel dependency to base as it is needed for
    socket.AF_BLUETOOTH and otherwise does not work
* Mon Dec 02 2019 Matej Cepl <>
  - Reintroduce QtHelp with the help of the new BR
* Mon Oct 21 2019 Stefan Brüns <>
  - Fix SUSE-FEDORA-multilib.patch, the platform agnostic infix for
    library installation is "lib", not "dir".
* Thu Oct 17 2019 Stefan Brüns <>
  - Move idle subpackage build from python3-base to python3.
    appstream-glib required for packaging introduces considerable
    extra dependencies and a build loop via rust/librsvg.
  - Correct installation of idle IDE icons:
    + idle.png is not the target directory
    + non-GNOME-specific icons belong into icons/hicolor
  - Add required Name key to idle3 desktop file
* Tue Oct 15 2019 Matej Cepl <>
  - Update to the final release 3.8.0. .
    - New Features:
    - Assignment expressions
    - Positional-only parameters
    - Parallel filesystem cache for compiled bytecode files
    - Debug build uses the same ABI as release build
    - f-strings support = for self-documenting expressions and
    - PEP 578: Python Runtime Audit Hooks
    - PEP 587: Python Initialization Configuration
    - Vectorcall: a fast calling protocol for CPython
    - Pickle protocol 5 with out-of-band data buffers
    - New modules:
    - importlib.metadata
    - Improved modules:
    - ast asyncio, builtins, collections, curses, ctypes,
      datetime, functools, gc, gettext, gzip, idelib and IDLE,
      inspect, io, json.tool, math, mmap, multiprocessing, os,
      os.path, pathlib, pickle, plistlib, py_compile, shlex,
      shutil, socket, ssl, statistics, sys, tarfile, threading,
      tokenize, tkinter, time, typing, unicodedata, unittest,
      venv, weakref, xml
    - C API improvements
    - bdist_winnst command has been deprecated (use bdist_wheel)
  - remains rest of
    changes including documentation on how to port your programs to
    the current version of Python.
* Mon Oct 14 2019 Matej Cepl <>
  - Add idle3.appdata.xml and idle3.desktop (originally from
    Fedora) to make Idle3 full GUI desktop application.
* Wed Oct 09 2019 Michael Gorse <>
  - Drop intltool from BuildRequires. Doesn't appear to be used.
* Wed Oct 09 2019 Tomáš Chvátal <>
  - Add folder version to allow tarball downloads even for beta/rc
* Tue Oct 08 2019 Matej Cepl <>
  - Revert patches from Fedora (F00102-lib64.patch and
    F00251-change-user-install-location.patch) into their original
    prisitine Fedora versions, SUSE-FEDORA-multilib.patch refreshed
* Mon Oct 07 2019 Matej Cepl <>
  - Correct quotation of platsubdir in Lib/distutils/command/
* Thu Oct 03 2019 Matej Cepl <>
  - Replace python-3.6.0-multilib.patch with two patches from
    Fedora (F00102-lib64.patch and
    F00251-change-user-install-location.patch), and our own
    SUSE-FEDORA-multilib.patch to allow better cooperation with
    Fedora and better upstreaming.
  - Add OBS_dev-shm.patch fixing bpo#38377
* Thu Oct 03 2019 Tomáš Chvátal <>
  - Pull in just gettext and let solver to sort out between:
    gettext-runtime-mini and gettext-runtime
* Wed Oct 02 2019 Matej Cepl <>
  - Update to 3.8.0rc1. Overall changes from 3.7:
    - PEP 572, Assignment expressions
    - PEP 570, Positional-only arguments
    - PEP 587, Python Initialization Configuration (improved
    - PEP 590, Vectorcall: a fast calling protocol for CPython
    - PEP 578, Runtime audit hooks
    - PEP 574, Pickle protocol 5 with out-of-band data
    - Typing-related: PEP 591 (Final qualifier), PEP 586 (Literal
      types), and PEP 589 (TypedDict)
    - Parallel filesystem cache for compiled bytecode
    - Debug builds share ABI as release builds, also the 'm' ABI
      tag was removed (irrelevant since 3.4), bpo#36707
    - f-strings support a handy = specifier for debugging
    - continue is now legal in finally: blocks
    - on Windows, the default asyncio event loop is now
    - on macOS, the spawn start method is now used by default in
    - multiprocessing can now use shared memory segments to avoid
      pickling costs between processes
    - typed_ast is merged back to CPython
    - LOAD_GLOBAL is now 40% faster
    - pickle now uses Protocol 4 by default, improving performance
  - Refreshed patches:
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - python-3.6.0-multilib.patch
    - subprocess-raise-timeout.patch
* Wed Sep 25 2019 Bernhard Wiedemann <>
  - Add bpo36302-sort-module-sources.patch (boo#1041090)
* Tue Sep 10 2019 Tomáš Chvátal <>
  - Try harder obsoleting importlib-metadata
* Fri Aug 30 2019 Matej Cepl <>
  - Update to 3.8.0b4:
    Many bugfixes, full list on
* Thu Aug 29 2019 Guillaume GARDET <>
  - Re-enable test_threading on aarch64
* Sat Aug 17 2019 John Vandenberg <>
  - Remove xrpm from subpackage tk description
* Tue Aug 06 2019 Matej Cepl <>
  - Update to 3.8.0b3:
    Many bugfixes, full list on
  - Patches reapplied:
    - python-3.3.0b1-fix_date_time_compiler.patch
    - python-3.3.0b1-test-posix_fadvise.patch
    - python-3.6.0-multilib.patch
    - subprocess-raise-timeout.patch
* Tue Jul 23 2019 Matej Cepl <>
  - Add Provides: python3-importlib-metadata
* Sun Jul 07 2019 Matej Cepl <>
  - Update to 3.8.0b2:
    Many bugfixes, full list on
  - Patches included in upstream:
    - bpo-37169_PyObject_IsFreed.patch
  - Patches reapplied:
    - 00251-change-user-install-location.patch
    - distutils-reproducible-compile.patch
    - python-3.3.0b1-localpath.patch
    - python-3.6.0-multilib.patch
* Tue Jul 02 2019 Andreas Schwab <>
  - Update list of skipped tests for qemu linux-user build
  - Don't do profiling in qemu linux-user build
* Wed Jun 05 2019 Matej Cepl <>
  - Update to 3.8.0b1 (changes since 3.7.*):
    - PEP 572, Assignment expressions
    - PEP 570, Positional-only arguments
    - PEP 587, Python Initialization Configuration (improved embedding)
    - PEP 590, Vectorcall: a fast calling protocol for CPython
    - PEP 578, Runtime audit hooks
    - PEP 574, Pickle protocol 5 with out-of-band data
    - Typing-related: PEP 591 (Final qualifier), PEP 586 (Literal
      types), and PEP 589 (TypedDict)
    - Parallel filesystem cache for compiled bytecode
    - Debug builds share ABI as release builds
    - f-strings support a handy = specifier for debugging
    - continue is now legal in finally: blocks
    - multiprocessing can now use shared memory segments to avoid
      pickling costs between processes
    - typed_ast is merged back to CPython
    - LOAD_GLOBAL is now 40% faster
    - pickle now uses Protocol 4 by default, improving performance
  - Remove patches which were included in the upstream:
    - 00251-change-user-install-location.patch
    - 00316-mark-bdist_wininst-unsupported.patch
    - CVE-2019-9947-no-ctrl-char-http.patch
    - raise_SIGING_not_handled.patch
* Wed May 22 2019 Martin Liška <>
  - Set _lto_cflags to nil as the package is using LTO via --enable-lto.
    That will prevent to propage LTO for Python modules that are
    built in a separate package.
* Sat May 04 2019 Matej Cepl <>
  - Update to 3.8.0.a3:
    - PEP 572: Assignment Expressions.
    - Other (mostly small) changes are on
* Mon Apr 29 2019 Matej Cepl <>
  - bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
    Address the issue by disallowing URL paths with embedded
    whitespace or control characters through into the underlying
    http client request. Such potentially malicious header
    injection URLs now cause a ValueError to be raised.
* Wed Apr 10 2019 Matej Cepl <>
  - Fix metadata of patches.
  - Rename boo1071941-make-install-in-sep-loc.patch to
    00251-change-user-install-location.patch which is the original
    name, so it can be looked up in the Fedora VCS.
* Tue Apr 09 2019 John Vandenberg <>
  - Mark distutils bdist_wininst command unsupported
    with 00316-mark-bdist_wininst-unsupported.patch
  - Remove Windows bdist_wininst executables from runtime package
* Mon Apr 08 2019 Matej Cepl <>
  - Update to 3.7.3, which is the maintenance release without any
    significant changes in API.
    - Updated patches:
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
    - distutils-reproducible-compile.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - python-3.6.0-multilib.patch
    - raise_SIGING_not_handled.patch
* Wed Mar 20 2019 Matěj Cepl <>
  - Remove building of Qt Develop help files.
* Fri Mar 15 2019 Matej Cepl <>
  - Return distutils-reproducible-compile.patch which is still
    missing (still unfinished bpo#29708).
* Mon Feb 25 2019 Matej Cepl <>
  - Update to 3.8.0a2:
    * List of all (mostly small) changes are on
* Tue Feb 12 2019 Matej Cepl <>
  - Build nis module again.
* Tue Feb 12 2019 Matej Cepl <>
  - Update to 3.8.0a1:
    * The most visible change so far is probably the
      implementation of PEP 572: Assignment Expressions. For
      a detailed list of changes, see:
    * Recover building of nis module properly in python3 package
  - Update patches:
    * CVE-2019-5010-null-defer-x509-cert-DOS.patch
    * python-3.3.0b1-fix_date_time_compiler.patch
    * python-3.3.0b1-test-posix_fadvise.patch
    * python-3.6.0-multilib.patch
    * raise_SIGING_not_handled.patch
* Wed Jan 30 2019
  - Put LICENSE file where it belongs (bsc#1121852)
* Sat Jan 19 2019
  - bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch
    fixing bpo-35746.
    An exploitable denial-of-service vulnerability exists in the
    X509 certificate parser of Python 2.7.11 / 3.7.2.
    A specially crafted X509 certificate can cause a NULL pointer
    dereference, resulting in a denial of service. An attacker can
    initiate or accept TLS connections using crafted certificates
    to trigger this vulnerability.
* Tue Jan 08 2019 Tomáš Chvátal <>
  - Do not require full gettext in order to avoid pulling in the
    glib2 as a dependency
* Tue Jan 08 2019 Tomáš Chvátal <>
  - Update to 3.7.2:
    * bugfix release:
* Wed Jan 02 2019
  - Stop applying python-3.6.0-multilib-new.patch (which is still
    WIP), and apply the old proven python-3.6.0-multilib.patch



Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Feb 9 11:06:22 2023