rpms/python3.12
13
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI python3.12-3.12.10-1.el8_10

Browse Source
This commit is contained in:
eabdullin 2025-06-03 01:34:50 +00:00
parent ffc26bbcba
commit 365a6e9cca
7 changed files with 42 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/Python-3.12.8.tar.xz
SOURCES/Python-3.12.10.tar.xz

2
.python3.12.metadata
View File

@ -1 +1 @@
8872c7a124c6970833e0bde4f25d6d7d61c6af6e SOURCES/Python-3.12.8.tar.xz
7dbdb09971278d93d387f2e045ee04c83d9f7bfa SOURCES/Python-3.12.10.tar.xz

6
SOURCES/00251-change-user-install-location.patch
View File

@ -51,7 +51,7 @@ index aed254ad50..568dbdb945 100644
if os.path.isdir(sitedir):
addsitedir(sitedir, known_paths)
diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py
index 517b13acaf..928d1a0541 100644
index acc8d4d182..6355669f62 100644
--- a/Lib/sysconfig.py
+++ b/Lib/sysconfig.py
@@ -104,6 +104,11 @@
@ -86,7 +86,7 @@ index 517b13acaf..928d1a0541 100644
_SCHEME_KEYS = ('stdlib', 'platstdlib', 'purelib', 'platlib', 'include',
'scripts', 'data')
@@ -261,11 +279,40 @@ def _extend_dict(target_dict, other_dict):
@@ -268,11 +286,40 @@ def _extend_dict(target_dict, other_dict):
target_dict[key] = value
@ -129,7 +129,7 @@ index 517b13acaf..928d1a0541 100644
# On Windows we want to substitute 'lib' for schemes rather
# than the native value (without modifying vars, in case it
diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py
index 3468d0ce02..ff31010427 100644
index 67647e1b78..7baddaa9d6 100644
--- a/Lib/test/test_sysconfig.py
+++ b/Lib/test/test_sysconfig.py
@@ -119,8 +119,19 @@ def test_get_path(self):

62
SOURCES/00445-cve-2024-12254-ensure-_selectorsockettransport-writelines-pauses-the-protocol-if-needed.patch
View File

@ -1,62 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Fri, 6 Dec 2024 06:12:40 +0100
Subject: [PATCH] 00445: CVE-2024-12254: Ensure
_SelectorSocketTransport.writelines pauses the protocol if needed
Ensure _SelectorSocketTransport.writelines pauses the protocol if it reaches the high water mark as needed.
Resolved upstream: https://github.com/python/cpython/issues/127655
Co-authored-by: J. Nick Koston <nick@koston.org>
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
---
Lib/asyncio/selector_events.py | 1 +
Lib/test/test_asyncio/test_selector_events.py | 12 ++++++++++++
.../2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst | 1 +
3 files changed, 14 insertions(+)
create mode 100644 Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst
diff --git a/Lib/asyncio/selector_events.py b/Lib/asyncio/selector_events.py
index 790711f834..dd79ad18df 100644
--- a/Lib/asyncio/selector_events.py
+++ b/Lib/asyncio/selector_events.py
@@ -1183,6 +1183,7 @@ def writelines(self, list_of_data):
# If the entire buffer couldn't be written, register a write handler
if self._buffer:
self._loop._add_writer(self._sock_fd, self._write_ready)
+ self._maybe_pause_protocol()
def can_write_eof(self):
return True
diff --git a/Lib/test/test_asyncio/test_selector_events.py b/Lib/test/test_asyncio/test_selector_events.py
index 47693ea4d3..736c19796e 100644
--- a/Lib/test/test_asyncio/test_selector_events.py
+++ b/Lib/test/test_asyncio/test_selector_events.py
@@ -805,6 +805,18 @@ def test_writelines_send_partial(self):
self.assertTrue(self.sock.send.called)
self.assertTrue(self.loop.writers)
+ def test_writelines_pauses_protocol(self):
+ data = memoryview(b'data')
+ self.sock.send.return_value = 2
+ self.sock.send.fileno.return_value = 7
+
+ transport = self.socket_transport()
+ transport._high_water = 1
+ transport.writelines([data])
+ self.assertTrue(self.protocol.pause_writing.called)
+ self.assertTrue(self.sock.send.called)
+ self.assertTrue(self.loop.writers)
+
@unittest.skipUnless(selector_events._HAS_SENDMSG, 'no sendmsg')
def test_write_sendmsg_full(self):
data = memoryview(b'data')
diff --git a/Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst b/Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst
new file mode 100644
index 0000000000..76cfc58121
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2024-12-05-21-35-19.gh-issue-127655.xpPoOf.rst
@@ -0,0 +1 @@
+Fixed the :class:`!asyncio.selector_events._SelectorSocketTransport` transport not pausing writes for the protocol when the buffer reaches the high water mark when using :meth:`asyncio.WriteTransport.writelines`.

18
SOURCES/Python-3.12.10.tar.xz.asc Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmf1EjJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwXAwBAAncWm4sMrSvGW4bgyp7bHE0CeaA9ErIq55CmHfigrlxPKQUYVlzj38N7H
MVlpmqZSQ8wqDFy3gN0QeCXBGapxgO2dEcrgy5HxvtktXge25j1f7LvVraSFB9/F
DrOCZr54gVrE/r0242f1JmJQ1BDeMDSUbEYE6fd0xqWYCZ2xpzvYmQG/+6jD5FFC
UE6PYxJlq+rfSawj974//BDhrY4hZ3g0xxyiyhfXBBYMhZO3OzCckrAD5zZOQfNE
y/JK94nVWXLU/Lx3R+L7TvJgJ3ej4ggq5LRwrn09GU5jExwyITh4yUO7i56vbmvx
EtOobQC0RVz/xrsciJ4Gn3zByaO0XPjrGaCOU53nCsNlfJcBQhj2UQpum8CL9S9C
BJPCV4jL+Mo8EL91cJTyX4LqFoAXayMwPS0HKVOvYn33+pmVNe+duY/UjUpG50kw
jdsHbKAthh8QbSIO0VPk4eH3pVEQ3O9aG+3r/puGjPRWG8CMyLbQUVmlj4Sh3/Kh
vh7ydOjzJeuIUhAmFOLLqYG4mah71q1yBXx9jhyxzQSwvyoQaQwgpA+Yn+yB1bXy
ttxp2r4fS0ZvGYB44C1WrAxeKRI+J1z19i1IYMc2bV6SfSBoU9AaJqh2o4dMHHUS
F3Ko4UTyjU4bTfI18dCs2OgUEED6BAe5cs3ZyqDm3zL4fGIgNXs=
=k0VQ
-----END PGP SIGNATURE-----

18
SOURCES/Python-3.12.8.tar.xz.asc
View File

@ -1,18 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmdPZepfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
YwV2vQ//enP0FhpesVqbIf52CDqRUxRmO29bgW+a4wvRMMcGhMwVhDYKBSXwpI1O
FJDm6y16mjfgVDJ17aU15+NUGqEDEcDj/59LUgOBkbgGkhhi7qPvqG+8YJoTJtFr
0N3dcYwMSJQmN+y+xAWWHhc576KSkASqTG5OcS/n6yTG+zjFkN2Iznp0INQZpSt2
44YocvRIK0vozabd47JCx5w/txE3nYtsl6nG5VTMeavbWYzgFBJhVSyykLSJxlyU
mJgL0DMspjsUH2ZeYkHqqnuEZkogwJfI3eL2Z4BdVb96hh/s/L4UaSa3GI1a2Tdf
c6UJLGWTqaFFcohIVrGhgckAQRrit7AZCBb/FwTsDXahxau7ECLNpgcRQCWgAXlN
l7SSQkI2snUs5c+mCuBspDvBVxhAWq1VUelkPurQymR/ajGywwXgdGQwmq7BO+Wr
E7fChlwTKLFkQorrzKw7FoL674gTolCHoO/XTDmCNIkEblykSl9mz9FnI2q1C0id
Q+rM1rGo2ubJhthvpKdA5jDpzK6tPqG2xNgV6+xhXl4Bg7w4dhEKIu1vKH4RRBgR
GTf9LSlJMdaDIyWbbuMFpthCrhnmXbK0qe4whQRtip/TB+1qjl1e5gB0kULujApj
RbtxbR50cCDmocM6nae2P1tq0s3jaSs/VemiptexdTilGcm3088=
=2KVU
-----END PGP SIGNATURE-----

37
SPECS/python3.12.spec
View File

@ -16,7 +16,7 @@ URL: https://www.python.org/
# WARNING When rebasing to a new Python version,
# remember to update the python3-docs package as well
%global general_version %{pybasever}.8
%global general_version %{pybasever}.10
#global prerel ...
%global upstream_version %{general_version}%{?prerel}
Version: %{general_version}%{?prerel:~%{prerel}}
@ -65,28 +65,28 @@ License: Python-2.0.1
# If the rpmwheels condition is disabled, we use the bundled wheel packages
# from Python with the versions below.
# This needs to be manually updated when we update Python.
%global pip_version 24.3.1
%global pip_version 25.0.1
%global setuptools_version 67.6.1
%global wheel_version 0.40.0
# All of those also include a list of indirect bundled libs:
# pip
# $ %%{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/ensurepip/_bundled/pip-*.whl pip/_vendor/vendor.txt)
%global pip_bundled_provides %{expand:
Provides: bundled(python3dist(cachecontrol)) = 0.14
Provides: bundled(python3dist(cachecontrol)) = 0.14.1
Provides: bundled(python3dist(certifi)) = 2024.8.30
Provides: bundled(python3dist(distlib)) = 0.3.9
Provides: bundled(python3dist(distro)) = 1.9
Provides: bundled(python3dist(idna)) = 3.7
Provides: bundled(python3dist(msgpack)) = 1.0.8
Provides: bundled(python3dist(packaging)) = 24.1
Provides: bundled(python3dist(platformdirs)) = 4.2.2
Provides: bundled(python3dist(idna)) = 3.10
Provides: bundled(python3dist(msgpack)) = 1.1
Provides: bundled(python3dist(packaging)) = 24.2
Provides: bundled(python3dist(platformdirs)) = 4.3.6
Provides: bundled(python3dist(pygments)) = 2.18
Provides: bundled(python3dist(pyproject-hooks)) = 1
Provides: bundled(python3dist(pyproject-hooks)) = 1.2
Provides: bundled(python3dist(requests)) = 2.32.3
Provides: bundled(python3dist(resolvelib)) = 1.0.1
Provides: bundled(python3dist(rich)) = 13.7.1
Provides: bundled(python3dist(rich)) = 13.9.4
Provides: bundled(python3dist(setuptools)) = 70.3
Provides: bundled(python3dist(tomli)) = 2.0.1
Provides: bundled(python3dist(tomli)) = 2.2.1
Provides: bundled(python3dist(truststore)) = 0.10
Provides: bundled(python3dist(typing-extensions)) = 4.12.2
Provides: bundled(python3dist(urllib3)) = 1.26.20
@ -389,14 +389,6 @@ Patch397: 00397-tarfile-filter.patch
# CVE-2023-52425. Future versions of Expat may be more reactive.
Patch422: 00422-fix-tests-for-xmlpullparser-with-expat-2-6-0.patch
# 00445 # d1a32daddefad32ceb93155552858c0a0311b23e
# CVE-2024-12254: Ensure _SelectorSocketTransport.writelines pauses the protocol if needed
#
# Ensure _SelectorSocketTransport.writelines pauses the protocol if it reaches the high water mark as needed.
#
# Resolved upstream: https://github.com/python/cpython/issues/127655
Patch445: 00445-cve-2024-12254-ensure-_selectorsockettransport-writelines-pauses-the-protocol-if-needed.patch
# (New patches go here ^^^)
#
# When adding new patches to "python" and "python3" in Fedora, EL, etc.,
@ -1887,6 +1879,15 @@ fi
# ======================================================
%changelog
* Wed Apr 09 2025 Miro Hrončok <mhroncok@redhat.com> - 3.12.10-1
- Update to 3.12.10
Resolves: RHEL-86888
* Tue Feb 04 2025 Charalampos Stratakis <cstratak@redhat.com> - 3.12.9-1
- Update to 3.12.9
- Security fix for CVE-2025-0938
Related: RHEL-86888
* Tue Dec 03 2024 Charalampos Stratakis <cstratak@redhat.com> - 3.12.8-1
- Update to 3.12.8
- Security fix for CVE-2024-9287 and CVE-2024-12254