Add AlmaLinux to supported distros

2026-03-24 12:34:51 +00:00 · 2026-02-05 19:41:54 +00:00 · 2026-02-02 08:09:44 +00:00 · 2025-08-26 08:47:05 +00:00 · 2025-07-01 21:58:30 +00:00 · 2024-12-05 15:53:51 +03:00
3 changed files with 20 additions and 136 deletions
--- a/SOURCES/00478-cve-2026-4519.patch
+++ b/SOURCES/00478-cve-2026-4519.patch
@ -1,123 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: tomcruiseqi <tom33qi@gmail.com>
-Date: Wed, 25 Mar 2026 02:23:45 +0800
-Subject: 00478: CVE-2026-4519
-
-Reject leading dashes in webbrowser URLs (GH-143931) (GH-146359)
-
-(cherry picked from commit 82a24a4442312bdcfc4c799885e8b3e00990f02b)
-
-Backported from Python 3.10: ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5
-
-Co-authored-by: Seth Michael Larson <seth@python.org>
---
- Lib/test/test_webbrowser.py                        |  5 +++++
- Lib/webbrowser.py                                  | 14 ++++++++++++++
- .../2026-01-16-12-04-49.gh-issue-143930.zYC5x3.rst |  1 +
- 3 files changed, 20 insertions(+)
- create mode 100644 Misc/NEWS.d/next/Security/2026-01-16-12-04-49.gh-issue-143930.zYC5x3.rst
-
-diff --git a/Lib/test/test_webbrowser.py b/Lib/test/test_webbrowser.py
-index 7cbb8d0a29..ec4ba2f7ac 100644
--- a/Lib/test/test_webbrowser.py
-+++ b/Lib/test/test_webbrowser.py
-@@ -53,6 +53,11 @@ class GenericBrowserCommandTest(CommandTestMixin, unittest.TestCase):
-                    options=[],
-                    arguments=[URL])
- 
-+    def test_reject_dash_prefixes(self):
-+        browser = self.browser_class(name=CMD_NAME)
-+        with self.assertRaises(ValueError):
-+            browser.open(f"--key=val {URL}")
-+
- 
- class BackgroundBrowserCommandTest(CommandTestMixin, unittest.TestCase):
- 
-diff --git a/Lib/webbrowser.py b/Lib/webbrowser.py
-index 1a553f0e65..f00f1a712a 100755
--- a/Lib/webbrowser.py
-+++ b/Lib/webbrowser.py
-@@ -120,6 +120,12 @@ class BaseBrowser(object):
-     def open_new_tab(self, url):
-         return self.open(url, 2)
- 
-+    @staticmethod
-+    def _check_url(url):
-+        """Ensures that the URL is safe to pass to subprocesses as a parameter"""
-+        if url and url.lstrip().startswith("-"):
-+            raise ValueError(f"Invalid URL: {url}")
-+
- 
- class GenericBrowser(BaseBrowser):
-     """Class for all browsers started with a command
-@@ -136,6 +142,7 @@ class GenericBrowser(BaseBrowser):
-         self.basename = os.path.basename(self.name)
- 
-     def open(self, url, new=0, autoraise=True):
-+        self._check_url(url)
-         cmdline = [self.name] + [arg.replace("%s", url)
-                                  for arg in self.args]
-         try:
-@@ -153,6 +160,7 @@ class BackgroundBrowser(GenericBrowser):
-        background."""
- 
-     def open(self, url, new=0, autoraise=True):
-+        self._check_url(url)
-         cmdline = [self.name] + [arg.replace("%s", url)
-                                  for arg in self.args]
-         try:
-@@ -219,6 +227,7 @@ class UnixBrowser(BaseBrowser):
-             return not p.wait()
- 
-     def open(self, url, new=0, autoraise=True):
-+        self._check_url(url)
-         if new == 0:
-             action = self.remote_action
-         elif new == 1:
-@@ -319,6 +328,7 @@ class Konqueror(BaseBrowser):
-     """
- 
-     def open(self, url, new=0, autoraise=True):
-+        self._check_url(url)
-         # XXX Currently I know no way to prevent KFM from opening a new win.
-         if new == 2:
-             action = "newTab"
-@@ -402,6 +412,7 @@ class Grail(BaseBrowser):
-         return 1
- 
-     def open(self, url, new=0, autoraise=True):
-+        self._check_url(url)
-         if new:
-             ok = self._remote("LOADNEW " + url)
-         else:
-@@ -508,6 +519,7 @@ if os.environ.get("TERM"):
- if sys.platform[:3] == "win":
-     class WindowsDefault(BaseBrowser):
-         def open(self, url, new=0, autoraise=True):
-+            self._check_url(url)
-             try:
-                 os.startfile(url)
-             except OSError:
-@@ -551,6 +563,7 @@ if sys.platform == 'darwin':
-             self.name = name
- 
-         def open(self, url, new=0, autoraise=True):
-+            self._check_url(url)
-             assert "'" not in url
-             # hack for local urls
-             if not ':' in url:
-@@ -588,6 +601,7 @@ if sys.platform == 'darwin':
-             self._name = name
- 
-         def open(self, url, new=0, autoraise=True):
-+            self._check_url(url)
-             if self._name == 'default':
-                 script = 'open location "%s"' % url.replace('"', '%22') # opens in default browser
-             else:
-diff --git a/Misc/NEWS.d/next/Security/2026-01-16-12-04-49.gh-issue-143930.zYC5x3.rst b/Misc/NEWS.d/next/Security/2026-01-16-12-04-49.gh-issue-143930.zYC5x3.rst
-new file mode 100644
-index 0000000000..0f27eae99a
--- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2026-01-16-12-04-49.gh-issue-143930.zYC5x3.rst
-@@ -0,0 +1 @@
-+Reject leading dashes in URLs passed to :func:`webbrowser.open`
--- a/SOURCES/python-3.6-almalinux_support.patch
+++ b/SOURCES/python-3.6-almalinux_support.patch
@ -0,0 +1,12 @@
+diff -Naur Python-3.6.8.orig/Lib/platform.py Python-3.6.8.almalinux/Lib/platform.py
+--- Python-3.6.8.orig/Lib/platform.py	2018-12-24 00:37:14.000000000 +0300
+++ Python-3.6.8.almalinux/Lib/platform.py	2021-03-09 11:46:50.252385459 +0300
+@@ -297,7 +297,7 @@
+ # and http://www.die.net/doc/linux/man/man1/lsb_release.1.html
+ 
+ _supported_dists = (
+-    'SuSE', 'debian', 'fedora', 'redhat', 'centos',
+    'SuSE', 'debian', 'fedora', 'redhat', 'centos', 'almalinux',
+     'mandrake', 'mandriva', 'rocks', 'slackware', 'yellowdog', 'gentoo',
+     'UnitedLinux', 'turbolinux', 'arch', 'mageia')
+ 
--- a/SPECS/python3.spec
+++ b/SPECS/python3.spec
@ -14,7 +14,7 @@ URL: https://www.python.org/
 #  WARNING  When rebasing to a new Python version,
 #           remember to update the python3-docs package as well
 Version: %{pybasever}.8
-Release: 75%{?dist}
+Release: 74%{?dist}.alma.1
 License: Python


@ -992,14 +992,8 @@ Patch475: 00475-cve-2025-15367.patch
 # (cherry-picked from commit 45b2f8893c1b7ab3b3981a966f82e42beea82106)
 Patch476: 00476-cve-2026-1299.patch

-# 00478 #
-# CVE-2026-4519
-#
-# Reject leading dashes in webbrowser URLs (GH-143931) (GH-146359)
-#
-#
-# Backported from Python 3.10: ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5
-Patch478: 00478-cve-2026-4519.patch
+# AlmaLinux Patch
+Patch1000: python-3.6-almalinux_support.patch

 # (New patches go here ^^^)
 #
@ -1378,7 +1372,9 @@ GIT_DIR=$PWD git apply %{PATCH351}
 %patch474 -p1
 %patch475 -p1
 %patch476 -p1
-%patch478 -p1
+
+# Applying AlmaLinux Patch
+%patch1000 -p1 -b .python-36-almalinux_support

 # Remove files that should be generated by the build
 # (This is after patching, so that we can use patches directly from upstream)
@ -2310,9 +2306,8 @@ fi
 # ======================================================

 %changelog
-* Thu Mar 26 2026 Lumír Balhar <lbalhar@redhat.com> - 3.6.8-75
- Security fix for CVE-2026-4519
-Resolves: RHEL-158077
+* Tue Mar 24 2026 Eduard Abdullin <eabdullin@almalinux.org> - 3.6.8-74.alma.1
+- Add AlmaLinux to supported distros

 * Fri Mar 06 2026 Lumír Balhar <lbalhar@redhat.com> - 3.6.8-74
 - Security fix for CVE-2025-0938
Author	SHA1	Message	Date
Eduard Abdullin	f42838d6fc	Add AlmaLinux to supported distros	2026-03-24 12:34:51 +00:00
Eduard Abdullin	57b76f6e6f	Add AlmaLinux to supported distros	2026-02-05 19:41:54 +00:00
Eduard Abdullin	abc701df16	Add AlmaLinux to supported distros	2026-02-02 08:09:44 +00:00
Eduard Abdullin	a71ef53091	Add AlmaLinux to supported distros	2025-08-26 08:47:05 +00:00
Eduard Abdullin	570ec9d800	Add AlmaLinux to supported distros	2025-07-01 21:58:30 +00:00
eabdullin	bd6971bee7	Merge branch 'c8' into a8	2024-12-05 15:53:51 +03:00
eabdullin	8d3d925919	Merge branch 'c8' into a8	2024-09-24 14:26:35 +03:00
eabdullin	bdbf48b9b5	Merge branch 'c8' into a8	2024-05-23 18:21:31 +03:00
eabdullin	f3cf09f99c	Merge branch 'c8' into a8	2024-01-16 13:37:58 +03:00
eabdullin	17a8498e33	Merge tag 'imports/c8/python3-3.6.8-56.el8_9.2' into a8	2024-01-16 13:36:51 +03:00
eabdullin	9e83f4dfcf	Merge branch 'c8' into a8	2023-11-17 10:29:27 +03:00
Andrew Lukoshko	bd2db93423	Merge branch 'c8' into a8	2023-10-24 18:37:21 +00:00
Andrew Lukoshko	c89b6ec208	Merge branch 'c8' into a8	2023-06-22 10:27:36 +00:00
eabdullin	18cf2f85c2	Merge branch 'c8' into a8	2023-05-17 02:59:04 +00:00
Andrew Lukoshko	7b5facad40	Fix Release	2023-02-21 20:21:33 +00:00
eabdullin	5cfeb69b84	Merge branch 'c8' into a8	2023-02-21 08:47:54 +00:00
eabdullin	4d68a8f267	Merge branch 'c8' into a8	2022-11-08 14:38:53 +00:00
eabdullin	3b658081cd	Merge branch 'c8' into a8	2022-09-13 09:52:58 +00:00
eabdullin	64c6635563	Merge branch 'c8' into a8	2022-05-10 11:35:50 +00:00
eabdullin	35ba6d59a5	Almalinux changes	2021-12-29 11:42:02 +03:00
Andrew Lukoshko	3714d7eba9	AlmaLinux changes	2021-09-15 11:30:41 +00:00