From 03858092b0d4db7db13174fb107f97160cdd0090 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Mon, 21 Mar 2022 16:43:35 +0800 Subject: [PATCH 1/2] python3: Update to 3.10.3, refresh patches Includes fixes for: * Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and CVE-2019-12900 * CVE-2022-26488: Escalation of privilege via Windows Installer Signed-off-by: Jeffery To (cherry picked from commit bed8dc2132ebce2b95d9271a61e5b928160937fb) --- lang/python/python3-version.mk | 4 ++-- lang/python/python3/Makefile | 2 +- ...ot-add-multiarch-paths-when-cross-compiling.patch | 2 +- .../patches/014-remove-platform-so-suffix.patch | 4 ++-- .../python3/patches/016-adjust-config-paths.patch | 4 ++-- .../028-host-python-support-ssl-with-libressl.patch | 12 ++++++------ 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/lang/python/python3-version.mk b/lang/python/python3-version.mk index 412ec34e1..7ed902147 100644 --- a/lang/python/python3-version.mk +++ b/lang/python/python3-version.mk @@ -8,7 +8,7 @@ # Note: keep in sync with setuptools & pip PYTHON3_VERSION_MAJOR:=3 PYTHON3_VERSION_MINOR:=10 -PYTHON3_VERSION_MICRO:=2 +PYTHON3_VERSION_MICRO:=3 PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR) @@ -16,4 +16,4 @@ PYTHON3_SETUPTOOLS_PKG_RELEASE:=1 PYTHON3_PIP_PKG_RELEASE:=1 PYTHON3_SETUPTOOLS_VERSION:=58.1.0 -PYTHON3_PIP_VERSION:=21.2.4 +PYTHON3_PIP_VERSION:=22.0.4 diff --git a/lang/python/python3/Makefile b/lang/python/python3/Makefile index 50b84b10e..ece5faaa4 100644 --- a/lang/python/python3/Makefile +++ b/lang/python/python3/Makefile @@ -16,7 +16,7 @@ PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO) PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION) -PKG_HASH:=17de3ac7da9f2519aa9d64378c603a73a0e9ad58dffa8812e45160c086de64c7 +PKG_HASH:=596c72de998dc39205bc4f70ef0dbf7edec740a306d09b49a9bd0a77806730dc PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=PSF-2.0 diff --git a/lang/python/python3/patches/006-do-not-add-multiarch-paths-when-cross-compiling.patch b/lang/python/python3/patches/006-do-not-add-multiarch-paths-when-cross-compiling.patch index 128a9ba63..18ec0de72 100644 --- a/lang/python/python3/patches/006-do-not-add-multiarch-paths-when-cross-compiling.patch +++ b/lang/python/python3/patches/006-do-not-add-multiarch-paths-when-cross-compiling.patch @@ -1,6 +1,6 @@ --- a/setup.py +++ b/setup.py -@@ -830,7 +830,8 @@ class PyBuildExt(build_ext): +@@ -832,7 +832,8 @@ class PyBuildExt(build_ext): # only change this for cross builds for 3.3, issues on Mageia if CROSS_COMPILING: self.add_cross_compiling_paths() diff --git a/lang/python/python3/patches/014-remove-platform-so-suffix.patch b/lang/python/python3/patches/014-remove-platform-so-suffix.patch index 8b2b74a8e..fc3aadbfc 100644 --- a/lang/python/python3/patches/014-remove-platform-so-suffix.patch +++ b/lang/python/python3/patches/014-remove-platform-so-suffix.patch @@ -1,6 +1,6 @@ --- a/configure +++ b/configure -@@ -15649,7 +15649,7 @@ $as_echo_n "checking ABIFLAGS... " >&6; +@@ -15616,7 +15616,7 @@ $as_echo_n "checking ABIFLAGS... " >&6; $as_echo "$ABIFLAGS" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking SOABI" >&5 $as_echo_n "checking SOABI... " >&6; } @@ -11,7 +11,7 @@ --- a/configure.ac +++ b/configure.ac -@@ -4825,7 +4825,7 @@ AC_SUBST(SOABI) +@@ -4824,7 +4824,7 @@ AC_SUBST(SOABI) AC_MSG_CHECKING(ABIFLAGS) AC_MSG_RESULT($ABIFLAGS) AC_MSG_CHECKING(SOABI) diff --git a/lang/python/python3/patches/016-adjust-config-paths.patch b/lang/python/python3/patches/016-adjust-config-paths.patch index 2c9699844..641661f5c 100644 --- a/lang/python/python3/patches/016-adjust-config-paths.patch +++ b/lang/python/python3/patches/016-adjust-config-paths.patch @@ -39,7 +39,7 @@ fi elif test "$cross_compiling" = maybe; then as_fn_error $? "Cross compiling required --host=HOST-TUPLE and --build=ARCH" "$LINENO" 5 -@@ -15719,7 +15719,7 @@ fi +@@ -15686,7 +15686,7 @@ fi @@ -59,7 +59,7 @@ fi elif test "$cross_compiling" = maybe; then AC_MSG_ERROR([Cross compiling required --host=HOST-TUPLE and --build=ARCH]) -@@ -4883,7 +4883,7 @@ fi], +@@ -4882,7 +4882,7 @@ fi], dnl define LIBPL after ABIFLAGS and LDVERSION is defined. AC_SUBST(PY_ENABLE_SHARED) diff --git a/lang/python/python3/patches/028-host-python-support-ssl-with-libressl.patch b/lang/python/python3/patches/028-host-python-support-ssl-with-libressl.patch index 759b66292..a831735bd 100644 --- a/lang/python/python3/patches/028-host-python-support-ssl-with-libressl.patch +++ b/lang/python/python3/patches/028-host-python-support-ssl-with-libressl.patch @@ -30,7 +30,7 @@ /* Cached module state, also used in SSLSocket and SSLSession code. */ _sslmodulestate *state; } PySSLContext; -@@ -2346,8 +2359,14 @@ _ssl__SSLSocket_write_impl(PySSLSocket * +@@ -2358,8 +2371,14 @@ _ssl__SSLSocket_write_impl(PySSLSocket * do { PySSL_BEGIN_ALLOW_THREADS @@ -45,7 +45,7 @@ PySSL_END_ALLOW_THREADS self->err = err; -@@ -2498,8 +2517,14 @@ _ssl__SSLSocket_read_impl(PySSLSocket *s +@@ -2510,8 +2529,14 @@ _ssl__SSLSocket_read_impl(PySSLSocket *s do { PySSL_BEGIN_ALLOW_THREADS @@ -60,7 +60,7 @@ PySSL_END_ALLOW_THREADS self->err = err; -@@ -3062,8 +3087,10 @@ _ssl__SSLContext_impl(PyTypeObject *type +@@ -3074,8 +3099,10 @@ _ssl__SSLContext_impl(PyTypeObject *type self->hostflags = X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; self->protocol = proto_version; self->msg_cb = NULL; @@ -71,7 +71,7 @@ self->alpn_protocols = NULL; self->set_sni_cb = NULL; self->state = get_ssl_state(module); -@@ -3187,6 +3214,7 @@ context_clear(PySSLContext *self) +@@ -3199,6 +3226,7 @@ context_clear(PySSLContext *self) { Py_CLEAR(self->set_sni_cb); Py_CLEAR(self->msg_cb); @@ -79,7 +79,7 @@ Py_CLEAR(self->keylog_filename); if (self->keylog_bio != NULL) { PySSL_BEGIN_ALLOW_THREADS -@@ -3194,6 +3222,7 @@ context_clear(PySSLContext *self) +@@ -3206,6 +3234,7 @@ context_clear(PySSLContext *self) PySSL_END_ALLOW_THREADS self->keylog_bio = NULL; } @@ -87,7 +87,7 @@ return 0; } -@@ -4603,8 +4632,10 @@ static PyGetSetDef context_getsetlist[] +@@ -4615,8 +4644,10 @@ static PyGetSetDef context_getsetlist[] (setter) set_minimum_version, NULL}, {"maximum_version", (getter) get_maximum_version, (setter) set_maximum_version, NULL}, From 4fdf1438e2506818f9e0f1e17c1b203c70a2f6ef Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Mon, 28 Mar 2022 01:41:24 +0800 Subject: [PATCH 2/2] python3: Update to 3.10.4 Signed-off-by: Jeffery To (cherry picked from commit d0efe27a8c35b5580304838548542e9aaf344ac5) --- lang/python/python3-version.mk | 2 +- lang/python/python3/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/python/python3-version.mk b/lang/python/python3-version.mk index 7ed902147..cee6f7150 100644 --- a/lang/python/python3-version.mk +++ b/lang/python/python3-version.mk @@ -8,7 +8,7 @@ # Note: keep in sync with setuptools & pip PYTHON3_VERSION_MAJOR:=3 PYTHON3_VERSION_MINOR:=10 -PYTHON3_VERSION_MICRO:=3 +PYTHON3_VERSION_MICRO:=4 PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR) diff --git a/lang/python/python3/Makefile b/lang/python/python3/Makefile index ece5faaa4..8096e8e5a 100644 --- a/lang/python/python3/Makefile +++ b/lang/python/python3/Makefile @@ -16,7 +16,7 @@ PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO) PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION) -PKG_HASH:=596c72de998dc39205bc4f70ef0dbf7edec740a306d09b49a9bd0a77806730dc +PKG_HASH:=80bf925f571da436b35210886cf79f6eb5fa5d6c571316b73568343451f77a19 PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=PSF-2.0